urlscan.io logo urlscan.io
SecurityTrails logo

torontosun.com Open in urlscan Pro
34.111.249.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://torontosun.com/
Effective URL: https://torontosun.com/
Submission: On January 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 120 IPs in 8 countries across 75 domains to perform 505 HTTP transactions. The main IP is 34.111.249.109, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is torontosun.com. The Cisco Umbrella rank of the primary domain is 450573.
TLS certificate: Issued by GTS CA 1D4 on December 26th 2023. Valid for: 3 months.
This is the only time torontosun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 34.111.249.109 396982 (GOOGLE-CL...)
52 34.149.157.221 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 18.239.69.131 16509 (AMAZON-02)
2 23.197.120.249 16625 (AKAMAI-AS)
1 13.32.27.98 16509 (AMAZON-02)
29 34.117.54.29 396982 (GOOGLE-CL...)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 18.165.201.79 16509 (AMAZON-02)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
16 22 2600:9000:238... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
5 13.107.6.158 8068 (MICROSOFT...)
23 2a04:4e42:200... 54113 (FASTLY)
1 5 13.32.99.105 16509 (AMAZON-02)
20 151.101.65.44 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 99.86.4.128 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2.23.78.67 16625 (AKAMAI-AS)
1 35.241.9.51 396982 (GOOGLE-CL...)
1 6 37.252.173.215 29990 (ASN-APPNEX)
1 4 2a02:2638:3::c 44788 (ASN-CRITE...)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:e6:... 13335 (CLOUDFLAR...)
2 54.70.81.85 16509 (AMAZON-02)
1 18.66.96.174 16509 (AMAZON-02)
1 104.18.35.167 13335 (CLOUDFLAR...)
9 34.107.254.252 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
36 52.28.203.152 16509 (AMAZON-02)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 2602:803:c003... 26667 (RUBICONPR...)
1 52.213.254.91 16509 (AMAZON-02)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 35.186.253.211 15169 (GOOGLE)
1 34.120.63.153 396982 (GOOGLE-CL...)
2 16 104.18.36.155 13335 (CLOUDFLAR...)
17 3.65.234.7 16509 (AMAZON-02)
2 99.83.154.140 16509 (AMAZON-02)
2 35.244.193.51 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 141.226.228.48 200478 (TABOOLA-AS)
2 151.101.129.44 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
4 18.185.12.185 16509 (AMAZON-02)
1 152.199.22.243 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:600... 54113 (FASTLY)
1 69.173.144.137 26667 (RUBICONPR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 52.223.40.198 16509 (AMAZON-02)
3 2a05:d018:d29... 16509 (AMAZON-02)
1 3.75.62.37 16509 (AMAZON-02)
24 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
2 18.196.198.248 16509 (AMAZON-02)
3 2600:9000:249... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2600:9000:20a... 16509 (AMAZON-02)
17 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
3 2600:1f18:44f... 14618 (AMAZON-AES)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a04:4e42::645 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 34.239.37.162 14618 (AMAZON-AES)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2.19.244.232 16625 (AKAMAI-AS)
1 77.245.57.72 36057 (WEBAIR-IN...)
3 2001:4860:480... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 65.9.66.74 16509 (AMAZON-02)
1 65.9.61.60 16509 (AMAZON-02)
4 4 142.250.186.66 15169 (GOOGLE)
1 23.35.237.75 16625 (AKAMAI-AS)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
4 184.30.22.30 16625 (AKAMAI-AS)
4 172.64.149.180 13335 (CLOUDFLAR...)
2 13.227.219.71 16509 (AMAZON-02)
1 143.204.98.87 16509 (AMAZON-02)
1 63.34.81.234 16509 (AMAZON-02)
2 185.64.190.78 62713 (AS-PUBMATIC)
3 2a04:4e42:200... 54113 (FASTLY)
4 162.19.30.128 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
3 167.235.124.59 24940 (HETZNER-AS)
2 69.173.144.165 26667 (RUBICONPR...)
1 2 52.46.130.91 16509 (AMAZON-02)
3 3 34.225.109.145 14618 (AMAZON-AES)
1 178.250.1.9 44788 (ASN-CRITE...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 34.160.19.107 396982 (GOOGLE-CL...)
1 1 35.208.249.213 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
2 142.250.186.162 15169 (GOOGLE)
1 52.222.139.21 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 57.128.96.92 16276 (OVH)
1 141.226.224.32 200478 (TABOOLA-AS)
1 35.168.44.110 14618 (AMAZON-AES)
1 2600:1f14:b4f... 16509 (AMAZON-02)
2 3.93.133.145 14618 (AMAZON-AES)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
3 2600:9000:20a... 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.129.108 54113 (FASTLY)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 184.30.20.22 16625 (AKAMAI-AS)
2 3.121.73.54 16509 (AMAZON-02)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 52.18.42.196 16509 (AMAZON-02)
2 2 52.57.164.72 16509 (AMAZON-02)
1 1 54.210.107.216 14618 (AMAZON-AES)
2 2 151.101.130.49 54113 (FASTLY)
1 1 193.0.160.130 54312 (ROCKETFUEL)
505 120
3    34.111.249.109 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.249.111.34.bc.googleusercontent.com
torontosun.com
52    34.149.157.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    18.239.69.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-131.ams58.r.cloudfront.net
c.amazon-adsystem.com
2    23.197.120.249 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-120-249.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
1    13.32.27.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-98.fra56.r.cloudfront.net
cdn.adsafeprotected.com
29    34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com
dcs-static.gprod.postmedia.digital
fem.gprod.postmedia.digital
1    2606:4700:e0::ac40:6003 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    18.165.201.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-201-79.lhr50.r.cloudfront.net
ak.sail-horizon.com
6    2606:4700:20::681a:fe4 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.catapultx.com
22    2600:9000:238d:9000:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
4    2606:4700::6812:4eb (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
config.lrcontent.com
5    13.107.6.158 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: bingforbusiness.com
edge-auth.microsoft.com
23    2a04:4e42:200::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
assets-jpcust.jwpsrv.com
5    13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net
sb.scorecardresearch.com
20    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
imprammp.taboola.com
4    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:4400::6812:29aa (United States)

ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1    99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2.23.78.67 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-78-67.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    35.241.9.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.9.241.35.bc.googleusercontent.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
6    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
4    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
12    2606:4700:20::681a:13e (United States)

ASN13335 (CLOUDFLARENET, US)
events.qortex.ai
demand.qortex.ai
2    2606:4700:e6::ac40:c926 (United States)

ASN13335 (CLOUDFLARENET, US)
api.fouanalytics.com
2    54.70.81.85 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-81-85.us-west-2.compute.amazonaws.com
pixel.adsafeprotected.com
1    18.66.96.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-96-174.fra56.r.cloudfront.net
aax.amazon-adsystem.com
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
9    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    2606:4700::6811:7611 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
36    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    2602:803:c003:200::45 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    52.213.254.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-254-91.eu-west-1.compute.amazonaws.com
ap.lijit.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
16    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
17    3.65.234.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
2    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    2a00:1450:4001:806::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
5    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
2    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
4    18.185.12.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
postmedia.hub.loginradius.com
1    152.199.22.243 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2a04:4e42:600::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    2a05:d018:d29:3602:4577:47d8:bc2a:f25c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
24    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
17    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    18.196.198.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-198-248.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    2600:9000:2491:2c00:2:cecb:23c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
videos-cloudfront-usp.jwpsrv.com
2    2606:4700::6812:eff8 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
5    2600:9000:20a0:3000:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
17    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
3    2600:1f18:44f0:4848:9168:e8ca:4c02:4000 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
4    2a02:26f0:3500:28b::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
1    2606:4700::6811:c276 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
4    2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)
identity.mparticle.com
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    34.239.37.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-37-162.compute-1.amazonaws.com
q.adrta.com
8    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
3    2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2.19.244.232 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-244-232.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
3    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:3033::6815:325a (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    65.9.66.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-74.fra56.r.cloudfront.net
get.s-onetag.com
1    65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net
cdn.parsely.com
4    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
1    23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com
ad.yieldlab.net
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    13.227.219.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-71.ams54.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.98.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net
signal-beacon.s-onetag.com
1    63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
p1.parsely.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)
jssdks.mparticle.com
4    162.19.30.128 (Domont, France)

ASN16276 (OVH, FR)
PTR: haproxy08.cl13.ovh.mrf.io
events.newsroom.bi
2    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    167.235.124.59 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0037.cxense.com
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    34.225.109.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-109-145.compute-1.amazonaws.com
i.liadm.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    34.160.19.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
1    52.222.139.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-21.ams50.r.cloudfront.net
pix.adrta.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    57.128.96.92 (Sartrouville, France)

ASN16276 (OVH, FR)
PTR: haproxy06.cl11.ovh.mrf.io
compassdata.mrf.io
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    35.168.44.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-44-110.compute-1.amazonaws.com
i.viafoura.co
1    2600:1f14:b4f:4b01:e956:729a:ad86:b3cb (Boardman, United States)

ASN16509 (AMAZON-02, US)
ipv6.adrta.com
2    3.93.133.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-133-145.compute-1.amazonaws.com
adrta.com
1    2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)
experiences.mrf.io
1    2600:9000:2250:9c00:15:2b26:f200:93a1 (United States)

ASN16509 (AMAZON-02, US)
placement-prd.jwpltx.com
1    2600:9000:211e:f000:0:723d:9040:93a1 (United States)

ASN16509 (AMAZON-02, US)
ping-meta-prd.jwpltx.com
3    2600:9000:20a0:4c00:1b:6b7c:c940:93a1 (United States)

ASN16509 (AMAZON-02, US)
prd.jwpltx.com
2    2606:4700:4400::6812:2a4f (United States)

ASN13335 (CLOUDFLARENET, US)
assets.ribn.com
1    2606:4700::6812:a07e (United States)

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
postmedia-d.openx.net
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
2    3.121.73.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-73-54.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
1    2600:1f18:ed:550e:f339:4051:d8d6:6b16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    52.18.42.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-42-196.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    52.57.164.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-164-72.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    54.210.107.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-107-216.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
Apex Domain
Subdomains		 Transfer
81 postmedia.digital
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 137760
dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 179807
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 231126
1 MB
40 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 2827
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
4 KB
28 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1255
trc.taboola.com — Cisco Umbrella Rank: 960
15.taboola.com — Cisco Umbrella Rank: 10696
am-trc-events.taboola.com — Cisco Umbrella Rank: 11740
images.taboola.com — Cisco Umbrella Rank: 1897
vidstat.taboola.com — Cisco Umbrella Rank: 3607
imprammp.taboola.com — Cisco Umbrella Rank: 11126
am-match.taboola.com — Cisco Umbrella Rank: 12141
am-vid-events.taboola.com — Cisco Umbrella Rank: 11014
pips.taboola.com — Cisco Umbrella Rank: 1936
cds.taboola.com — Cisco Umbrella Rank: 2300
533 KB
27 googlesyndication.com
eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
224 KB
24 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
326 KB
23 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 3192
entitlements.jwplayer.com — Cisco Umbrella Rank: 4229
89 KB
19 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 4264
videos-cloudfront-usp.jwpsrv.com — Cisco Umbrella Rank: 6247
762 KB
17 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
714 KB
17 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1894
3 KB
16 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 757
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796
dsum.casalemedia.com — Cisco Umbrella Rank: 2867
11 KB
15 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677
262 KB
13 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 4062
ads.rubiconproject.com — Cisco Umbrella Rank: 2896
fastlane.rubiconproject.com — Cisco Umbrella Rank: 791
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1222
eus.rubiconproject.com — Cisco Umbrella Rank: 951
token.rubiconproject.com — Cisco Umbrella Rank: 744
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 4039
243 KB
12 qortex.ai
events.qortex.ai — Cisco Umbrella Rank: 34200
demand.qortex.ai — Cisco Umbrella Rank: 63400
6 KB
10 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2986
cdn.permutive.com — Cisco Umbrella Rank: 3770
52 KB
9 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 3026
449 KB
8 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 8531
identity.mparticle.com — Cisco Umbrella Rank: 2904
jssdks.mparticle.com — Cisco Umbrella Rank: 7780
115 KB
8 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 766
ads.pubmatic.com — Cisco Umbrella Rank: 811
image6.pubmatic.com — Cisco Umbrella Rank: 1215
91 KB
7 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 6215
p1cluster.cxense.com — Cisco Umbrella Rank: 15673
comcluster.cxense.com — Cisco Umbrella Rank: 5742
id.cxense.com — Cisco Umbrella Rank: 13926
82 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
acdn.adnxs.com — Cisco Umbrella Rank: 957
secure.adnxs.com — Cisco Umbrella Rank: 793
30 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
90 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925
aax.amazon-adsystem.com — Cisco Umbrella Rank: 464
s.amazon-adsystem.com — Cisco Umbrella Rank: 398
77 KB
6 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2014
www.google.com — Cisco Umbrella Rank: 6
2 KB
6 adrta.com
q.adrta.com — Cisco Umbrella Rank: 4270
pix.adrta.com — Cisco Umbrella Rank: 5547
ipv6.adrta.com — Cisco Umbrella Rank: 4539
adrta.com — Cisco Umbrella Rank: 2640
15 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 597
bidder.criteo.com — Cisco Umbrella Rank: 878
dis.criteo.com — Cisco Umbrella Rank: 943
mug.criteo.com — Cisco Umbrella Rank: 1867
8 KB
6 catapultx.com
tags.catapultx.com — Cisco Umbrella Rank: 71183
193 KB
5 jwpltx.com
placement-prd.jwpltx.com — Cisco Umbrella Rank: 255164
ping-meta-prd.jwpltx.com — Cisco Umbrella Rank: 7831
prd.jwpltx.com — Cisco Umbrella Rank: 3317
1014 B
5 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 16289
214 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 274
6 KB
5 microsoft.com
edge-auth.microsoft.com — Cisco Umbrella Rank: 76668
307 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 979
i6.liadm.com — Cisco Umbrella Rank: 4366
2 KB
4 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7834
2 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1067
cdn.indexww.com — Cisco Umbrella Rank: 2632
3 KB
4 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 5297
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6989
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 9346
20 KB
4 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 10258
compassdata.mrf.io — Cisco Umbrella Rank: 70638
experiences.mrf.io — Cisco Umbrella Rank: 12895
59 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1695
21 KB
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 16578
i.viafoura.co — Cisco Umbrella Rank: 18554
4 KB
4 loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 236409
1 KB
4 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 114786
config.lrcontent.com — Cisco Umbrella Rank: 27252
100 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
storage.googleapis.com — Cisco Umbrella Rank: 682
imasdk.googleapis.com — Cisco Umbrella Rank: 639
537 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 4002
578 B
3 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 11211
cdn.tinypass.com — Cisco Umbrella Rank: 8727
buy.tinypass.com — Cisco Umbrella Rank: 9223
117 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
445 B
3 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1919
lexicon.33across.com — Cisco Umbrella Rank: 2501
5 KB
3 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 5466
pixel.adsafeprotected.com — Cisco Umbrella Rank: 1190
10 KB
3 torontosun.com
torontosun.com — Cisco Umbrella Rank: 450573
82 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1396
648 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
1 KB
2 ribn.com
assets.ribn.com — Cisco Umbrella Rank: 184729
8 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 395
26 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 894
62 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 4472
p1.parsely.com — Cisco Umbrella Rank: 3579
22 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
92 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
291 B
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 5444
497 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1682
contextual.media.net — Cisco Umbrella Rank: 1093
9 KB
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1007
postmedia-d.openx.net — Cisco Umbrella Rank: 408752
546 B
2 fouanalytics.com
api.fouanalytics.com — Cisco Umbrella Rank: 18395
802 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
3 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1485
759 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1274
1 KB
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 972
433 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1925
372 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2988
349 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 11048
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4236
235 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 2504
134 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
65 KB
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 7648
2 KB
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 998
277 B
1 prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 325855
383 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623
17 KB
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 254059
112 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 5474
33 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 10326
3 KB
505 75
Domain Requested by
52 smartcdn.gprod.postmedia.digital torontosun.com
36 c2shb.pubgw.yahoo.com micro.rubiconproject.com
25 dcs-static.gprod.postmedia.digital torontosun.com
dcs-static.gprod.postmedia.digital
24 s0.2mdn.net imasdk.googleapis.com
torontosun.com
s0.2mdn.net
22 cdn.jwplayer.com 16 redirects torontosun.com
cdn.jwplayer.com
dcs-static.gprod.postmedia.digital
ssl.p.jwpcdn.com
17 www.googletagmanager.com fem.gprod.postmedia.digital
www.googletagmanager.com
jssdkcdns.mparticle.com
torontosun.com
www.google-analytics.com
17 pagead2.googlesyndication.com imasdk.googleapis.com
eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
17 btlr.sharethrough.com micro.rubiconproject.com
16 assets-jpcust.jwpsrv.com torontosun.com
11 events.qortex.ai tags.catapultx.com
10 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
9 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
9 cdn.taboola.com torontosun.com
cdn.taboola.com
9 ssl.p.jwpcdn.com cdn.jwplayer.com
8 tpc.googlesyndication.com eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
torontosun.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
7 images.taboola.com torontosun.com
6 tags.catapultx.com torontosun.com
tags.catapultx.com
5 cdn.viafoura.net fem.gprod.postmedia.digital
cdn.viafoura.net
5 ib.adnxs.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
micro.rubiconproject.com
acdn.adnxs.com
5 sb.scorecardresearch.com 1 redirects torontosun.com
fem.gprod.postmedia.digital
5 edge-auth.microsoft.com torontosun.com
edge-auth.microsoft.com
4 events.newsroom.bi sdk.mrf.io
4 eus.rubiconproject.com ssl.p.jwpcdn.com
eus.rubiconproject.com
micro.rubiconproject.com
4 cm.g.doubleclick.net 4 redirects
4 ads.pubmatic.com tags.catapultx.com
ssl.p.jwpcdn.com
eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
micro.rubiconproject.com
4 region1.analytics.google.com www.googletagmanager.com
4 identity.mparticle.com jssdkcdns.mparticle.com
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
4 postmedia.hub.loginradius.com fem.gprod.postmedia.digital
auth.lrcontent.com
4 fonts.gstatic.com fonts.googleapis.com
4 fem.gprod.postmedia.digital torontosun.com
fem.gprod.postmedia.digital
4 securepubads.g.doubleclick.net torontosun.com
securepubads.g.doubleclick.net
3 prd.jwpltx.com
3 i.liadm.com 3 redirects
3 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
3 jssdks.mparticle.com jssdkcdns.mparticle.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.google.de torontosun.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 api.viafoura.co cdn.viafoura.net
3 videos-cloudfront-usp.jwpsrv.com ssl.p.jwpcdn.com
3 pr-bh.ybp.yahoo.com imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
3 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
3 www.gstatic.com cdn.jwplayer.com
www.gstatic.com
3 am-trc-events.taboola.com cdn.taboola.com
torontosun.com
3 gum.criteo.com 1 redirects cdn.taboola.com
static.criteo.net
3 c.amazon-adsystem.com torontosun.com
c.amazon-adsystem.com
3 torontosun.com 1 redirects dcs-static.gprod.postmedia.digital
2 sync-tm.everesttech.net 2 redirects
2 pm.w55c.net 2 redirects
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 assets.ribn.com www.googletagmanager.com
torontosun.com
2 config.lrcontent.com auth.lrcontent.com
2 adrta.com pix.adrta.com
2 cdnjs.cloudflare.com s0.2mdn.net
2 googleads4.g.doubleclick.net torontosun.com
2 cdn.indexww.com ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 token.rubiconproject.com eus.rubiconproject.com
2 www.google.com torontosun.com
tpc.googlesyndication.com
2 image6.pubmatic.com ads.pubmatic.com
2 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
2 js-sec.indexww.com ssl.p.jwpcdn.com
micro.rubiconproject.com
2 static.criteo.net micro.rubiconproject.com
static.criteo.net
2 connect.facebook.net torontosun.com
connect.facebook.net
2 sdk.mrf.io torontosun.com
sdk.mrf.io
2 q.adrta.com eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
q.adrta.com
2 googleads.g.doubleclick.net eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
pagead2.googlesyndication.com
2 x.bidswitch.net am-match.taboola.com
ssum-sec.casalemedia.com
2 imasdk.googleapis.com cdn.jwplayer.com
imasdk.googleapis.com
2 eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 lexicon.33across.com cdn-ima.33across.com
micro.rubiconproject.com
2 api.sail-personalize.com ak.sail-horizon.com
2 htlb.casalemedia.com micro.rubiconproject.com
ssl.p.jwpcdn.com
2 fastlane.rubiconproject.com micro.rubiconproject.com
2 hbopenbid.pubmatic.com micro.rubiconproject.com
ssl.p.jwpcdn.com
2 pixel.adsafeprotected.com cdn.adsafeprotected.com
2 api.fouanalytics.com tags.catapultx.com
torontosun.com
2 trc.taboola.com cdn.taboola.com
2 cdn.jsdelivr.net micro.rubiconproject.com
securepubads.g.doubleclick.net
2 auth.lrcontent.com torontosun.com
cdn.viafoura.net
1 p.rfihub.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 secure.adnxs.com 1 redirects
1 i6.liadm.com ssum-sec.casalemedia.com
1 contextual.media.net micro.rubiconproject.com
1 postmedia-d.openx.net micro.rubiconproject.com
1 acdn.adnxs.com micro.rubiconproject.com
1 buy.tinypass.com cdn.tinypass.com
1 mug.criteo.com
1 ping-meta-prd.jwpltx.com
1 placement-prd.jwpltx.com
1 experiences.mrf.io sdk.mrf.io
1 ipv6.adrta.com pix.adrta.com
1 i.viafoura.co cdn.viafoura.net
1 id.cxense.com cdn.cxense.com
1 cds.taboola.com cdn.taboola.com
1 comcluster.cxense.com cdn.cxense.com
1 compassdata.mrf.io sdk.mrf.io
1 pips.taboola.com cdn.taboola.com
1 pix.adrta.com q.adrta.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.facebook.com torontosun.com
1 trace.mediago.io 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 dis.criteo.com ssum-sec.casalemedia.com
1 p1cluster.cxense.com cdn.cxense.com
1 p1.parsely.com torontosun.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 ad.yieldlab.net googleads.g.doubleclick.net
1 cdn.parsely.com www.googletagmanager.com
1 get.s-onetag.com www.googletagmanager.com
1 sync.adkernel.com tags.catapultx.com
1 www.googletagservices.com eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
1 c2.piano.io cdn.tinypass.com
1 demand.qortex.ai tags.catapultx.com
1 cdn.tinypass.com experience.tinypass.com
1 jssdkcdns.mparticle.com fem.gprod.postmedia.digital
1 experience.tinypass.com fem.gprod.postmedia.digital
1 ups.analytics.yahoo.com imprammp.taboola.com
1 am-vid-events.taboola.com torontosun.com
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 prebid-server.rubiconproject.com ssl.p.jwpcdn.com
1 entitlements.jwplayer.com cdn.jwplayer.com
1 vidstat.taboola.com cdn.taboola.com
1 15.taboola.com cdn.taboola.com
1 storage.googleapis.com dcs-static.gprod.postmedia.digital
1 prebid.media.net micro.rubiconproject.com
1 rtb.openx.net micro.rubiconproject.com
1 bidder.criteo.com micro.rubiconproject.com
1 ap.lijit.com micro.rubiconproject.com
1 cdn.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 secure.cdn.fastclick.net torontosun.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app fem.gprod.postmedia.digital
1 ak.sail-horizon.com torontosun.com
1 www.npttech.com torontosun.com
1 cdn.adsafeprotected.com torontosun.com
1 micro.rubiconproject.com torontosun.com
1 fonts.googleapis.com torontosun.com
505 148
Subject Issuer Validity Valid
torontosun.com
GTS CA 1D4		 2023-12-26 -
2024-03-25		 3 months crt.sh
gprod.postmedia.digital
GTS CA 1D4		 2024-01-02 -
2024-04-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
npttech.com
GTS CA 1P5		 2023-12-28 -
2024-03-27		 3 months crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M02		 2023-12-04 -
2024-12-30		 a year crt.sh
catapultx.com
GTS CA 1P5		 2023-12-14 -
2024-03-13		 3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-29 -
2024-04-28		 a year crt.sh
edge-auth.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2023-11-28 -
2024-11-22		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-30 -
2024-09-30		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2024-01-05 -
2024-04-04		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.prmutv.co
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
qortex.ai
GTS CA 1P5		 2023-12-20 -
2024-03-19		 3 months crt.sh
fouanalytics.com
E1		 2024-01-05 -
2024-04-04		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
api.permutive.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-12-26 -
2024-12-25		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-17 -
2024-04-10		 6 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.lijit.com
Amazon RSA 2048 M02		 2023-11-21 -
2024-12-19		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01		 2023-04-25 -
2024-05-23		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-11-27 -
2024-02-25		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.loginradius.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-12 -
2024-11-11		 a year crt.sh
entitlements.jwplayer.com
GeoTrust TLS RSA CA G1		 2023-04-11 -
2024-05-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
jwpsrv.com
Amazon RSA 2048 M02		 2023-03-20 -
2024-04-16		 a year crt.sh
viafoura.com
Amazon RSA 2048 M02		 2023-08-08 -
2024-09-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
jssdkcdns.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-02 -
2024-06-02		 a year crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-13		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-08 -
2024-06-08		 a year crt.sh
*.adrta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-07 -
2024-07-23		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-16 -
2024-01-14		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
jssdks.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-09-16 -
2024-10-17		 a year crt.sh
ssl03.cert.cl13.k8s.mrf.io
R3		 2023-11-24 -
2024-02-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
ssl02.cert.cl11.k8s.mrf.io
R3		 2023-12-21 -
2024-03-20		 3 months crt.sh
jwpltx.com
Amazon RSA 2048 M03		 2023-10-12 -
2024-11-09		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M03		 2023-11-28 -
2024-12-26		 a year crt.sh

This page contains 30 frames:

Primary Page: https://torontosun.com/
Frame ID: 80F233B2F30974069C17EAD6F372F0F1
Requests: 350 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v93.0/xd.html
Frame ID: 208341EB3611886264D5EC5BD2B585A0
Requests: 2 HTTP requests in this frame

Frame: https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 97A4576C8B81623C5B8B38B72776FBEE
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66632208&crid=6982207&dast=V84HoCLAYYCJENds6jERMwECIb7JxHIy4AAABgYID-AEk4dxOPaeRYC5a7kVs0WQ3XwsVq4lYYdxvHcmNZriwbIyAxi2Nm2IxWbtFytFiLZovNWuGbTNyK5XJlmCwnnpXNZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHgAoKb4A-EHEAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwACwYI2lAQCKA8IbLU-7z2X3BwCAhwgQAAACGCQAEg4ISgDIdB2cAAAAAAAAAABg8f___x9jAF8XQgYBQaJ_D4AHHwAPRAqUizACAAAAAPV_oHZkkk5QsagCAECQbgXgCgBAAGM5go1VGAAAAIAxC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aISI6ofTBF0o9Kj5BQQAWPMLCADAZtwAALwRgBN0CFoxGKxOQMwOAAAAwJ3___9_PSC0WDhHk91ysnJ5ZqONY7QweUa2mW9mm60Mg9Fwe4aspXF3xY6W-4gIy-z3HYR8t8vw8LkMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4GYDAZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBwMI2Ga0sg7VkNZmtRbvNci1cDEZu4XKwWZgGC9to5VmLXh_TxzmaDVeOLRIMANmL4CKdCP6e09tlcjrcor_lbzf9Pa-7RSzRnCzSieyyLy0WztFkt5ysXJ7ZaOMYLUyekW3mm9lmK8NgNNwXFrbJaGUZrCWryWwt2m2Wa-FiMHILl4PNwjRY2EYrz1r0-pg-ztFsuHLsG7vBaDZarmbLfWM3GM1Gy9Vsue8wmZ6pz9loPUlWH5nQ93upfjanQeEyWLw_iWkx7c4OnrPv6HQZl8mizuj3-_1-v9_v9_v9Bq3nYDYofLNz1KbM3tLSanphEBsMilgiOF2kE6Hf7bKIJZKnRToRbVbOmce58kxmC99mtXGsRhOHw2LxzRym5WaymoglStNFOtFL1H_EgIO5ZLWa6-aKwWyVAAAAAAAAAAAswTTTTQAAAACcDGq5mE0GywWAMYyrC9gEAAAAAABgl4sgr_y_259FscYeo4C_5_R2mZwOt-hv-dtNf8_rbmUAGJ07zDbzjCDWarWsAQAACGADAAAI4KYbbwLCKzn7gKKQotYLPXD5EeRwNto_ABVirVbL54u1Wi2B_____wQBAAAAAABMEA0CAAAAAADgyAA!&cmcv=&pix=undefined&cb=1704649570412&uv=151230705&tms=1704649570412&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!dfrc_vA!eidc_vA!t45!ufm_vC!uftchrwf_vC!ul151230-705_vB!unf_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=a97bc4d1-097d-4258-815b-a87c19c29e2c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: D58C23F5FE3AFD989F6AA71DE35D94FC
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V84HoCLAYYCJENds6jERMwECIb7JxHIy4AAABgYID-AEk4dxOPaeRYC5a7kVs0WQ3XwsVq4lYYdxvHcmNZriwbIyAxi2Nm2IxWbtFytFiLZovNWuGbTNyK5XJlmCwnnpXNZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHgAoKb4A-EHEAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwACwYI2lAQCKA8IbLU-7z2X3BwCAhwgQAAACGCQAEg4ISgDIdB2cAAAAAAAAAABg8f___x9jAF8XQgYBQaJ_D4AHHwAPRAqUizACAAAAAPV_oHZkkk5QsagCAECQbgXgCgBAAGM5go1VGAAAAIAxC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aISI6ofTBF0o9Kj5BQQAWPMLCADAZtwAALwRgBN0CFoxGKxOQMwOAAAAwJ3___9_PSC0WDhHk91ysnJ5ZqONY7QweUa2mW9mm60Mg9Fwe4aspXF3xY6W-4gIy-z3HYR8t8vw8LkMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4GYDAZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBwMI2Ga0sg7VkNZmtRbvNci1cDEZu4XKwWZgGC9to5VmLXh_TxzmaDVeOLRIMANmL4CKdCP6e09tlcjrcor_lbzf9Pa-7RSzRnCzSieyyLy0WztFkt5ysXJ7ZaOMYLUyekW3mm9lmK8NgNNwXFrbJaGUZrCWryWwt2m2Wa-FiMHILl4PNwjRY2EYrz1r0-pg-ztFsuHLsG7vBaDZarmbLfWM3GM1Gy9Vsue8wmZ6pz9loPUlWH5nQ93upfjanQeEyWLw_iWkx7c4OnrPv6HQZl8mizuj3-_1-v9_v9_v9Bq3nYDYofLNz1KbM3tLSanphEBsMilgiOF2kE6Hf7bKIJZKnRToRbVbOmce58kxmC99mtXGsRhOHw2LxzRym5WaymoglStNFOtFL1H_EgIO5ZLWa6-aKwWyVAAAAAAAAAAAswTTTTQAAAACcDGq5mE0GywWAMYyrC9gEAAAAAABgl4sgr_y_259FscYeo4C_5_R2mZwOt-hv-dtNf8_rbmUAGJ07zDbzjCDWarWsAQAACGADAAAI4KYbbwLCKzn7gKKQotYLPXD5EeRwNto_ABVirVbL54u1Wi2B_____wQBAAAAAABMEA0CAAAAAADgyAA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: E4E3BBEF5B5FE00B61ADE82E0B8062C4
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en_ca.html
Frame ID: A8E9F4D7EEB77B6716916BC750824F74
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6A8CAF480A3B596911E8B08F4B4909E5
Requests: 1 HTTP requests in this frame

Frame: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=6131311c-dc5f-430e-b8d7-5231edd0ffe3&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Frame ID: 624744153C6D939629B45FECA3B2DEF6
Requests: 4 HTTP requests in this frame

Frame: https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 86E91A285D28075F54B361980AE4EE81
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEJy1yaMDGPmA84ACMAE&v=APEucNWAfAzD-arlJrpxAxtw97tJzRoGBv6yTdjebTlUx0HzLw--g-qQlYbZyd5SCktZoHMfO-s3jkZCvH8lyY_0DMXdxSU1HCHYIDY-8zMYH1eCoosUn8JrehriD9dcgxBL2LCE0MNHqz5cfug0Q59Z4N0G83b1TH-gaWTonpQ9mKJJep2QYJkzR7rBp7kSm4tMmUpPbR95
Frame ID: 1A752911E8EB6A92F57CE69C194FF780
Requests: 4 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=202197&r=https%3A%2F%2Fdemand.qortex.ai%2Fsync%3Fakuid%3Dhttps%3A%2F%2Ftorontosun.com%7C%7BUID%7D
Frame ID: AE9623BCA6F93DBF9571A16E6E7D6F14
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 20AA490C376119D8640AB3BD2F65B009
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FC43E5F9CF6C694516399CEEAB1B27ED
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: 45CB74EF63BAF592E108F45D0F630949
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A114294317C9D9F450CDE25D83499D46
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B6F98F211F7EB03C4CD44DDA56B695C4
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5BEC80487AEBC005C12D2657F864DFC0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 436E15EB3D72437605C8DEC76C14D98E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Frame ID: B250426B1DC5355E0AA13314AF056300
Requests: 24 HTTP requests in this frame

Frame: https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=5
Frame ID: BACA8FBB8D474114E517A56424FF02B8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=torontosun.com
Frame ID: A82D3CBA25E98F122A19B0D0470F1616
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 72C47336F78F3EBD5AF54900891A2716
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BA116467E2455E595A26030964E88EB0
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 27ADD1391E2EE99017A906F4D3951537
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 24FB6780DF58DB735868D5A2AD17EFCD
Requests: 3 HTTP requests in this frame

Frame: https://postmedia-d.openx.net/w/1.0/pd
Frame ID: D83652CFC744DDF28EA05FCD599AAE8C
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 167AD70113C6525286AFA78AABBDE32D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: C79497C204D9F2E04F9E7B68FFCF0935
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2012%2C2034%2C2033%2C2055%2C172%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C237%2C459%2C70%2C97%2C55%2C77%2C2023%2C2022%2C3012%2C262%2C461%2C244%2C201%2C2039%2C246%2C4%2C203%2C326%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 8A5DAC7745778049A7D6012A45A3927B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4119F6D152A049D04F6D959C92201790
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | Toronto Sun Home Page | Toronto SunToronto SunUser

Page URL History Show full URLs

  1. http://torontosun.com/ HTTP 308
    https://torontosun.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

505
Requests

93 %
HTTPS

44 %
IPv6

75
Domains

148
Subdomains

120
IPs

8
Countries

7697 kB
Transfer

20355 kB
Size

90
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://torontosun.com/ HTTP 308
    https://torontosun.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://sb.scorecardresearch.com/cs/10276888/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 198
  • https://cdn.jwplayer.com/v2/media/STu5EiL5/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-320.jpg
Request Chain 199
  • https://cdn.jwplayer.com/v2/media/Iv67Shyx/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/lqbjtgex-320.jpg
Request Chain 200
  • https://cdn.jwplayer.com/v2/media/LVvfJDzD/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/qh47XFOT-320.jpg
Request Chain 201
  • https://cdn.jwplayer.com/v2/media/br7L84WR/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/45bEBgIV-320.jpg
Request Chain 202
  • https://cdn.jwplayer.com/v2/media/XvPMTTp4/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/fa3Lx4xY-320.jpg
Request Chain 203
  • https://cdn.jwplayer.com/v2/media/dB2EaAGw/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/iLbKP9Dz-320.jpg
Request Chain 204
  • https://cdn.jwplayer.com/v2/media/EM76gBBh/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/zXf2rAO1-320.jpg
Request Chain 205
  • https://cdn.jwplayer.com/v2/media/hMCqGdDQ/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/JVfUn2nZ-320.jpg
Request Chain 206
  • https://cdn.jwplayer.com/v2/media/ezBKvBhV/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/KwC275w1-320.jpg
Request Chain 207
  • https://cdn.jwplayer.com/v2/media/ATeFDMnl/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/ch9GHjMH-320.jpg
Request Chain 242
  • https://cdn.jwplayer.com/tracks/xekD8K28.srt HTTP 301
  • https://assets-jpcust.jwpsrv.com/tracks/xekD8K28.srt
Request Chain 244
  • https://cdn.jwplayer.com/strips/ATeFDMnl-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/ATeFDMnl-120.vtt
Request Chain 248
  • https://cdn.jwplayer.com/v2/media/ATeFDMnl/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/ch9GHjMH-720.jpg
Request Chain 249
  • https://cdn.jwplayer.com/v2/media/ATeFDMnl/poster.jpg?width=640 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/ch9GHjMH-640.jpg
Request Chain 268
  • https://cdn.jwplayer.com/strips/ATeFDMnl-120.jpg HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/ATeFDMnl-120.jpg
Request Chain 291
  • https://cdn.jwplayer.com/v2/media/STu5EiL5/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-120.jpg
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEL-fkF3SGSgh15rHg4TlQ4Q&google_cver=1
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJuYlLkaefsY7jQ7vLjll0&google_cver=1
Request Chain 336
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZrjY28SiV5HO8ECgTsU7wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJuYlLkaefsY7jQ7vLjll0&google_cver=1
Request Chain 387
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZrjY28SiV5HO8ECgTsU7wAABIwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGrw-yRn-MtumcnGHkgUda0&google_cver=1
Request Chain 389
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZrjY28SiV5HO8ECgTsU7wAABIwAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZrjY28SiV5HO8ECgTsU7wAABIwAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 390
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZrjY28SiV5HO8ECgTsU7wAA%261164&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZrjY28SiV5HO8ECgTsU7wAA%261164&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=6a8d2fef584243dd8e57f5cbff3f8c01 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 392
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a0c919ee-7e61-0682-16b4236d
Request Chain 393
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=746ded226e243b2f2l5i0y00lr3scc1n
Request Chain 462
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=torontosun.com&sn=ChromeSyncframe&so=0&topUrl=torontosun.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=JJzirXx4dHJyb2EyZ2ZWM3lDUVJiR3gxcy95NUhRY2IzQU9iUnlzSEcvRzZmS2pBWTVWMCtDamxJcXFLRzR5WU9lOXV1VW9zZUsyRFY0eEJCNVZ2LzJ3SXJUV0NhZnVLK0N6M1lnNTc2SXRhV01MdDVVQmh4Q1NuempzK3lucFFLMytKRnlEb28wbnIrUU13WjJuZlgvUFdaQkxiV3o1azZiMjJmeGVxeUM2NExNOWcrM3BWV2k3cEdYUWg0dDM2NlBqdVR6TTNBNm5uRm9MeFp3Q2RHNEUwMU9FN2gzc05BdFBUYkgycUlMUTF3eW5ZbTlINVZnL1orbGlNMG5zSGFHeS91U3hHRU5zL2xJUzAwajhBTXduLytiT3hkYWIwZWxYVGptbm9QRDVhZXdoTT18&cppv=2
Request Chain 492
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZrjY28SiV5HO8ECgTsU7wAA%261164&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZrjY28SiV5HO8ECgTsU7wAA%261164&gpp_sid=&us_privacy=&gpdr=
Request Chain 494
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6650209596989467607
Request Chain 496
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=lgVBMEa01RmxdZ5
Request Chain 497
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ixDaez5AVdZF4DNCFeqHeFD_B2o
Request Chain 498
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZZrjZwAMzDIWHABH HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZrjZwAMzDIWHABH&_test=ZZrjZwAMzDIWHABH
Request Chain 499
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322330559743413

505 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
torontosun.com/
Redirect Chain
  • http://torontosun.com/
  • https://torontosun.com/
542 KB
79 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
3a96f498b6c3e6b3d6434149ebffc12c9431b32654bdc070c05ba8955aed7692
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=180
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Sun, 07 Jan 2024 17:46:08 GMT
expires
Sun, 07 Jan 2024 17:45:26 GMT
last-modified
Sun, 07 Jan 2024 17:43:23 GMT
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-dcs-cache-page
HIT
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
x-envoy-upstream-service-time
2
x-frame-options
SAMEORIGIN
x-pmd-backend
pmd-nginx-proxy-6cbdf6d5bf-gbvsk
x-pmd-cache
HIT

Redirect headers

Cache-Control
private
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Jan 2024 17:46:08 GMT
Location
https://torontosun.com:443/
cops-coffee-2-e1704580745703.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/cops-coffee-2-e1704580745703.jpg?quality=90&strip=all&w=466&type=webp&sig=8Hot0u7WLFXrceF3VABAAA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
1e38b34f5e554ecc517a3683ee9069abd73cd1ffa79d307ee12782802ae2a18a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 00:54:15 GMT
via
1.1 google
server
nginx/1.18.0
age
60713
etag
"fb8da241c13b8191656f5cd965ef251e6d087524"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-lmdvm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25488
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
64bd62679fbefcfd46fb16c93bccda65b4716fdb1714a7d0912f14601dc082e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jan 2024 17:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 17:46:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jan 2024 17:46:08 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7cc2e6386a64849765c5d395c47005c4dafa57d43797429aaf48bb50add717e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29087
x-xss-protection
0
server
cafe
etag
905 / 19729 / m202401020101 / config-hash: 2026918608723226553
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 17:46:08 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-131.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:13:13 GMT
content-encoding
gzip
via
1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront), 1.1 b6b3214c2f1500227643824508cb5d1c.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, AMS58-P4
age
1976
x-amz-server-side-encryption
AES256
etag
W/"d6937d02acbbf691a008906e9d0617e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
PzhriS8-kH_Ne4Yic_d_WLmF885XdJb1qeUnFsV_SOw4tIxFBe5FUQ==
14648.js
micro.rubiconproject.com/prebid/dynamic/ 		619 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.120.249 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-120-249.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
9649a2e9a64cddaff27b118c45b2882ba93f77ff516751edd9af61e4846a3c63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:08 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-14648_The_Toronto_Sun.js
content-type
text/javascript;charset=UTF-8
cache-control
public, must-revalidate, max-age=14400
content-length
168929
expires
Sun, 07 Jan 2024 21:31:43 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-98.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 20:59:22 GMT
Content-Encoding
gzip
Via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
506807
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
AFBbTm_v5p0EB5QtFd2BDoryNy8t2AULa7bteQm8mJsRYrgJwjDTzQ==
output.e13822da2ca5.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/ 		29 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.e13822da2ca5.css
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e13822da2ca587d1d53b050cb267bbfea098e785e496dfb833bf4ae38555a087

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:19 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
1633849
x-guploader-uploadid
ABPtcPp_y_peOPpZe5wESUqhc0Mf2OyavY1w-alm00n10X45HufjelpTkrnzXbCtiUBKmFFZsGrWu-Jb0g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2527
last-modified
Tue, 19 Dec 2023 19:46:05 GMT
server
UploadServer
etag
W/"e294df1b7807772797bf8455e49389d1"
vary
Accept-Encoding
x-goog-generation
1703015165240881
x-goog-hash
crc32c=7LFLRw==, md5=4pTfG3gHdyeXv4RV5JOJ0Q==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
29809
accept-ranges
none
output.aae9a9d2b305.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/ 		89 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.aae9a9d2b305.css
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
959d0d916d267c94ec1d1bfb179a81166bbb5cb22d6a2e90ea35c4b57941cb8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:19 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
1633849
x-guploader-uploadid
ABPtcPoFWBp7_n50r1XKLUATeAvorTfV8lGBbn_Go2LENM3jXO4n1pzHq-F7ANbjTpltfUlxGup4Ize6Tw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14512
last-modified
Tue, 19 Dec 2023 19:46:03 GMT
server
UploadServer
etag
W/"54ca4296baf7810e4e11ba0fb7a875f7"
vary
Accept-Encoding
x-goog-generation
1703015163616121
x-goog-hash
crc32c=ASXRuQ==, md5=VMpClrr3gQ5OEboPt6h19w==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
91335
accept-ranges
none
output.69d7190ec3c2.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/ 		70 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.69d7190ec3c2.css
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9f85a8964e063aa66ae22e30e1e86722714e1fcca4a00ee718a34123620e98a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:19 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
1633849
x-guploader-uploadid
ABPtcPoKJ8LJkrqpL5fFtghcqgi5x_WP7pN7IVusg5uFFnkFHgTQ_2fYw8mhsuX_nWJM0M26EFSHhwWUQA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7622
last-modified
Tue, 19 Dec 2023 19:46:01 GMT
server
UploadServer
etag
W/"8c86b41813052df1cc90c98a30275029"
vary
Accept-Encoding
x-goog-generation
1703015161532854
x-goog-hash
crc32c=ytC9tQ==, md5=jIa0GBMFLfHMkMmKMCdQKQ==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
71252
accept-ranges
none
output.e747a4a877d9.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.e747a4a877d9.css
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6bff84e7d1f5c524b06d6b572ca20870ec894706e6f2b96f60e4cd18f238bfb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:17:41 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
1632507
x-guploader-uploadid
ABPtcPpfhLEXA0-A2eTKV7ITjMmiWpbXuaH45y57jkbVFQLMUQkmRwfXxOkDEgZ01AF11dE5nfYFn-72IQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4699
last-modified
Tue, 19 Dec 2023 19:46:05 GMT
server
UploadServer
etag
W/"b93e6faff3dd2d5a67e56bc8653cdae4"
vary
Accept-Encoding
x-goog-generation
1703015165583970
x-goog-hash
crc32c=ZGZM3g==, md5=uT5vr/PdLVpn5WvIZTza5A==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
28644
accept-ranges
none
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:08 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6PCVJEE696N2E86B
age
4628
alt-svc
h3=":443"; ma=86400
x-amz-id-2
93Wahq/l9sF0kv85Xpjli9ybOon/UjlgUIlDfWpeZc64uY6FwpgPXYF4V29wJHcCZR66KKBo0+Q=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ks15scf2vBOdu%2FT9kjUS2TQ%2Bxq4Zs31drbmAZZND%2FFLh8yT1rAp77DkyIRwMmYyzDbBLJa7MLqr83Ll4kqmUd4R6UIotVHtrP2YZcbDa3%2Bl69QWfCuAvjjyF38oi8cQ%2BFCS5YFrmBfbAALGg%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
841e04be1832664c-AMS
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.201.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-201-79.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:38:48 GMT
content-encoding
gzip
via
1.1 1a6cd18714da9809fa8cb07ad66fd4f6.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 21:44:22 GMT
server
AmazonS3
x-amz-cf-pop
LHR50-P3
age
441
x-amz-server-side-encryption
AES256
etag
W/"edee28fbd3a5c9f3c17e0333554b5646"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
2WEIrja3yVv8eks3DdB_phqqlQ7Ewm-MfD6co8OuRKgy0yOGt-EEHw==
fem.js
fem.gprod.postmedia.digital/v93.0/ 		380 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v93.0/fem.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cae693444d5c4b70988da3ee41b0c3809de3f7701f474183ed8a446be6c970a5

Request headers

Referer
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:01:00 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1702321262
age
1633508
x-guploader-uploadid
ABPtcPqer7OqeUx4_gfa2h3ELEdn-ZjwBbfEHbw1FgadwJ_Nv8gzrNFL5xr-stLlqnAZ0V3_d7L3V23apg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109102
last-modified
Mon, 11 Dec 2023 19:02:01 GMT
server
UploadServer
etag
W/"614b2d032ff8e38b1fff2badbf038f1a"
vary
Accept-Encoding
x-goog-generation
1702321321950203
x-goog-hash
crc32c=K4lC0Q==, md5=YUstAy/444sf/yutvwOPGg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
389565
accept-ranges
none
content-type
application/javascript
bootstrapper
tags.catapultx.com/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/bootstrapper?group-id=QiUOkGRFYUWNdgFd8CThQ&video-container=.jw-wrapper
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
eaa1fe6daa6d6efa271e07a942dd6cd521cf367b0f2a1470512f43dc315ad50c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 13 Dec 2023 15:55:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OglPjdKUrwmETEJPnPUKpNT%2BeqjWJAjLF%2BZYFg3mYBaOAcsXiQzcyW6rKJ4vXj%2FL3XDpmUZ%2BNGCgXeUBhVoJyxXkoFaw792Ulu0EJYoYvy6Aw3u5WfOKYdodmhB63oGs7HIfMB79ykCTkkJBCjXSKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
841e04be0a8b9bc2-FRA
embed.js
cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/ 		58 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:9000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
a075f92744836d04b6d6baea13c646a1376afa236c13827f37e52420050b3a64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:44:35 GMT
content-encoding
gzip
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
age
93
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-robots-tag
noindex, indexifembedded
content-length
22525
x-amz-cf-id
tbZYBUtlq18dEuKfLWLiO3US_sf5T6YQk9vvxds2juGdgyHsrUkpfg==
GettyImages-1473033299-scaled-e1704581431174.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/GettyImages-1473033299-scaled-e1704581431174.jpg?quality=90&strip=all&w=466&type=webp&sig=r9hbmHo6kLCK0qBVNs5djA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a7db6c9bf419d63f605c08c1b084c0e3b31f41fed5985f1c5c7eb352661a7880

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 16:24:07 GMT
via
1.1 google
server
nginx/1.18.0
age
4921
etag
"34b957a8a7dc69e970f0ddee1cfd70210eb713cd"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8x5fd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42158
William-Nylander-Jan6.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/William-Nylander-Jan6.jpg?quality=90&strip=all&w=466&type=webp&sig=EuRhhpbrQaXmek6aSWxpog
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
5ded3ce8adb51d45f7c9d3031d23fa9e5677a315ce349985e590c6204615c255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 06:03:57 GMT
via
1.1 google
server
nginx/1.18.0
age
42131
etag
"e37d2ba5c233d4c39b91bfe2a6af407532567e46"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-gsq48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37142
IMG_4719-scaled-e1683673637182.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/11/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/11/IMG_4719-scaled-e1683673637182.jpg?quality=90&strip=all&w=466&type=webp&sig=Q12Lcz99GXRC4nbBsFiXYg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
54d720d925a6be95af1a58233289cf84f06618a7fc9c70fe8e91fe06af0f5a4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 16:22:49 GMT
via
1.1 google
server
nginx/1.18.0
age
4999
etag
"e2c7446ca0fb444963b2b21b6b5b01515e6f1980"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8x5fd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29522
mtl-ny-bus-crash-20240106-1-e1704643462579.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/mtl-ny-bus-crash-20240106-1-e1704643462579.jpg?quality=90&strip=all&w=466&type=webp&sig=I84ZIhRHDG3EzPRwwB4PWg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
e0c245db8e7a2815bdf93856eba409e399429dd1d80e9a0876f2cffb03d82a45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 16:08:19 GMT
via
1.1 google
server
nginx/1.18.0
age
5869
etag
"ca91b3d713e2df571f9e3fdbf956e15580359d6c"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqfvf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43020
GettyImages-620407048-scaled-e1704161827617.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/GettyImages-620407048-scaled-e1704161827617.jpg?quality=90&strip=all&w=466&type=webp&sig=batiFGwYtMc46Z-1BNCRww
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a0bcbbacf9c3059ac66eefef4f4c16cc0c2af179bb419b7b5ed495db23dd92fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 06:27:07 GMT
via
1.1 google
server
nginx/1.18.0
age
40741
etag
"98437c9261747265ad87e793fa082f36d03026b9"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqfvf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45976
ch-3-e1704480681989.png
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ch-3-e1704480681989.png?quality=90&strip=all&w=466&type=webp&sig=x9L5qcCiTIyZ9lIk2TY3VQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
77a249f9ef7a5c4e6b3343eb145628fc1a6d90514a0086bf626e5d06a20227d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 06:27:07 GMT
via
1.1 google
server
nginx/1.18.0
age
40741
etag
"bd3856d830014f5774f8cde9f176643926c599f9"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqfvf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27948
barack-obama-1-scaled-e1704566540591.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/barack-obama-1-scaled-e1704566540591.jpg?quality=90&strip=all&w=466&type=webp&sig=NDly2TImRGVkMaNuSFefNQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
9d64590c81d441ae84b43e6259d50fa5b1441da3e78316930a503f31afeaf3a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 15:50:20 GMT
via
1.1 google
server
nginx/1.18.0
age
6948
etag
"0747a1761c4be9a0d00ecb2389dd3e3aaa4a2535"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-fzfc8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26616
Israel-Palestinians-UN-Security-Council-scaled-e1704580844569.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/Israel-Palestinians-UN-Security-Council-scaled-e1704580844569.jpg?quality=90&strip=all&w=466&type=webp&sig=M2DlE6yn_zDPdqyzhJITpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
49b39ce728ca217287ac45adf49820563a226d2b7190b68e82ac8c19ebdbf8a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 04:18:53 GMT
via
1.1 google
server
nginx/1.18.0
age
48435
etag
"a6672f4888552c536a1d960d21e292e5d8c01491"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-lmdvm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54142
jeffrey-epstein-1.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/jeffrey-epstein-1.jpg?quality=90&strip=all&w=466&type=webp&sig=ib1y5Q4WOw-YxV3eCm3S0Q
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
e3d3512911d3364bf8ce2ca9f8dacc342bc7f3d8cc9c9e300a862a57bd9583eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 06:27:07 GMT
via
1.1 google
server
nginx/1.18.0
age
40741
etag
"e879859ae225957f893d7b232d12bdf7be5d8eb4"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-gsq48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19902
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		211 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:08 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
3263
x-amz-cf-pop
FRA56-C1
cf-polished
origSize=1336927
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 04 Dec 2023 07:20:23 GMT
server
cloudflare
etag
W/"34dedade3a8f1aa4aa0db4d3bf475de7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
841e04be1ea12bcd-FRA
x-amz-cf-id
wdyIa4mtlfzk9W7rqgxBZ6qR0PoxZLB07MOWNWCZjpaXY2dHvG9hrA==
expires
Sun, 07 Jan 2024 21:46:08 GMT
ms_auth_client.min.js
edge-auth.microsoft.com/js/ 		279 KB
280 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/js/ms_auth_client.min.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
feb2160dccd8b0345096a272f9753c529fa2f32b843400805851dc714372d9d5
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-8zPmbwBojV8AcjdBMaFPBkvkTTlFbW9cpMu0uazdKTMy/eXEYhQvGihWpQEJ5PNq5sazP6Y+Zh8VHuz08t7H1RPB52hGmDBlNnN8M6OQK5Q1L8e/4qyGqxRo+2TosW/rhsetgIv9qiIscBcgYP3VB7Qtlr3O/uFyYafcPyAbkdc=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-8zPmbwBojV8AcjdBMaFPBkvkTTlFbW9cpMu0uazdKTMy/eXEYhQvGihWpQEJ5PNq5sazP6Y+Zh8VHuz08t7H1RPB52hGmDBlNnN8M6OQK5Q1L8e/4qyGqxRo+2TosW/rhsetgIv9qiIscBcgYP3VB7Qtlr3O/uFyYafcPyAbkdc=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
date
Sun, 07 Jan 2024 17:46:08 GMT
last-modified
Mon, 01 Jan 1601 14:50:07 GMT
x-msedge-ref
Ref A: 54B3FE443BFF44828299601EF40AC9FF Ref B: AMS231032606019 Ref C: 2024-01-07T17:46:09Z
etag
"7c59092288"
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
285448
shared.883fef4c2994.js
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
185113239a6613ca82207e73bb41dcc84ce2274da2732f6ece828c207f2f060c

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:27 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
1633841
x-guploader-uploadid
ABPtcPrwyA9xOvR64IRfaoj1gv7JnKbOUGLb-rSporvHjAeRjLQ8X2-_3YIZ-Baj5KLmPYb16Po
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7514
last-modified
Tue, 19 Dec 2023 19:46:06 GMT
server
UploadServer
etag
W/"9821e7f2a511b6c16c288d392dd2c55d"
vary
Accept-Encoding
x-goog-generation
1703015166560299
x-goog-hash
crc32c=nd/6aQ==, md5=mCHn8qURtsFsKI05LdLFXQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
20870
accept-ranges
none
content-type
application/javascript
main.de60ce74dc51.js
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/ 		134 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/main.de60ce74dc51.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
de60ce74dc51181fe850f249ae75cc015cbf18c96b9e44f5a40e9cc56b0ba85b

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:27 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
1633841
x-guploader-uploadid
ABPtcPqz7Ad75hbhGCA0XxLjtbT0v4HPWF0EoQrDY53eDb77H_Uxzncjd841KAbZbqRGDomKVlY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46401
last-modified
Tue, 19 Dec 2023 19:46:06 GMT
server
UploadServer
etag
W/"0482cd44a5474059f0144f00e198305f"
vary
Accept-Encoding
x-goog-generation
1703015166460645
x-goog-hash
crc32c=6y/t+g==, md5=BILNRKVHQFnwFE8A4ZgwXw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
136827
accept-ranges
none
content-type
application/javascript
geo.json
cdn.jwplayer.com/v2/ 		40 B
278 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/geo.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:9000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4de084d8fca9ea129b962bb08ca954168391abd13473a0eb6f60a0cd4145a2be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 17:43:29 GMT
via
1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
age
158
x-amz-cf-id
_0tmGXwPZU1YykwGDqtD0pLoe_wQ55xo4OQvLuMqTfRTm_35PTDQyw==
x-cache
Hit from cloudfront
index.js
ssl.p.jwpcdn.com/player/services/jwpsrv/v/4/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/services/jwpsrv/v/4/index.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f733263ba0d482063be46904102884233d3e14ebc2818968db52579a7bdaf83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 varnish
age
3502
x-cache
HIT
content-length
20535
x-served-by
cache-sof1510034-SOF
last-modified
Wed, 13 Dec 2023 06:00:18 GMT
server
AmazonS3
x-timer
S1704649569.120090,VS0,VE0
etag
"1d1853b5560baf12b94fc6c5f4860bd2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
8
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/10276888/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:48:59 GMT
content-encoding
gzip
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
40198
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
dk9PYUH50IYPi6bgYzgbzr3wE8NWyPLj_Rcib3ykLA_tHJuoZNT8Fg==

Redirect headers

date
Sun, 07 Jan 2024 17:46:08 GMT
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
IyYPauGy_R39Uj-izbF2i65Y3RBaRdJscoKfV2NIaCNFi-C_ufji_w==
loader.js
cdn.taboola.com/libtrc/postmedia1-network/ 		181 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e280b188b9ae732c582e6693011c6bf9217713f0cecf086d2b7572114065be4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
agjsTXfvaQmzxsQwgr4gXcp0sJtxZa_6
content-encoding
gzip
via
1.1 varnish
date
Sun, 07 Jan 2024 17:46:08 GMT
x-amz-request-id
J4D75AMWGAM8YNZW
age
27051
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
46661
x-amz-id-2
j4PKIySLIvvL6TsO7nOhbM6+xw6mmBBSV20X5fpTqFPQiFkhVMTmwv391bwTMDeXaqcbSuGoQbU=
x-served-by
cache-fra-etou8220025-FRA
last-modified
Sun, 07 Jan 2024 10:14:55 GMT
server
AmazonS3
x-timer
S1704649569.975338,VS0,VE0
etag
"50cc58cc6ec146eb3704f25e0cda0785"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
2
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:57:14 GMT
x-content-type-options
nosniff
age
233334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Jan 2025 00:57:14 GMT
icon-generic-play.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/ 		1 KB
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/icon-generic-play.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.e747a4a877d9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.e747a4a877d9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:01:07 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014127
age
1633501
x-guploader-uploadid
ABPtcPpJ4Ua7KHUHpSmpkVoEZzEWR2KdbKzR3Za9d9HsuqRbm4apjXdd7ryr0tiE-rWCDf00uu4jHFz-JQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
501
last-modified
Tue, 19 Dec 2023 19:46:52 GMT
server
UploadServer
etag
W/"34ef0f992f9fa3f5a172353b887ba82c"
vary
Accept-Encoding
x-goog-generation
1703015212812511
x-goog-hash
crc32c=+OS2xg==, md5=NO8PmS+fo/WhcjU7iHuoLA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1091
accept-ranges
none
NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
fonts.gstatic.com/s/heebo/v22/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v22/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41fa01c782917e3f2c7ec4c60602f471ee628280908b71da13d4b127626ac85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 04:59:14 GMT
x-content-type-options
nosniff
age
478014
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11076
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 04:59:14 GMT
carousel-previous.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/ 		1 KB
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/carousel-previous.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.69d7190ec3c2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.69d7190ec3c2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:27 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014127
age
1633841
x-guploader-uploadid
ABPtcPpKrvPTfphRMlbdMJxYxvUOMlQQIu2wxptmbspOt5ITMasEXIQVm37mDbq-VS3PRtdxgXY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
519
last-modified
Tue, 19 Dec 2023 19:46:51 GMT
server
UploadServer
etag
W/"23fbd7cd311279a2b6eb68d8f6059047"
vary
Accept-Encoding
x-goog-generation
1703015211974405
x-goog-hash
crc32c=RxdKhw==, md5=I/vXzTESeaK262jY9gWQRw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1204
accept-ranges
none
carousel-next.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/ 		1 KB
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/carousel-next.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.69d7190ec3c2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.69d7190ec3c2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:27 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014127
age
1633841
x-guploader-uploadid
ABPtcPoVwABgWC0BKoS9v9_8KGeaaGXJxWcbdTI-ItkiGNBaB1tMrTa1HNVsddCytF2wEMjLdbM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
520
last-modified
Tue, 19 Dec 2023 19:46:51 GMT
server
UploadServer
etag
W/"735fdba5ead6fce3777e91bf3fee8dd6"
vary
Accept-Encoding
x-goog-generation
1703015211936704
x-goog-hash
crc32c=8FG2nQ==, md5=c1/bperW/ON3fpG/P+6N1g==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1204
accept-ranges
none
PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v10/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_xRfK9oXHga0XdZsg_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:17:21 GMT
x-content-type-options
nosniff
age
134927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18860
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:03:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Jan 2025 04:17:21 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 16:39:21 GMT
x-content-type-options
nosniff
age
176807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Jan 2025 16:39:21 GMT
icon-fire.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/ 		835 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/icon-fire.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.69d7190ec3c2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.69d7190ec3c2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:27 GMT
x-goog-meta-goog-reserved-file-mtime
1703014127
age
1633841
x-guploader-uploadid
ABPtcPrO7MJOm3UMy7YecF2q6pmGkIL6QMlI9OHGIMF7-FqLdKSZv6oj8uNl8R1hV0_h_swQAfE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
835
last-modified
Tue, 19 Dec 2023 19:46:52 GMT
server
UploadServer
etag
"9c6e99306a671d196d8945273b28bfe8"
x-goog-generation
1703015212683442
x-goog-hash
crc32c=0k5Zig==, md5=nG6ZMGpnHRltiUUnOyi/6A==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
835
accept-ranges
bytes
truncated
/ 		2 B
2 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
postmedia-image-fallback.webp
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/postmedia-image-fallback.webp
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 07:15:11 GMT
x-goog-meta-goog-reserved-file-mtime
1703014127
age
469857
x-guploader-uploadid
ABPtcPo8cJXfMg52CcvwBzpd7g40sCf7QySsCGyFI7QryBa29zvbh1--hzNDH8rHhqBK6RgpyFk3A8r4Mw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2934
last-modified
Tue, 19 Dec 2023 19:47:10 GMT
server
UploadServer
etag
"496f3aa3adffbf2280dd5f74fb6eef8f"
x-goog-generation
1703015230909151
x-goog-hash
crc32c=Qpf2ww==, md5=SW86o63/vyKA3V90+27vjw==
access-control-allow-origin
*
content-type
application/octet-stream
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2934
accept-ranges
bytes
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 		452 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30f25e81c256d0985a5bf21776bfae5456e07f49c400790a58b51cc29bc559e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ABPtcPoHOfahjRKQp-kN90tajXLj3dcJm1fsN-uYtOWr6QMM1wei7y46j-TVEnksIk2Z-9-CfI8_EjFRUQ2yp2w
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
114398
last-modified
Thu, 04 Jan 2024 17:07:06 GMT
server
cloudflare
etag
"ace30f4e21ce4b590eb964836c2bc18a"
vary
Accept-Encoding
x-goog-generation
1704388026061867
content-type
application/javascript
x-goog-hash
crc32c=p3rB7g==, md5=rOMPTiHOS1kOuWSDbCvBig==
cache-control
public, max-age=900
x-goog-stored-content-length
114398
accept-ranges
bytes
timing-allow-origin
*
cf-ray
841e04bedd893a3e-FRA
expires
Sun, 07 Jan 2024 18:01:09 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:50:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
3322
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140253
x-xss-protection
0
server
cafe
etag
11435206252018266965
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 06 Jan 2025 16:50:47 GMT
3528
config.aps.amazon-adsystem.com/configs/ 		532 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3528
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
79dee0042597950493e8956e9090ddc47c3decbfd1df6331349296d96ea51c0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:56:59 GMT
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2950
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
mMz8bKrUbg32XAt4nmQ4zbQQM2TdmeCRJcNFdU4tmx4JhNZgjo6LWA==
config
c.amazon-adsystem.com/cdn/prod/ 		353 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Ftorontosun.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-131.ams58.r.cloudfront.net
Software
Server /
Resource Hash
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 14:24:03 GMT
via
1.1 b6b3214c2f1500227643824508cb5d1c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P4
age
12126
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
353
x-amz-cf-id
pKViCr_N_Cd1t9g3RExccqx7tIDwx3tmgpGx5aMRHeFEINes3miWYw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-131.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 58fc6cf05625e5ee74a288151d13c370.cloudfront.net (CloudFront)
date
Sun, 07 Jan 2024 05:29:30 GMT
x-amz-cf-pop
AMS58-P4
age
44200
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
PlfeAstDJoPHYuhDfIXKTYHHzn-G-tYMKpBmB3YLQoKi51KRy_qevQ==
14648-pbjs-floors.json
ads.rubiconproject.com/floors/ 		81 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.120.249 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-120-249.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
39576b50491c1d4466297fb53cac1d3825020f8cfc147346f83e49f236513c4e

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
last-modified
Sun, 07 Jan 2024 16:40:37 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
6037
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240107
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
077671f0bc5400b5f2b45189bc7a26e1a99e27105a0c853d1317a4ace960d354
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6321
x-jsd-version
1.0.1928
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21970-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"633-qIaMD4iOq984RJI4wUAAup6Mx6I"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYq%2Bc7ypVxHgHgA0HYSIr0KaTqBhfzhM915igd%2FIa0um3WxFkZxkrweH5iaEQnChOpgNRt4WOcFxcSp21aPe5ysVdTxLN8wsPA5ExKVy0EILg5vkMAe7t60sRWNyBolLCJsBmPhZ46tOXFnswsM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
841e04bf5f021911-FRA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.78.67 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-78-67.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sun, 07 Jan 2024 18:01:09 GMT
impl.20240107-6-RELEASE.js
cdn.taboola.com/libtrc/ 		834 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20240107-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
783f11a48510281cda3f5e7e06921371f7934e946d09ee4cd221e97bef5aed01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
UIKm_FpZ1C7YhxGnM7BoHhXocoBDDaud
content-encoding
br
via
1.1 varnish
date
Sun, 07 Jan 2024 17:46:09 GMT
x-amz-request-id
5KA5711MDCEGARAD
age
27831
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
176681
x-amz-id-2
LrDJ+p0ZKilpWMc13XlSUE7L46j48vdQ7OR0uPqSJ19W349AqJssI1F/kGS8gp1iKQf2oDPtqiI=
x-served-by
cache-fra-etou8220025-FRA
last-modified
Sun, 07 Jan 2024 09:54:15 GMT
server
AmazonS3-br
x-timer
S1704649569.135850,VS0,VE2
etag
"0935331cc2962b97bff5f89129ec194b"
vary
Accept-Encoding
content-type
application/javascript
abp
88
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
60395
GettyImages-1448201880-scaled-e1704251611947.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/GettyImages-1448201880-scaled-e1704251611947.jpg?quality=90&strip=all&w=344&type=webp&sig=KVGS0ZxU5XBd3b2Gf51zeQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
81d37f2841ffcf1356c3309e1472dab8f57ebcbc702cee7cb6944a28af23d360

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 16:38:31 GMT
via
1.1 google
server
nginx/1.18.0
age
4058
etag
"c78fab083bae788f537052267bbdeb9877c7d384"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqpqq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20194
madi-cheerleading-new.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/11/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/11/madi-cheerleading-new.jpg?quality=90&strip=all&w=344&type=webp&sig=xtZ49oMVD_ScMf-nWdYk1A
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
0ee9d3d1e26fe536ae500fb2e92c456951195abc7b4e0ef6a4d3917d7431c324

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 16:30:56 GMT
via
1.1 google
server
nginx/1.18.0
age
4513
etag
"3adf0cb427ad58e1188017e39680456542b1c8ec"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-gsq48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17444
bill-murray-and-cindy-morgan-in-caddyshack.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/bill-murray-and-cindy-morgan-in-caddyshack.jpg?quality=90&strip=all&w=344&type=webp&sig=RuhfplMqRamC8S04htHaBw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
240a94e8963ff253faa42480af807282fa3e24041c4e5b498ceb92af8aa224b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 15:02:07 GMT
via
1.1 google
server
nginx/1.18.0
age
9842
etag
"68db8bbfa27bd1c33f01ef0423b35730582483f0"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-phphk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24970
GettyImages-1436112450-scaled-e1703563400364.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/GettyImages-1436112450-scaled-e1703563400364.jpg?quality=90&strip=all&w=344&type=webp&sig=x05lzAd7dncPWOFe1OlVYA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
f09cd15104f52c2c2f69e135a4128c75a6ad1f82ae3474e71ed606031b5d1747

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 13:00:07 GMT
via
1.1 google
server
nginx/1.18.0
age
17162
etag
"a0d7505f7cb0b6c35c3e7a87489c26ffdd07af9b"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-vj775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18150
canadian-airlines-737max-20240106.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/canadian-airlines-737max-20240106.jpg?quality=90&strip=all&w=344&type=webp&sig=iyMr_U1e2mWnwtg7sRCU8A
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
40ed3b89fade638800c03f78ff73bfea631b35464612ed1797cf0e4100d44f47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 11:16:23 GMT
via
1.1 google
server
nginx/1.18.0
age
23386
etag
"b873bed670520a06b2d2ba4f4302e02b3d3ec81a"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-lmdvm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15558
GettyImages-1473033299-scaled-e1704581431174.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/GettyImages-1473033299-scaled-e1704581431174.jpg?quality=90&strip=all&w=344&type=webp&sig=9zNI2LWkOq-k6uz3uy4w7g
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
0468c4e3b016f8411ce8a2ace79d1451fba8918ff880c845d9285b195f3a3a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 13:09:36 GMT
via
1.1 google
server
nginx/1.18.0
age
16593
etag
"b5f44535df55992224da924e71dad5113180b89f"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqfvf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27998
cops-coffee-2-e1704580745703.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/cops-coffee-2-e1704580745703.jpg?quality=90&strip=all&w=344&type=webp&sig=upWhJtfRUPQmeOEIX_xcCg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
74fbbbf2aa385ab6d6cc1229c7e1d152591415ef1ee2eea6e6dc39bbbe19cb2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sat, 06 Jan 2024 23:21:08 GMT
via
1.1 google
server
nginx/1.18.0
age
66301
etag
"4a5cbb15c611e1032214dfdc2c2c4de092e3b137"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-lmdvm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16652
barack-obama-1-scaled-e1704566540591.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/barack-obama-1-scaled-e1704566540591.jpg?quality=90&strip=all&w=344&type=webp&sig=QJWKY8Y-nXJm-jEQgbs4ZQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
243fd6a3524758d0723c4287271fd1b787c09bb0fffba8112d2bd21515aed220

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 06:27:11 GMT
via
1.1 google
server
nginx/1.18.0
age
40738
etag
"694ccdafb7f7d7e17804c3161e02a499b3efe570"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqfvf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17746
SSG-Jennifer-11.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/SSG-Jennifer-11.jpg?quality=90&strip=all&w=344&type=webp&sig=8CSVKa80lHxR_peMIMkVFw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
d20ad0d0e363419eec45e55142397c8746b7d01ef9bc3415d83bb29ed4fb97c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 07:10:09 GMT
via
1.1 google
server
nginx/1.18.0
age
38160
etag
"e858dd93e69ffb18c2fe61b5c64395d0b49beb3b"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqpqq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14306
GettyImages-1254842202.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2020/11/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2020/11/GettyImages-1254842202.jpg?quality=90&strip=all&w=344&type=webp&sig=hWw9GGX7d67EZpXaZDYbRA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
3bdd66f75a3e158453a1841639637ab7385e2a39ff16d356925d1c6b3e52f6b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sat, 06 Jan 2024 06:21:55 GMT
via
1.1 google
server
nginx/1.18.0
age
127454
etag
"cd7c331eb12a8ff3f350a2c48d6afd40059c9f98"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8x5fd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9646
pharmacare-scaled-e1704565085979.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/pharmacare-scaled-e1704565085979.jpg?quality=90&strip=all&w=344&type=webp&sig=-pQAuk2nb7Q3w3LB8AKECA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
fde521b2a0c55580b3b983f97264e62b2083a73c8446dfefca83918df9d9eccb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 06:27:12 GMT
via
1.1 google
server
nginx/1.18.0
age
40737
etag
"7d5860efb44e3d31260fc39495d6551db661b952"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-gsq48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36906
chretien-2-e1704488877788.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/chretien-2-e1704488877788.jpg?quality=90&strip=all&w=344&type=webp&sig=8QgVKUJwUJiKqrZE2ptlpA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
c4ed9c2591e47bb6e22ecb0d9c7cd3d3e0b4107732eb8b5f68e20a105926041e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sat, 06 Jan 2024 18:19:45 GMT
via
1.1 google
server
nginx/1.18.0
age
84384
etag
"89c909d64eb415f134f3111de034f0df353fd16f"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-lmdvm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12470
GettyImages-1019902904-scaled-e1693951080833.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/09/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/09/GettyImages-1019902904-scaled-e1693951080833.jpg?quality=90&strip=all&w=344&type=webp&sig=9yrvv_T0C0tsvuqwaKU3Iw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
b762acd0cc3802c938c9a920b0b35b4a9a0ae2fbb9c1e36c91502ef7e528b140

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 06:27:11 GMT
via
1.1 google
server
nginx/1.18.0
age
40738
etag
"4e07a77d68d9943182840615905c4bb854dd3d80"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-gsq48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14822
CP169573194-scaled-e1704492878999.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/CP169573194-scaled-e1704492878999.jpg?quality=90&strip=all&w=344&type=webp&sig=2tQa8rpiZNv-c9ym161gDA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
bd39593f9afc1ab0ca328b598749ac07519f1149bc927aa11fdbab74642aa385

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 15:55:01 GMT
via
1.1 google
server
nginx/1.18.0
age
6668
etag
"814c334d309b75b6eb77beec4fa73448e685c97b"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-fzfc8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9814
HKN-Blackhawks-Bedard-20240105-scaled-e1704558280696.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/HKN-Blackhawks-Bedard-20240105-scaled-e1704558280696.jpg?quality=90&strip=all&w=344&type=webp&sig=KcfzU4Nh1GVw69djrQ13PA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
d888ae142a1fca03048d564a5a25bc6dfa3c476a3e8eb3881c2cad30b0d0d47b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sat, 06 Jan 2024 17:48:12 GMT
via
1.1 google
server
nginx/1.18.0
age
86277
etag
"f3da7eebcd5f82fe228bb8d9f9898d4dc3209567"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqfvf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29308
Quickley-scaled-e1704592027883.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/Quickley-scaled-e1704592027883.jpg?quality=90&strip=all&w=344&type=webp&sig=B34uzmwoyS0NTa0hUPUrBA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
6c7a97d4d28ef3df02367d346062cfc9a2b5fc22d1de543ede462d44674211af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 04:02:26 GMT
via
1.1 google
server
nginx/1.18.0
age
49423
etag
"375a91e794409100b3939598b42fa0ddf32999e6"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-phphk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34082
Raptors-Kings-Basketball-scaled-e1704583035103.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/Raptors-Kings-Basketball-scaled-e1704583035103.jpg?quality=90&strip=all&w=344&type=webp&sig=UvAEQiN7Vy8mjxQJB8BCGA
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
68141a1ebb552cbf8e2a8f333192331f70b0e7451e866c6d7b828049f5756fca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 06:27:11 GMT
via
1.1 google
server
nginx/1.18.0
age
40738
etag
"852c4ef1867b12e01fb86aa1b6a7d6d102017a02"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-gsq48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21614
hkw-u18-canada-germany-20240106.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/hkw-u18-canada-germany-20240106.jpg?quality=90&strip=all&w=344&type=webp&sig=8pfeXB09hd4xR2hwk2M5Ag
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
d66c26faa046cff3733995b1a3646e6ed936248ef52a9e9a819fb747c75dc7f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 06:27:11 GMT
via
1.1 google
server
nginx/1.18.0
age
40738
etag
"882930f502ec3a8e4b0be1e22982a597f8c275be"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqpqq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31586
Valerie-Grenier-scaled-e1704559429865.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/Valerie-Grenier-scaled-e1704559429865.jpg?quality=90&strip=all&w=344&type=webp&sig=Y1KGbFIwySjvDkvgbMHbVw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a47944586aae7d0f36bb4f7c3deb4784dbe65914fd21ee04b5dc4e8f45465b61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sat, 06 Jan 2024 17:28:16 GMT
via
1.1 google
server
nginx/1.18.0
age
87473
etag
"5c10078b6b75e71deacaa541359829c49788671e"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-lmdvm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24232
GHR-101-03310_R-scaled.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/GHR-101-03310_R-scaled.jpg?quality=90&strip=all&w=344&type=webp&sig=I3itqE-FVMXn1lxNiD_Epw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
c7433c4eafae019bff16f2f127b9ce6a65022f7d4d96c593128cd5d0249a9ad5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 16:47:08 GMT
via
1.1 google
server
nginx/1.18.0
age
3541
etag
"404d828bb7d03a26dd618f41333cc082185c7b8e"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-phphk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22392
paul-michael-glaser-and-david-soul.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/paul-michael-glaser-and-david-soul.jpg?quality=90&strip=all&w=344&type=webp&sig=DeBsmXHOVEyRm2g0qDOh-Q
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
0f50ec24e42af5b70fb903e28d3965f55ccce70a94aa1070d42fb5614d14e335

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sat, 06 Jan 2024 17:16:19 GMT
via
1.1 google
server
nginx/1.18.0
age
88190
etag
"306a8e23b6a8a71d00cf1f44181dc4bd4737e867"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-gsq48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29768
jodie-foster.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/jodie-foster.jpg?quality=90&strip=all&w=344&type=webp&sig=cmhncuGitw4ergk5qLY7Zg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
7dbd0801af33c777e8154fd40dc58f3b22f0da738c83fae8bb9b0aa6fbdd7d6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 06:12:25 GMT
via
1.1 google
server
nginx/1.18.0
age
41624
etag
"28609748a7f2047f8280c028fd1356481465b40f"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8x5fd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17688
Kurt-Russell-Wyatt-Russell-AP.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/Kurt-Russell-Wyatt-Russell-AP.jpg?quality=90&strip=all&w=344&type=webp&sig=qFTCb4hc4pjRW67RAHpHLQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
3fdab3da391ae1e43d38ff3be5356721fb06390f89a2a7d979441dee9a342175

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sat, 06 Jan 2024 15:07:32 GMT
via
1.1 google
server
nginx/1.18.0
age
95917
etag
"0904fbc5e34f31cf52e8729abcbf7469bd5146d4"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqfvf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16834
688006328-e1704508140891.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/688006328-e1704508140891.jpg?quality=90&strip=all&w=344&type=webp&sig=zb0wF1EvjKddnmGD2AvnVg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
9a09ba8fc535e7475bb4f72b1772f3332673d3e325ea45c476ba75807733595c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sat, 06 Jan 2024 04:23:28 GMT
via
1.1 google
server
nginx/1.18.0
age
134561
etag
"2e4176ba9ae4c3ba29f3bb19909c60edb8abe9cb"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqpqq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23972
GettyImages-1428087311-scaled-e1703562686682.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/GettyImages-1428087311-scaled-e1703562686682.jpg?quality=90&strip=all&w=344&type=webp&sig=lAgj8WaNaSAi6VCU_8n_4g
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
014666951f946bebacac117b840e817dfbf9cb4ae226f850e69178b552c6e36a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 06:27:11 GMT
via
1.1 google
server
nginx/1.18.0
age
40738
etag
"e13098a5824e8b0171a5ba2c509db08edc23e1d4"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-lmdvm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15122
kidney-stone.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/kidney-stone.jpg?quality=90&strip=all&w=344&type=webp&sig=UFgA0bNmq-V_zfuTOT-C4Q
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
3ab4fe56d9606eb6a9ac28512fcc7949671c49f18b06f935f3a07033a5ee3150

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sat, 06 Jan 2024 09:34:44 GMT
via
1.1 google
server
nginx/1.18.0
age
115885
etag
"b303d2dae704b5eb817dc6ce74ca70fbec804747"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25216
GettyImages-1338508553-scaled-e1704485823835.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/GettyImages-1338508553-scaled-e1704485823835.jpg?quality=90&strip=all&w=344&type=webp&sig=PESH43F9e0VRM8ynhcHiBQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
d74de7afa55050f7ccedbfdfa60a37600d3488f41ca87e321d868a12c0b3382d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sat, 06 Jan 2024 09:02:10 GMT
via
1.1 google
server
nginx/1.18.0
age
117839
etag
"3cad0b8b913e316f9617ca1c018fbb30f20964f7"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8978
GettyImages-1380545212-scaled-e1703561886868.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/12/GettyImages-1380545212-scaled-e1703561886868.jpg?quality=90&strip=all&w=344&type=webp&sig=j41J2hhdObyL-BOnpYpOsw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
797ff45d3aa1cc7ed301909e2676262abf508bc17809bc07ac74060ef68d5414

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 05 Jan 2024 14:02:39 GMT
via
1.1 google
server
nginx/1.18.0
age
186210
etag
"273c27453fa0579ccef103d350de829beb8424ec"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-fzfc8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18746
1329341791-scaled.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/08/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/08/1329341791-scaled.jpg?quality=90&strip=all&w=344&type=webp&sig=yK6arm7JB2j1eEBtDZdlJw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
8d2ab81ae1f79d2906962a55f5ed982ac440dca9f4d5962b74266ce455cea056

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Thu, 04 Jan 2024 21:38:05 GMT
via
1.1 google
server
nginx/1.18.0
age
245284
etag
"c6a7223aeee0265df6fe0ed8bc24136ae4453f31"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8x5fd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18274
GettyImages-532336324.jpeg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2024/01/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2024/01/GettyImages-532336324.jpeg?quality=90&strip=all&w=344&type=webp&sig=Yf_rIy5lx9qDnOgK1-Am3A
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
bf7f2838237afa7f02b6f11e1e54a5b5152716a98774e943827c9f471d02fce1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Fri, 05 Jan 2024 13:42:56 GMT
via
1.1 google
server
nginx/1.18.0
age
187393
etag
"84119cd173308c2e65e056d532bd6a12247959fc"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqfvf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11102
thumbnail_Nico_Boffa_hiking.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2024/01/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2024/01/thumbnail_Nico_Boffa_hiking.jpg?quality=90&strip=all&w=344&type=webp&sig=LaN0WWd0S1hwcePdJ5-zMw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a9bf7f2723e18afc4138339a53911e904db2134acd2ff30248a602b34075f9be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 04 Jan 2024 16:32:57 GMT
via
1.1 google
server
nginx/1.18.0
age
263592
etag
"f323b7632601170c5e9ecafeeba10a0d3b7822f6"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-fzfc8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35406
GettyImages-825493738-e1704223751245.jpeg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2024/01/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2024/01/GettyImages-825493738-e1704223751245.jpeg?quality=90&strip=all&w=344&type=webp&sig=BmfN_VKfaRLlR4NcqMm-qw
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
f1ea662ff8a17468145fce678c229ab39c807837b071625ce1030808aff915d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 04 Jan 2024 16:30:22 GMT
via
1.1 google
server
nginx/1.18.0
age
263747
etag
"f3fee593f9692228742a4488d2b2196c50e23e3a"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqpqq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5808
GettyImages-1607257714.jpeg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/GettyImages-1607257714.jpeg?quality=90&strip=all&w=344&type=webp&sig=JI5iNsdR35mCxWaWCEPyzQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
7dbd490a87f35e448cf285f6c7da7e8328d07049f8d08b6a050d97e34e5d8de5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Sun, 31 Dec 2023 22:19:54 GMT
via
1.1 google
server
nginx/1.18.0
age
588375
etag
"556f4a14dd50fa3fd115d58c0c0a81beee221a9e"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-vj775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8904
GettyImages-1140175428.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/GettyImages-1140175428.jpg?quality=90&strip=all&w=344&type=webp&sig=W7upyJMhLRuo2ydHwN8o1A
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
cba806a539356b2e893a8ff5ebeaeff4564eb99646c88d9c680f6373f221bb2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 04 Jan 2024 18:14:02 GMT
via
1.1 google
server
nginx/1.18.0
age
257527
etag
"3e1e7798d5e54a653b01c35d3fca0e2b8691834f"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-fzfc8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4768
2024-Toyota-GR86-10.jpg
smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2024/01/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2024/01/2024-Toyota-GR86-10.jpg?quality=90&strip=all&w=344&type=webp&sig=vUnm2IQAfm7-iff4KccoMQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
2264a47c142662847172ff157d15c920fd0896e2fbd7b9b10b341f3641d2afb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
driving
date
Fri, 05 Jan 2024 19:41:49 GMT
via
1.1 google
server
nginx/1.18.0
age
165860
etag
"9b909480305d9d0f378f35afc9d599c420db2eed"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-gsq48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9938
2586_2011_Sorento.jpg
smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2024/01/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2024/01/2586_2011_Sorento.jpg?quality=90&strip=all&w=344&type=webp&sig=TsB23Heq-pIn_6fq2fWmSg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
385a051b07e00b731b5ee93df0ada3f76eec9420130d044174fd47f8a7541110

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
driving
date
Fri, 05 Jan 2024 16:33:18 GMT
via
1.1 google
server
nginx/1.18.0
age
177171
etag
"349e9a2563264a5e71d15acd99c15aadb5006b29"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-lmdvm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20358
GR-Sienna-1-e1704471174312.png
smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2024/01/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2024/01/GR-Sienna-1-e1704471174312.png?quality=90&strip=all&w=344&type=webp&sig=z5d5faXl2JDyoeTbcuvdNg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
b57052b064a6778aa693bda164f8fe253440d6dc9fe6a513218ab5ef3774e051

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
driving
date
Fri, 05 Jan 2024 16:16:50 GMT
via
1.1 google
server
nginx/1.18.0
age
178159
etag
"efa4ed657239a51b8ac423de5175a2e641ec1be8"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqpqq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12264
2022-Ford-F-150-Tremor-Justin-Pritchard-6.jpeg
smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2022/07/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2022/07/2022-Ford-F-150-Tremor-Justin-Pritchard-6.jpeg?quality=90&strip=all&w=344&type=webp&sig=k-zd64VKi-98xzSzeiC2pg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
70bf3d5b5f237c256e6b83d5f3dd5937c270ed5350f428daf753c704a7691af9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
driving
date
Fri, 05 Jan 2024 11:22:46 GMT
via
1.1 google
server
nginx/1.18.0
age
195803
etag
"632952de99ed2bf2357842849e64ff99a7d092aa"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18088
029A0223-copy.jpg
smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2023/07/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2023/07/029A0223-copy.jpg?quality=90&strip=all&w=344&type=webp&sig=uVUDh22LErOg5ND1vlA-oQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
10bab8fa8b44619c030dfc898a90c7fecd3cfff62ae2a38088f8251fa2d8ae00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
driving
date
Thu, 04 Jan 2024 21:02:41 GMT
via
1.1 google
server
nginx/1.18.0
age
247408
etag
"66a27b0c15cae780d84d009ed09d0193a685bfa4"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30142
SSG-RuthAnn-14.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/SSG-RuthAnn-14.jpg?quality=90&strip=all&w=344&type=webp&sig=Th7hOqCM6aNWeEgaCLkJ7w
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
5f8bd782654b41d086ecd1d4fd95efce3183a630d3b200cfcc5a9fce2a3d86a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sun, 07 Jan 2024 07:10:10 GMT
via
1.1 google
server
nginx/1.18.0
age
38159
etag
"9a1e77e653841224373719567a3d16adbda06854"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqpqq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18954
SSG-Jessica.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/SSG-Jessica.jpg?quality=90&strip=all&w=344&type=webp&sig=giGI-TdbQ2YsOzS_NZ1J4A
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
e7906e8c3743a3fa8785c59d8f87aa4201b702757ce9f8c1e962c80efcd29968

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sat, 06 Jan 2024 07:11:26 GMT
via
1.1 google
server
nginx/1.18.0
age
124483
etag
"076b66dca87ce44285581a65cf251964f9d8910a"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8324
TS20180124VH16512.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/TS20180124VH16512.jpg?quality=90&strip=all&w=344&type=webp&sig=OQ-8uHxRLMO0mPcIRo3RAQ
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
cda05a6f8a818c3c3a3d67c87e462c6ac982645f149aa755035ae1ea33c5655a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sat, 06 Jan 2024 09:06:55 GMT
via
1.1 google
server
nginx/1.18.0
age
117554
etag
"3e1af263050f841e62e3a219b71713844136ae60"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8cwvh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10264
32706f37b53a9a036ef932.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/32706f37b53a9a036ef932.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3110eaa86beb20727aa97ee97ce3de0cf5d2da465ad31a28cf69cfbd797dd009

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:31 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
1633718
x-guploader-uploadid
ABPtcPoprgJv-lhKqJ6q8g5QTwXvsVFcEBujlQP9XHKjFHVBFpJpUO_-1NH4bqAVv7GTadYigfQdEC3iCw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2267
last-modified
Tue, 19 Dec 2023 19:47:16 GMT
server
UploadServer
etag
W/"97ee4f19464be4991db5a66eedd20b7b"
vary
Accept-Encoding
x-goog-generation
1703015236794885
x-goog-hash
crc32c=7aqNJw==, md5=l+5PGUZL5JkdtaZu7dILew==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
8968
accept-ranges
none
688c080cafcfa4457b823.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/688c080cafcfa4457b823.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f8859622b014c35916f294efc76fdb684a5681149809636416851b765d4eaf39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1633849
x-guploader-uploadid
ABPtcPo2iOj4WpPOnP4PjLZANMIFmCwxJsVL7Miw1PXAK1g5zLsfhrwhWvzW4_6dt3oIu7LicX5K4W-oOQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3749
last-modified
Tue, 19 Dec 2023 19:47:18 GMT
server
UploadServer
etag
W/"732fda2c30c3393b58bf994c348513e9"
vary
Accept-Encoding
x-goog-generation
1703015238971652
x-goog-hash
crc32c=Vq7U3Q==, md5=cy/aLDDDOTtYv5lMNIUT6Q==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11752
accept-ranges
none
f8ea7554630384877a2617.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/f8ea7554630384877a2617.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1185218883cb5ec765c3292aaaccf15869b99c089b1c938266134666608a6ba1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
1633849
x-guploader-uploadid
ABPtcPqg2XaeZq1io9MhusC0L03UKWdjOL-qyNyGI0QasJq-7JtDZn7tSdeo1a5cdcUaOlEQyzo9goxWxg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4454
last-modified
Tue, 19 Dec 2023 19:47:20 GMT
server
UploadServer
etag
W/"63ac658e3632ca1e5a0f6645b4912a38"
vary
Accept-Encoding
x-goog-generation
1703015240772266
x-goog-hash
crc32c=Q2a+sw==, md5=Y6xljjYyyh5aD2ZFtJEqOA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
14083
accept-ranges
none
7380f428297495c9787e0.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/7380f428297495c9787e0.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1633849
x-guploader-uploadid
ABPtcPpd3ab4EkBPPJIGU3NRkPh2rUaJKvtql21bNswPltQHsUX7guErqiN8dmxCsyc2OTDQ4yvISmRvHQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2829
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
W/"16a345a6eb36c4391df09d45582d99e7"
vary
Accept-Encoding
x-goog-generation
1703015239108648
x-goog-hash
crc32c=eCv7Ug==, md5=FqNFpus2xDkd8J1FWC2Z5w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6981
accept-ranges
none
836d4e0fd22a7dc68a052.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/836d4e0fd22a7dc68a052.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
102879bcdf1bb8d7079cbf09cd33581139013f7a0b109c64fd2a8f9511f3cbf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:33 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
1633716
x-guploader-uploadid
ABPtcPrfCIKBmi__OnzD8myBXUGlKROk9y3-FffnSw-kLzbDI6wNVWSWXAX6jF1iYR890JkTtgZNiFwR0g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11016
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
W/"40601ecfe330a5efc9af7222edd73d39"
vary
Accept-Encoding
x-goog-generation
1703015239470643
x-goog-hash
crc32c=1HdvsQ==, md5=QGAez+Mwpe/Jr3Ii7dc9OQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
35648
accept-ranges
none
6a86c658a5e7c0d0e7db5.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/6a86c658a5e7c0d0e7db5.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6be53e044a8e84e3c66d8eb5d2f359feba5b32c072ef3456830f32acedb163a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:04:17 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1633312
x-guploader-uploadid
ABPtcPqsKNd5UFvtW2sj9eeIY6rEoYfQMsufk_FMq4iXVT-BARGMARBMeU9KDM6SYHIGmDucD18MpBTLDw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3497
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
W/"58c394221ccae33c2c42f73f3470f6f5"
vary
Accept-Encoding
x-goog-generation
1703015239045531
x-goog-hash
crc32c=hNkDkQ==, md5=WMOUIhzK4zwsQvc/NHD29Q==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
10705
accept-ranges
none
990b9e18d9293f53494350.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		224 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/990b9e18d9293f53494350.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3f16a99683ec813507fab742f11167db01a3c2ced3fdaa6f1ea859d2f9f4fe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:04:17 GMT
x-goog-meta-goog-reserved-file-mtime
1703014124
age
1633312
x-guploader-uploadid
ABPtcPoXM7ADVBTJ2bsXHgapBOM94DhQ9dRzIl1FMpuDUz-oS7iMeQlY2xlaaFPCgPjk1Dy6mmvgyr6jMA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
"f2717194027d340cf5c65feefc7ab9b0"
x-goog-generation
1703015239620849
x-goog-hash
crc32c=YHGd/A==, md5=8nFxlAJ9NAz1xl/u/Hq5sA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
224
accept-ranges
bytes
1ef368c136434f274a3128.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/1ef368c136434f274a3128.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c2a7c80301032f20f90d00a75cef91a4af5a7fa04651eaac3281f66466c8e8dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:04:17 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1633312
x-guploader-uploadid
ABPtcPrlElsr86cxRe4Vqr-o2agz5tzlu3xd4IwEMWNBnGPpQbvy5Lctol553brkHhcM4VkJX86-ztNQ_A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3672
last-modified
Tue, 19 Dec 2023 19:47:15 GMT
server
UploadServer
etag
W/"811b1520f4ab50634eefe75c81fe95b2"
vary
Accept-Encoding
x-goog-generation
1703015235676437
x-goog-hash
crc32c=+Tp0ug==, md5=gRsVIPSrUGNO7+dcgf6Vsg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11527
accept-ranges
none
cf5d329b7f5a70d26c0a18.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		750 B
784 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/cf5d329b7f5a70d26c0a18.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0bc0805d442ae7ead864b82381c168035e8d70535e6f6acea31f4f1caf65ae58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:04:17 GMT
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1633312
x-guploader-uploadid
ABPtcPo2T82ffhfL_BcHP-jzGDFKH3CpK_SFbm37uzeQEIjMGYQvP5sc5yQ2QaO_eOokP5bq6UrJEmNNzw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
750
last-modified
Tue, 19 Dec 2023 19:47:20 GMT
server
UploadServer
etag
"95321bd12efb680204d12be98f3d7ba4"
x-goog-generation
1703015240256252
x-goog-hash
crc32c=WLxsPQ==, md5=lTIb0S77aAIE0Svpjz17pA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
750
accept-ranges
bytes
286b462e1048adda4f6f36.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/286b462e1048adda4f6f36.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
77f014b24f1d51b9e8feb12df701a957c14c0be286d6c914975afd019d15a79a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:29 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1633840
x-guploader-uploadid
ABPtcPo93MG_niYGf5VV9TRx9Lbyc5-q4n61CnMOXqOF8bqewWudbdJguZvfmktSEzP5e6ABwF6xP987xQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1072
last-modified
Tue, 19 Dec 2023 19:47:16 GMT
server
UploadServer
etag
W/"3d636269883d1e0a8bcb405d83e6136d"
vary
Accept-Encoding
x-goog-generation
1703015236440261
x-goog-hash
crc32c=MY5NLg==, md5=PWNiaYg9HgqLy0Bdg+YTbQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2461
accept-ranges
none
cb72fc449da58641945238.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/cb72fc449da58641945238.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5d410b4aea9f38a035bdc4323315891f9e798d297e3e3db8d000f6e63f54cb51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:04:18 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
1633311
x-guploader-uploadid
ABPtcPoyuSWsRBW2x817t9e6xHBvWHXBvU-47TV4gEQLbYuteHyJfoij1vmTWkgSQziprvqK_qmOTfuKvA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2981
last-modified
Tue, 19 Dec 2023 19:47:20 GMT
server
UploadServer
etag
W/"48956c4b87ff7d0af1cbae347e1d78eb"
vary
Accept-Encoding
x-goog-generation
1703015240228053
x-goog-hash
crc32c=zWYpSg==, md5=SJVsS4f/fQrxy640fh146w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
10050
accept-ranges
none
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1704649569207&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Ftorontosun.com%2F&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c9=
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
P0Q-9aRi2_FjHwciYCzdNykUKMURCb8FgfLHXYQZ1Vla-fakma5YDg==
x-cache
Miss from cloudfront
4f4d1628a8065ccff16624.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/4f4d1628a8065ccff16624.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
43a42702c59bc37d11cb776ffd904de25fe945c6028ef290dabfd0e977a88366

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1633849
x-guploader-uploadid
ABPtcPqda23I98f5cofe0nSda56RcL7AGJ-y9G6VshCW2CCxa3uLDu8OH5MyZ-bDdjLGf-by63eGCVigsg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2093
last-modified
Tue, 19 Dec 2023 19:47:18 GMT
server
UploadServer
etag
W/"c6326d88acc6beb06cf9db5fffaee6c6"
vary
Accept-Encoding
x-goog-generation
1703015238307588
x-goog-hash
crc32c=hqW8ug==, md5=xjJtiKzGvrBs+dtf/67mxg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6047
accept-ranges
none
4c053bd7593db896d5bd4.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/4c053bd7593db896d5bd4.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
87b85c256b170188318d0d8c695f43153651f18ee7a4788101b65da65ae0b85d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
1633849
x-guploader-uploadid
ABPtcPrhR49xG5AQP-I787WR1kL3SOnQ-WxCai1kDI8pXw8ugotIOMcj_Yl7S6_lvCcuyacK6E5Fyje3Uw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4388
last-modified
Tue, 19 Dec 2023 19:47:18 GMT
server
UploadServer
etag
W/"7483c234c6571a1ccf1dad53c7ccc622"
vary
Accept-Encoding
x-goog-generation
1703015238079242
x-goog-hash
crc32c=cT/cag==, md5=dIPCNMZXGhzPHa1Tx8zGIg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
15526
accept-ranges
none
a22185a71907d8927c8537.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		224 B
266 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/a22185a71907d8927c8537.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e6214b2559f67192d41d07d928357497936f068d2953d63646bbfe104b1d68c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:20 GMT
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1633849
x-guploader-uploadid
ABPtcPqz8XqEb8MaDqnZKQPGaKoDm8tcIRTASYjC3q4CR3RUJbxKekshvGpEcB93U3L-0e-9P6_16lauPQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
"4ee0e989a064cf6630bf9ebee4879191"
x-goog-generation
1703015239741862
x-goog-hash
crc32c=jUJANA==, md5=TuDpiaBkz2Ywv56+5IeRkQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
224
accept-ranges
bytes
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 		46 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e7d3c18772620716a3d8ecb1f3b56eee78de7069979167daa1715c9f46c219d3

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:09 GMT
an-x-request-uuid
ed39d87a-0f8e-422f-bfcb-98bd81b54d78
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://torontosun.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.106; 80.255.7.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
6d5fd274-fafe-4fe4-a793-48f992cf4a9a
https://torontosun.com/ 		159 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://torontosun.com/6d5fd274-fafe-4fe4-a793-48f992cf4a9a
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d09cb7ee7ca0b5197e35281a401882b36f2be6a08dc219adcad051d3111b1fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
163076
Content-Type
4af91b19-02a1-4e5a-a3b3-23a13005d41e
https://torontosun.com/ 		159 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://torontosun.com/4af91b19-02a1-4e5a-a3b3-23a13005d41e
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d09cb7ee7ca0b5197e35281a401882b36f2be6a08dc219adcad051d3111b1fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
163076
Content-Type
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240107-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:08 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
366796
expires
60
json
trc.taboola.com/postmedia-torontosun/trc/3/ 		35 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/postmedia-torontosun/trc/3/json?tim=18%3A46%3A09.335&lti=deflated&data=%7B%22id%22%3A428%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1704622493582%2C%22vi%22%3A1704649569331%2C%22cv%22%3A%2220240107-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftorontosun.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Ftorontosun.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8068%2C%22nsid%22%3A%22postmedia1-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dpostmedia1-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A7690.21875%2C%22mw%22%3A628.5%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dthumbnails-a%3Apub%3Dpostmedia1-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240107-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
261acc88c18ab354c282b379daa39e3365044f94c6f26223faa7bb040c59673a

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
432
date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.6802083333333333
x-fastly-to-nlb-rtt
7516
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-fra-etou8220025-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1704649569.364552,VS0,VE432
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
player-event
events.qortex.ai/api/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/bootstrapper?group-id=QiUOkGRFYUWNdgFd8CThQ&video-container=.jw-wrapper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOayZXCNxpJilyt8f6HS3R2NK9DlN%2Fz%2BUDGxdpYy3nA%2BlmOJA8ZjxfkRf2bpLyUFfZ1Auxg17nMBZ8jmQ4PXzVcTNMrE4Q2Hx6j67FfJjc3rw4YX5zjJHy9MOs7TEJVJN0LIx0dA99x%2BQoKCRow%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
841e04c13ede37f1-FRA
content-length
0
cx-bootstrapper-init
tags.catapultx.com/cxo/ 		49 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/cx-bootstrapper-init
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/bootstrapper?group-id=QiUOkGRFYUWNdgFd8CThQ&video-container=.jw-wrapper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ba7e0e72735ea304bac8a43e87c2da1b7ee2d6705e8548a2fde134beb08d7b48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
92
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RzZSkayLMHOiTdAYIikTYO7KRLUn1nvxnumWGvCMsrjuCrDgj3hEFiiHz93WEAvy3plDqhzw2wzZ6Itx96OjziHQ6FidzO05tHDVKx1Grx4ZugSxas6VFmsIml8j%2BH%2FSCJJmVV0ANY31bzwhgi75FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
841e04c09cce9bc2-FRA
init-3392tkd9ir9ggbv3f0mu.js
api.fouanalytics.com/api/ 		0
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.fouanalytics.com/api/init-3392tkd9ir9ggbv3f0mu.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/bootstrapper?group-id=QiUOkGRFYUWNdgFd8CThQ&video-container=.jw-wrapper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c926 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INoq0rz6e87VyGfnuX%2FJS3mu2M1UI8cZTkfC%2BDAeFGmaG9u5D3Ok5mCWy0eod%2FHEPnOCMU7mw4aon%2BLBwWoAWTr9yY9dORvzug3amlagx%2FQH%2FDKkxvBpAvMB8LIdNRiDKDP4hccJf8p2sc8Yah0NpDISlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
841e04c13bcc4266-AMS
alt-svc
h3=":443"; ma=86400
expires
0
noscript-3392tkd9ir9ggbv3f0mu.gif
api.fouanalytics.com/api/ 		0
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.fouanalytics.com/api/noscript-3392tkd9ir9ggbv3f0mu.gif
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c926 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pC7CuLa5QJuoYPBHDtXodZhh%2B0xEgTcuOXEuQ3xybDZGzfJvsgGzrroy%2BkacNZRp%2BQvNpPnqP77JS%2Bj93b1XhwDrI%2F%2FCEeLt3Ze4AZD%2FmzCQiCgAEPYC%2Fj2xCv3Q2c3Z1Tjng9yYT39e80tPb5lfA0%2BvnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
841e04c13bca4266-AMS
alt-svc
h3=":443"; ma=86400
expires
0
xd.html
fem.gprod.postmedia.digital/v93.0/ Frame 2083 		165 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v93.0/xd.html
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
531dd530899d5c89c1c766c0ca463c5e319a84044ebde699ec95b633807025a5

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1633508
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31622400
content-length
165
content-type
text/html
date
Tue, 19 Dec 2023 20:01:01 GMT
etag
"e66a4f59260370c7eb851d9880e08527"
last-modified
Mon, 11 Dec 2023 19:02:03 GMT
server
UploadServer
x-cache-hit
hit
x-goog-generation
1702321323873559
x-goog-hash
crc32c=e89JmA== md5=5mpPWSYDcMfrhR2YgOCFJw==
x-goog-meta-goog-reserved-file-mtime
1702321262
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
165
x-guploader-uploadid
ABPtcPoGQjKauOGi3_464aKLdj3HMkBQoGIkrGs65D24KRRqb_fjwJ-qsaPvX4e1gOWjF8PBbW3TgatlgA
pub
pixel.adsafeprotected.com/services/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.90,970.90,728.90%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-2,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-3,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-4,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-5,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-6,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-7,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-8,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-9,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-10,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_TSUN_EN_WEB/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=633527cb-f743-d974-ba44-7c6243a563ad&url=https%253A%252F%252Ftorontosun.com%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.70.81.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-81-85.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e5d5f4ac0c4a9d8bdd2ff5b241cb7d6f3ef6beb7b7431ea4bafef56315eba2f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
server
nginx
x-server-name
app06.or.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Ftorontosun.com%2F&pid=Q9liSqxCLonKK&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x90%22%2C%22970x90%22%2C%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-2%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-3%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-4%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-5%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-5%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-6%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-6%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-7%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-7%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-8%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-8%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-9%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-9%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-10%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.96.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-96-174.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P2
x-amz-rid
HM0XKDSH7ZN1FZNQ8J3G
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
HqZSF-KLuG8FkmmnzzqhEXYcCDHy-Y3jYAQog_Dq7OTDxJ4eViHNcA==
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:40 GMT
server
cloudflare
age
337245
etag
W/"65833ec4-2d18"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
841e04c18d026a77-TXL
expires
Wed, 10 Jan 2024 17:46:09 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6317
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230065-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Lazh1rLMyVMbmalIiSpZ1fiHVQE6IxgNtphCuUmX5bcbmYFAx4Vg1DE9XNT1SRcatHiOqoscr1YoLhUYcKLWFwH40IO1suAcemsBJS235mXsIFBwGKMMz%2BYHQdBLxrc4aggfPxJSsK7JfNHUCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
841e04c16bde5d3a-FRA
geoip
api.permutive.com/v2.0/ 		209 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
9d799961163bc310e9b528b76ced3dd459085488c92a0713ce48f2ee67c4a06b

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
144
watson
api.permutive.com/v2.0/ 		281 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
93c45b6c4d23d6de935cc95285dbd06307bb024640cb4c186ddb7cdbc091aac1

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
208
xd.js
fem.gprod.postmedia.digital/v93.0/ Frame 2083 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v93.0/xd.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/xd.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8923b4f2bb98765736f23c71a08a37e09f44734e5ebff0bd587f4db5ab1c9c8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fem.gprod.postmedia.digital/v93.0/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:01:01 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1702321262
age
1633508
x-guploader-uploadid
ABPtcPoREjOKqPRMxHGPPnOdEAp7dIqGLeVFjY3StzCZb8W4R5tfPw1KnGW4LJBwhAdRzb40U8A0TtAPXA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21177
last-modified
Mon, 11 Dec 2023 19:02:03 GMT
server
UploadServer
etag
W/"2139b791b942c7780fd5e1534f6192af"
vary
Accept-Encoding
x-goog-generation
1702321323904544
x-goog-hash
crc32c=05N7iw==, md5=ITm3kblCx3gP1eFTT2GSrw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
68978
accept-ranges
none
23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
cdn.permutive.com/models/v2/ 		74 KB
51 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22f2060365e34c12dd716fcfb19b771866ad57259178c974deebb5fa30f31095

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ABPtcPqZMHny2905fuqtbv9WfYxq3NuTyJ-F5ggnKQYVlv2DOqXRtOXDyQvBZitzVoNfQNdoMe_i67flb_FdYoc
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
51175
last-modified
Wed, 03 Jan 2024 06:02:28 GMT
server
cloudflare
etag
"34d7dc9b02850c791207b649897da122"
vary
Accept-Encoding
x-goog-generation
1704261748262385
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=Iyg7rQ==, md5=NNfcmwKFDHkSB7ZJiX2hIg==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
51175
accept-ranges
bytes
timing-allow-origin
*
cf-ray
841e04c20e1918cd-FRA
expires
Sun, 07 Jan 2024 17:01:34 GMT
identify
api.permutive.com/v2.0/ 		50 B
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
7cabb3c0f17d1e7cf705d1809c736c7e7a856b10e6870ac81a628b3bc67bf9b3

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
/
torontosun.com/api-root/media/videos/playlists/JQkbLqiZ/player/json/ 		11 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://torontosun.com/api-root/media/videos/playlists/JQkbLqiZ/player/json/
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/688c080cafcfa4457b823.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
35c68793d2f580c3750d841110c173df70c6e85d3339b42edad4cf0854392700
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-content-type-options
nosniff
content-encoding
gzip
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
via
1.1 google
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
referrer-policy
strict-origin-when-cross-origin
last-modified
Sunday, 07-Jan-2024 17:46:09 GMT
server
istio-envoy
x-pmd-backend
pmd-nginx-proxy-6cbdf6d5bf-45lzh
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,Accept, Cookie, Origin
content-type
application/json
allow
GET, HEAD, OPTIONS
cache-control
max-age=900,no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
expires
Sun, 07 Jan 2024 17:58:22 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 17:46:09 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 17:46:09 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 17:46:09 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 17:46:09 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 17:46:09 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 17:46:09 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 17:46:09 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 17:46:09 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 17:46:09 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 17:46:09 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 17:46:09 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 17:46:09 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 17:46:09 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 17:46:09 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 17:46:09 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 17:46:09 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 17:46:09 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://torontosun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 17:46:09 GMT
server
ATS/9.1.10.94
translator
hbopenbid.pubmatic.com/ 		0
112 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		86 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=1939012&size_id=2%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15&alt_size_ids=55%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57&eid_pubcid.org=c6e0884e-1e61-459f-ab81-8bf2d7bdaac6%5E1&rf=https%3A%2F%2Ftorontosun.com%2F&tg_i.domain=torontosun.com&tg_i.page=https%3A%2F%2Ftorontosun.com%2F&tg_i.aupname=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex&tg_i.pbadslot=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-1%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-2%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-2%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-3%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-3%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-4%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-4%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-5%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-5%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-6&tk_flint=dmpbjs_v8.23.0&x_source.tid=c4f7b171-e51c-4897-81fd-8197f89290e4&l_pb_bid_id=21cf5202e8f1d77%3B22e328b9170eb51%3B2394e0757135b11%3B241cfd12d66bcae%3B25513c57b242e83%3B2652a1dc3ec17f5%3B27ef8defd820cb1%3B2893d5585df26a2%3B29df54114619319%3B3091471bbb8ce9a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1fb44cd6-0d0a-4cc3-a205-49c58465d996%3Bb38f1132-4f57-43c7-9959-1326c1831cc6%3B98531165-bd56-4ddf-bc0f-e0cdd3a19002%3Bfe030cc3-e3b4-4874-91b4-88946f589576%3B85674fdf-825c-4a4e-b86a-be70131b5c3f%3Beb55570d-76da-478b-af0b-200f6a82a2b5%3B242a7a6b-48d5-4995-94e4-8e863b5f78ea%3B3841558d-dc9a-47f1-b29f-6bf1e3bd17ba%3Baba43967-3726-4cba-ae9f-b26089201eae%3Bebacb13f-4c4b-46d0-a6cd-be5901794f4f&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-1%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-2%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-2%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-3%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-3%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-4%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-4%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-5%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-5%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-6&slots=10&rand=0.09570446654484277
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
02c2db77239e7bc88a52af57a32e192fc743c607bda7f66f21279b8e40feca1e

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		39 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=1939012&size_id=15&alt_size_ids=2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57&eid_pubcid.org=c6e0884e-1e61-459f-ab81-8bf2d7bdaac6%5E1&rf=https%3A%2F%2Ftorontosun.com%2F&tg_i.domain=torontosun.com&tg_i.page=https%3A%2F%2Ftorontosun.com%2F&tg_i.aupname=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex&tg_i.pbadslot=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-6%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-7%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-7%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-8%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-8%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-9%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-9%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-10&tk_flint=dmpbjs_v8.23.0&x_source.tid=c4f7b171-e51c-4897-81fd-8197f89290e4&l_pb_bid_id=3119e3d6afe1f6f%3B329c006c2949cad%3B336e897fd6d50f%3B3439144f973a4a6%3B351217d08b15961%3B365c2838ee5764e%3B377d616a66bd4a1%3B3842d3b4c735ede&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1302824f-1ce3-4426-8b60-f8ed45948c1a%3Bab61a8ff-f76e-4698-b2f0-dc67faa09402%3B7844b096-83e1-43bb-a2a8-24ade92e50be%3Bbd15c17b-392e-40ca-bc4b-a6c5c206fa9b%3B0fd4caa6-1884-4bf6-a4de-93d4f1def7e6%3B22941bfb-6855-403c-bb78-af56d3ff6a75%3B53efe8d5-29d3-4edb-b347-760a7d50ddea%3Be7fc766a-53a3-41b1-b948-c4be2a71d8a6&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-6%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-7%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-7%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-8%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-8%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-9%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-native-9%3B%2F3081%2FSMCO_ENUR_TSUN_EN_WEB%2Findex%23ad-10&slots=8&rand=0.4015704434698739
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7841b2f7a0b84802bdeadeaff558c9b0422294280923dd5d7938144b4ffd1da8

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		25 B
277 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.23.0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.254.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-254-91.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8323d187f54d5e1d3d35691182add7e32fa93c56ce397b0881645cdbd13191a6

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
25
prebid
ib.adnxs.com/ut/v3/ 		16 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
9c90c314a4e75074841d26f214ad56952ed08106bd743438b5c918c98276c8f1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
an-x-request-uuid
f019a5cc-ded4-4d6f-b4a4-774ddb477200
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://torontosun.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.106; 80.255.7.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		373 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
847469f6a44981722b134a771a4b5d115e9731457bb1d3d3f471ee2815770155
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:09 GMT
an-x-request-uuid
2c82f5b1-af1a-4b89-9422-173938f9214d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://torontosun.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.106; 80.255.7.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
373
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=99615949721&lsavail=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:09 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
dc825c58101432949042d8b90ad119dbca174367c86e014987b8bd12ee52fd86

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
9cf52d15c1e0ff57d8cdac6c233cb3f054ac863245d5e333f68f8995f7c5886c

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
82
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
c0e52100b50525d54d36c97532e449c33d9de1500bbef4f3fe4d689e0d583cf3

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
283bf04348401745cba12948dff099e3af8498c5c0dac84c005a2b5e95767fe9

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
94c6e6fc97b8a5e270109ce718d50c112e1bc4513aca71b4db432f9f9b47b999

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
c09d5884ab7f379abf61034414c2d2d11505d0e1b9c6b9375823bc154f347773

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
4504c79d93d43db47ebb5f33d451787d9e6f4bd0318d8e0973a0f0b27c74d19e

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
ed0c23d1b4027efe598d9005db97bc8760e5b37b44aa447154432f71a0d24cd4

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
5e0911dfebdee9d252a2ed4c2c0c4cf5d0fb63aab40b3a1d416306cd65bf0618

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
7450c5a53a867ee31c22ea245627880c2c05549ea1780a2f3a6783c1e7dd5d78

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
114 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
ab99d7a44d071f53f736eff7b688d9b70338537bcb7d60eb013845a47bb3c703

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
82
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
5786d4d31f54ab94531f4c551ce00a85f3286c6dc564c9634789e2b59405644e

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
7b9e79806c0fcc60d8b82651e31edd8525cf8b61e6dfba353ba6e4df2e4d8c6f

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
7e8d7dbbafe0d30f98627cd2eb07fb4aca065446f8d1ff29e4c05ce2ba549a90

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
114 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
9bcf03daaa21e1555ef79dbea38bab94a013fb8bd54a106895cfcc43ab4281fe

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
82
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
c5985d1c7a973596a4b44ca8e582a26d3c9fd0373890991715f399bd7e9b9659

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
a4a283ea9379e0b91db39e34e38ad24ced3b72177c060224d5e2c56177c1c09b

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
0e07d64cdaa5627d11a6975e136f404a272aad9ced873cfcc90d2f78b6dc6bf7

Request headers

Referer
https://torontosun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
content-length
84
prebidjs
rtb.openx.net/openrtbb/ 		53 B
248 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4275e975b10c0442204670600fdca7dd0f50134a1de11d67755befad7f4ea118

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
prebid.media.net/rtb/ 		1 KB
1006 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUKB9454
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
0e4675008392d09e068b58232da6c30eb2640768fd24d48a77d8d4ec42145b17

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://torontosun.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
138
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Jan 2024 17:46:09 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
551 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=613230
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49a7373ef1641cbe63566afca96c9a0f0219c7924ab2281219054aa7846dbbfc

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFEpUxIddlVnFxBcKman%2FCMh4nAfl7JUDiii3Y%2BBg9xyeko3YfzXzFQJZ%2Bkvwb1Hz9UUtHLuGgl6UHkkibYCnfJ%2FhXtO5oSCIOhjdxCCJQIOEchgyp58LaCJNQEX63%2FTHDLjJVYJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
841e04c24b7e453a-TXL
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
v1
btlr.sharethrough.com/universal/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
simple
api.sail-personalize.com/v1/personalize/ 		288 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
fc75f6b3b1c7bebdbc002a0311db53346e7f677a0afced1c3ec38373333f5e6b

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://torontosun.com/
x-referring-url
https://torontosun.com/

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
196
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://torontosun.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Sun, 07 Jan 2024 17:46:09 GMT
envelope
lexicon.33across.com/v1/ 		49 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=esp&ver=1.3.0
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
comscore.js
storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/ 		168 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/comscore.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/286b462e1048adda4f6f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:27:53 GMT
age
1096
x-guploader-uploadid
ABPtcPrTlwS2wqVY4lZHXc8hGpFwkHrsiYYNV3vkCY_NhhrL9fv8A_dc9_VvX1UUbBxDJUq5pWwP5egrjA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
171739
last-modified
Tue, 13 Sep 2022 19:04:43 GMT
server
UploadServer
etag
"702fb2c84c6e8b364a6130cb860c7987"
x-goog-generation
1663095883714722
x-goog-hash
crc32c=aQkgGQ==, md5=cC+yyExuizZKYTDLhgx5hw==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
171739
accept-ranges
bytes
expires
Sun, 07 Jan 2024 18:27:53 GMT
pub
pixel.adsafeprotected.com/services/ 		298 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:jw-ad-1,ss:%5B640.480%5D,p:undefined,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=633527cb-f743-d974-ba44-7c6243a563ad&url=https%253A%252F%252Ftorontosun.com%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.70.81.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-81-85.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5f00f549ea25494b6bfffa7f331418482ca9c670760399328e9dabb40483fcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
server
nginx
x-server-name
app09.or.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
wLe9WzmE-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/STu5EiL5/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-320.jpg
29 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8e2772ae7e6a9b4178e20a772e489c536fdbbc5c7673facbe2aea97d45219b31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
347
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
28941
x-served-by
cache-iad-kjyo7100178-IAD, cache-sof1510034-SOF
last-modified
Fri, 05 Jan 2024 18:59:47 GMT
server
nginx
x-timer
S1704649570.860498,VS0,VE110
etag
"a02236ab116b91533bbe6db864a7845f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
7357, 0

Redirect headers

date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
bD8wbPggOQ7GvLGpDC0hW5eRtvoXCuWqlVNtGg18F5EHGV87P1vzmA==
lqbjtgex-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/Iv67Shyx/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/lqbjtgex-320.jpg
21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/lqbjtgex-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0b3b527853be89c6cf58ed3010f4a3eef43e61bc98ce229a842c8977d2072590

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
347
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
21785
x-served-by
cache-iad-kcgs7200065-IAD, cache-sof1510034-SOF
last-modified
Fri, 05 Jan 2024 01:46:47 GMT
server
nginx
x-timer
S1704649570.860653,VS0,VE109
etag
"e936133a6ea747355a132845abd31d87"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
9486, 0

Redirect headers

date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/lqbjtgex-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
kl3Ydx2TvaTs0sP0Foa5jb1jo7xQRjPU_8r85ZwJuK8Iy6IogRUsiQ==
qh47XFOT-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/LVvfJDzD/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/qh47XFOT-320.jpg
30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/qh47XFOT-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4e66a39def7fdc2eeb21ff917fe7a85c18235df3900133631839b194bddcdabe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
121
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
30441
x-served-by
cache-iad-kjyo7100035-IAD, cache-sof1510034-SOF
last-modified
Thu, 04 Jan 2024 16:56:25 GMT
server
nginx
x-timer
S1704649570.880623,VS0,VE113
etag
"6fd8b56f8231b7182f9a14abe98e0798"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
11660, 0

Redirect headers

date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/qh47XFOT-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
wLXOTO7vmoYMhoJ7w6X4KVMVKD9zWVHlkoHoPNIvMiKN5rnSm6w7vw==
45bEBgIV-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/br7L84WR/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/45bEBgIV-320.jpg
23 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/45bEBgIV-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1e6494c24a33dbdd3877c44a0aeabfc32e356a8752a7877a1a4af8c08407652c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
392
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
22548
x-served-by
cache-iad-kiad7000172-IAD, cache-sof1510034-SOF
last-modified
Thu, 04 Jan 2024 16:33:35 GMT
server
nginx
x-timer
S1704649570.860834,VS0,VE113
etag
"93561391365587bb4fd1301864ff3fc6"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
12639, 1

Redirect headers

date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/45bEBgIV-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
nfPS91GutZK2dOYU0mrUztMVWnHhzLwMYZf1XecsGuFi4y32HI6Ilg==
fa3Lx4xY-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/XvPMTTp4/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/fa3Lx4xY-320.jpg
24 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/fa3Lx4xY-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ab9c81354f2fc61fc082bbd15b0c46841de6b0029267514307333bdbd80b7177

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
404
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
23877
x-served-by
cache-iad-kjyo7100037-IAD, cache-sof1510034-SOF
last-modified
Wed, 03 Jan 2024 21:15:36 GMT
server
nginx
x-timer
S1704649570.860630,VS0,VE109
etag
"077d5987f229b0ecf4a52d4c75902cbd"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
16617, 0

Redirect headers

date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/fa3Lx4xY-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
ltXcuOsrZdhIGvqtaQKN28KKrfW96qIglrUG9y5O3Sc1SnsvCdkpVw==
iLbKP9Dz-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/dB2EaAGw/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/iLbKP9Dz-320.jpg
33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/iLbKP9Dz-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d5a908e09ec5fa5996a55a61459c2762a9e13157d72888a42f8b52f0e0841cf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
347
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
33202
x-served-by
cache-iad-kiad7000150-IAD, cache-sof1510034-SOF
last-modified
Tue, 02 Jan 2024 23:26:24 GMT
server
nginx
x-timer
S1704649570.860625,VS0,VE111
etag
"44ebbba0e1899acac660d7e3ee470a32"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
12680, 0

Redirect headers

date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/iLbKP9Dz-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
tG9E8tJk3dwGZ34t0wOApzcdBgNPq-U-pdTSHT5bi3ydtdaS3i-m3A==
zXf2rAO1-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/EM76gBBh/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/zXf2rAO1-320.jpg
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/zXf2rAO1-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
98e525abdb0c8037e35411124ae9db53125613dec23bd5f055b89268d9bc3ac8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
347
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
14310
x-served-by
cache-iad-kiad7000149-IAD, cache-sof1510034-SOF
last-modified
Mon, 01 Jan 2024 18:23:49 GMT
server
nginx
x-timer
S1704649570.860380,VS0,VE110
etag
"eb02a6cadf2f824715e75fcb0ba23016"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
25456, 0

Redirect headers

date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/zXf2rAO1-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
0MRHs3hZtmjNhLotKJj_TmnC_kIhJ0H3NajGPfXh_p1kIripgves5A==
JVfUn2nZ-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/hMCqGdDQ/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/JVfUn2nZ-320.jpg
24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/JVfUn2nZ-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3d8b3026509debf9bbe5672d4b53c52460763892b0dd7dc4dd50267ad43fcbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
121
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
24375
x-served-by
cache-iad-kiad7000160-IAD, cache-sof1510034-SOF
last-modified
Mon, 01 Jan 2024 14:17:04 GMT
server
nginx
x-timer
S1704649570.860532,VS0,VE109
etag
"e9a7675ba5d3e1eff252e48c34a8fb2e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
13211, 0

Redirect headers

date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/JVfUn2nZ-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
UwTdF6GQuezZaNHm1oRe_08DIyNyj2ZzFt-5-NQKlDOIhDGRMlkcfQ==
KwC275w1-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/ezBKvBhV/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/KwC275w1-320.jpg
29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/KwC275w1-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f79d1837a7fcc0b57562cf230275f5e5d8668ae84de517af75d181af4fd419af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
29044
x-served-by
cache-iad-kiad7000062-IAD, cache-sof1510034-SOF
last-modified
Mon, 01 Jan 2024 13:51:42 GMT
server
nginx
x-timer
S1704649570.882077,VS0,VE122
etag
"a7c66448ae80d7dbc4adcda841ebd12d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
14797, 0

Redirect headers

date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/KwC275w1-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
vzsu8La27z9AjE5rLp8kvy3B3Ut4Z53x3RFbKec1kvs4pEcujOO-_w==
ch9GHjMH-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/ATeFDMnl/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/ch9GHjMH-320.jpg
15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/ch9GHjMH-320.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e645b21aa398bbd85fa5c93541ed773b6dd0a96e61c62c6ede8c62e553dd1d48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
121
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
15827
x-served-by
cache-iad-kcgs7200034-IAD, cache-sof1510034-SOF
last-modified
Fri, 05 Jan 2024 23:40:29 GMT
server
nginx
x-timer
S1704649570.860367,VS0,VE110
etag
"5b7be9a10458717b0b636ad920e8d3fb"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
5517, 0

Redirect headers

date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/ch9GHjMH-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
qpHXBn5HRAOH2lBzetYKed0TviHcZJMbt9Ic5orRcQYJ8bBuYNBpVg==
dchHpZtp.js
cdn.jwplayer.com/libraries/ 		109 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/dchHpZtp.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/286b462e1048adda4f6f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:9000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
1f2c6777102f64e5b95adee1024dd12d32f64582ac7e8de739900d5fb5ac5387

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:43:42 GMT
content-encoding
gzip
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
age
147
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
41660
x-amz-cf-id
VyOVfK4ieJlqNQaO1AM4AadtlWtKsXx5SJl8O5XiDoK4nZEN0H96tQ==
segment
api.permutive.com/adv/v2/ 		14 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
JQkbLqiZ
cdn.jwplayer.com/v2/playlists/ 		59 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/JQkbLqiZ
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/836d4e0fd22a7dc68a052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:9000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
2cda89c4ad79baf57e87a1560fc098d546f8cbeff5de45de242458748a77db52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
8442
x-amz-cf-id
NDDYprmNa_bLIFktPuWc1P-YEs4XIeGTownFNlUfEO9Ot2MoXsqszQ==
expires
Sun, 07 Jan 2024 17:49:09
tb
15.taboola.com/ 		30 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=postmedia-torontosun&unitType=244&tbloc=&pageType=home&pstn=Below%20Homepage%20Thumbnails&uuip=Feed%20-%20Below%20Homepage%20Thumbnails&cisrf=&cirf=https%3A%2F%2Ftorontosun.com%2F&encoded=1&uid=0a624e20-2526-4739-810d-8903a40a64e3-tuctc9468e1&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1704649569830&tagid=&cntry=DE&platform=1&sesid=41a942792ee364c14ad3d6f7f66e0048&itemid=/&viewid=1704649569331&geolat=&geoing=&deviceifa=&appid=&sd=v2_41a942792ee364c14ad3d6f7f66e0048_0a624e20-2526-4739-810d-8903a40a64e3-tuctc9468e1_1704649569_1704649569_CIi3jgYQuIdjGLPooKjOMSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ri=43e9fc9e326a735c154baabb7fa49325&appname=&cdb=&gdprApplies=true&rid=&sii=3351448824570609430&oee=true&tpubid=1622968&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=1---&region=BW&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1613115&prcnt=&layer=&normp=1&gvv=9864&gvv50=9864&gvv61=&gvv62=14386
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240107-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c776785ca0fe4e535bfae4db0061d650f91d088714c0e81c0cb6a8ff0ead7679

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1482
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-fra-etou8220025-FRA
pragma
no-cache
server
nginx
x-timer
S1704649570.853334,VS0,VE39
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
access-control-allow-origin
https://torontosun.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20240107-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20240107-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
597b605a9e5f97b7dc453fa0a6a593b25e6d6b39d603a8735c7b5fad32ec5e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
LURLkvUfE9rJEcriGsYAcUxKAbwI7Fkp
content-encoding
gzip
via
1.1 varnish
date
Sun, 07 Jan 2024 17:46:09 GMT
x-amz-request-id
CJZSTTM8BRB2CJPB
age
27635
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
FSMhPsUWWHV4muAFjoy0ukL894XhkTilNbm+ruXp4vNbQu8T05c8Nlhd9P6sHev302PUdevtW+8=
x-served-by
cache-fra-etou8220025-FRA
last-modified
Sun, 07 Jan 2024 10:05:35 GMT
server
AmazonS3
x-timer
S1704649570.849034,VS0,VE0
etag
"4ed0bbf0eca89c3afdcad47ec924a5fe"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
72
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
72936
userx.20240107-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20240107-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8574bbfc921d83dd34999c182e5485613fc7d8bc39c417cddaa71dac6bdfb179

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
j01KLzHLa6SqiEReqZ0_j6IeoZH0VWfY
content-encoding
gzip
via
1.1 varnish
date
Sun, 07 Jan 2024 17:46:09 GMT
x-amz-request-id
D92BT0HWNJM9CABB
age
27682
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
n5V9VTGZEDmchpxeuQd/HhlpcOPLqtMy9x5wdMRr98U2nG+pwzul1+wcJysmWn+SkADefH2Dqi8=
x-served-by
cache-fra-etou8220025-FRA
last-modified
Sun, 07 Jan 2024 10:04:48 GMT
server
AmazonS3
x-timer
S1704649570.859052,VS0,VE0
etag
"341c000f1e32b7638815cc9fbac2b7ab"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
41
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
15387
distance-from-article.20240107-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20240107-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f29b0ba37084a0d95eaf3b72f07eb69195ec70f1b43b5367df51bb51e83a3583

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
WizPTi.yGfCzzRdi6OV7kqa9dKynuWGa
content-encoding
gzip
via
1.1 varnish
date
Sun, 07 Jan 2024 17:46:09 GMT
x-amz-request-id
8BC1P4K58G05X737
age
27627
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
6IvbHkKR6Tp7G2fCzpeLan5aaWOPn+Xp6I/z2fE8aun81hfCIEPiMv/E6sOtAq8HonTYB81/ozw=
x-served-by
cache-fra-etou8220025-FRA
last-modified
Sun, 07 Jan 2024 10:05:43 GMT
server
AmazonS3
x-timer
S1704649570.859208,VS0,VE0
etag
"6190f98e0d4910afe77e3d2d01ebe556"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
32
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
73527
article-detection.20240107-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20240107-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
384b0dd2e187bb8889133a0d349a46604b5f53319c939b57436d8870812f5894

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
Geum2BGdI9nq8BCAXWEg_ixZpasF3ejT
content-encoding
gzip
via
1.1 varnish
date
Sun, 07 Jan 2024 17:46:09 GMT
x-amz-request-id
E2CXKVSKBT5RM5R4
age
27615
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
jcRlHz6BWUL71B7ZOVl9Yu5bRSzjubKc0D0LwoUh8c6va/o9lOZi/zh/8jK9aPZXnxGOhgbf+EM=
x-served-by
cache-fra-etou8220025-FRA
last-modified
Sun, 07 Jan 2024 10:05:55 GMT
server
AmazonS3
x-timer
S1704649570.859275,VS0,VE0
etag
"626b78bd754c99e007689bdf71980562"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
15
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
73483
abtests
am-trc-events.taboola.com/postmedia-torontosun/log/3/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/postmedia-torontosun/log/3/abtests?route=AM:AM:V&tvi48=14791&tvi50=9864&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1704649569857%7D&tim=18%3A46%3A09.857&id=8826&llvl=2&ri=43e9fc9e326a735c154baabb7fa49325&sd=v2_41a942792ee364c14ad3d6f7f66e0048_0a624e20-2526-4739-810d-8903a40a64e3-tuctc9468e1_1704649569_1704649569_CIi3jgYQuIdjGLPooKjOMSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=0a624e20-2526-4739-810d-8903a40a64e3-tuctc9468e1&pi=/&wi=3351448824570609430&pt=home&vi=1704649569331&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240107-6-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://torontosun.com
pragma
no-cache
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/postmedia-torontosun/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/postmedia-torontosun/log/3/abtests?route=AM:AM:V&tvi48=14791&tvi50=9864&lti=deflated&ri=43e9fc9e326a735c154baabb7fa49325&sd=v2_41a942792ee364c14ad3d6f7f66e0048_0a624e20-2526-4739-810d-8903a40a64e3-tuctc9468e1_1704649569_1704649569_CIi3jgYQuIdjGLPooKjOMSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=0a624e20-2526-4739-810d-8903a40a64e3-tuctc9468e1&pi=/&wi=3351448824570609430&pt=home&vi=1704649569331&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1704649569838%7D&tim=18%3A46%3A09.838&id=3809&llvl=2&cv=20240107-6-RELEASE&
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Sun, 07 Jan 2024 17:46:09 GMT
x-amz-request-id
Y1PG8J215N22T8P1
age
5
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by
cache-fra-etou8220025-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1704649570.879008,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
60
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
6
13cf4ee9f6544e9b575142f9df2b2ff7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13cf4ee9f6544e9b575142f9df2b2ff7.png
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4111435306c15144fcdffc5299d1eed1fae96cbdf46d97addeda362cfa610651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13cf4ee9f6544e9b575142f9df2b2ff7.png
age
1691082
edge-cache-tag
551908199783018227115474329645689920966,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
551908199783018227115474329645689920966,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
216
req-referer
https://www.allgaeuer-zeitung.de/
content-length
20984
x-request-id
4390a815b2da96a0fde4c3e9a08581da
x-served-by
cache-iad-kcgs7200132-IAD, cache-iad-kjyo7100031-IAD, cache-lga21957-LGA, cache-iad-kiad7000073-IAD, cache-fra-etou8220025-FRA
last-modified
Tue, 12 Dec 2023 16:07:04 GMT
server
nginx
surrogate-reporting
width=738,height=369,bytes=28442,owidth=738,oheight=425,obytes=444827,ef=(1,13,17,23,30)
x-timer
S1704649570.891545,VS0,VE0
etag
"c9104dc70163fd9e2f5dae7e64fc1cea"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 74
Screenshot-2023-06-20-at-9.19.40-AM-e1687267375251.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/06/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/06/Screenshot-2023-06-20-at-9.19.40-AM-e1687267375251.png
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
218fca1af5e690dc4bd3701e2b705944315d2c6c95f83eb5eaee6d4a8306ea53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/06/Screenshot-2023-06-20-at-9.19.40-AM-e1687267375251.png
age
533341
edge-cache-tag
520337377575090957911768962370054816893,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
520337377575090957911768962370054816893,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
605
req-referer
https://torontosun.com/
content-length
12512
x-request-id
5bddfc562b7b3a2aea7ab8c7c0828501
x-served-by
cache-iad-kjyo7100158-IAD, cache-iad-kcgs7200088-IAD, cache-lax-kwhp1940059-LAX, cache-iad-kjyo7100074-IAD, cache-fra-etou8220025-FRA
last-modified
Sun, 31 Dec 2023 18:45:16 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=15916,owidth=736,oheight=552,obytes=535294,ef=(1,13,17,23,30)
x-timer
S1704649570.893424,VS0,VE1
etag
"aa81132d2df576283fc43ae5dacc59de"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 33, 1
bill-murray-and-cindy-morgan-in-caddyshack.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/bill-murray-and-cindy-morgan-in-caddyshack.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e8557b92190103c1e04bcea71e88a8e4dbf8ac3a7eee24603a50b81ff2f380ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
89
date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/01/bill-murray-and-cindy-morgan-in-caddyshack.jpg
age
8135
edge-cache-tag
586211237442479776043402922779236917370,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
586211237442479776043402922779236917370,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
451
req-referer
https://torontosun.com/
content-length
15806
x-request-id
3fee970178ef109ac2e6e859702090ee
x-served-by
cache-iad-kjyo7100172-IAD, cache-iad-kcgs7200162-IAD, cache-lga21922-LGA, cache-iad-kiad7000106-IAD, cache-fra-etou8220025-FRA
last-modified
Sun, 07 Jan 2024 15:13:51 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=20993,owidth=1000,oheight=750,obytes=105819,ef=(1,13,17,23,30)
x-timer
S1704649570.893459,VS0,VE89
etag
"087e1635a7f338d6855fa70158e8381d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 14, 0
34f47cb903a8df3192618e3dd0de365d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34f47cb903a8df3192618e3dd0de365d.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bc1da87af274cca4735280517227acaad88d5e3b47b28c88c074425a7877bf23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34f47cb903a8df3192618e3dd0de365d.jpg
age
3217297
edge-cache-tag
401194571202037701432577424229878662289,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
401194571202037701432577424229878662289,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
670
req-referer
https://ads.taboola.com/
content-length
92482
x-request-id
f398d2a3584dcd180626ff6abe2bdbcc
x-served-by
cache-iad-kjyo7100148-IAD, cache-iad-kjyo7100114-IAD, cache-lga21936-LGA, cache-iad-kjyo7100123-IAD, cache-fra-etou8220025-FRA
last-modified
Fri, 01 Dec 2023 12:04:32 GMT
server
nginx
surrogate-reporting
width=1200,height=600,bytes=171344,owidth=1200,oheight=675,obytes=151473
x-timer
S1704649570.895575,VS0,VE3
etag
"19a1ee834b7443f9bc328daa7af5acfb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
9bdd1e6ffc7e7781f63a24272458fba4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9bdd1e6ffc7e7781f63a24272458fba4.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7770d3a7097cdb1298dcd91c8bc61cf64e414a1d9b14c0c68e9198380c88a78b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9bdd1e6ffc7e7781f63a24272458fba4.jpg
age
2432120
edge-cache-tag
630770987720074874774246095262411355979,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
630770987720074874774246095262411355979,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
453
req-referer
https://www.sport1.de/
content-length
23602
x-request-id
3a8cba1541ddc5f5c4efc499133d29d0
x-served-by
cache-iad-kcgs7200157-IAD, cache-iad-kjyo7100036-IAD, cache-lga21933-LGA, cache-iad-kcgs7200080-IAD, cache-fra-etou8220025-FRA
last-modified
Sat, 09 Dec 2023 12:13:43 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=43254,owidth=1000,oheight=560,obytes=654097
x-timer
S1704649570.901339,VS0,VE0
etag
"005b8b736c7b235190d1b60fc5bc8dab"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 211
434fc2aec9c0fc1e01dbd020427d0bd2.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2048%2Cx_0%2Cy_388/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2048%2Cx_0%2Cy_388/http%3A//cdn.taboola.com/libtrc/static/thumbnails/434fc2aec9c0fc1e01dbd020427d0bd2.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
960e93d018c45bcf3ec1f8c6094433afdaa268edfd4a1aaf90f4da83a86224d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2048%2Cx_0%2Cy_388/http%3A//cdn.taboola.com/libtrc/static/thumbnails/434fc2aec9c0fc1e01dbd020427d0bd2.jpg
age
7521773
edge-cache-tag
557826513005111748038710872403493155354,398760349672635103742853848798208124224,29ecf9b93bbf306179626feeda1fab70
cache-tag
557826513005111748038710872403493155354,398760349672635103742853848798208124224,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
283
expiration
expiry-date="Wed, 04 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.radioguetersloh.de/
content-length
53186
x-served-by
cache-iad-kjyo7100123-IAD, cache-iad-kiad7000130-IAD, cache-iad-kjyo7100125-IAD, cache-fra-etou8220025-FRA
last-modified
Sun, 03 Sep 2023 14:48:55 GMT
server
nginx
surrogate-reporting
width=2048,height=1152,owidth=2048,oheight=3072,obytes=423405
x-timer
S1704649570.901456,VS0,VE0
etag
"eb9ab7a7acee76059b3d4e6f6dd7935c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 445
631df4c75b4f02dc29d72a916064592e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/631df4c75b4f02dc29d72a916064592e.png
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8c8bcf7cbc78bda4fd07428c5047d99bb1fd5b6a962315a4c490df1f6a3cb3b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 07 Jan 2024 17:46:09 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/631df4c75b4f02dc29d72a916064592e.png
age
2781080
edge-cache-tag
533785047141029851524565568207219022138,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
533785047141029851524565568207219022138,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
322
expiration
expiry-date="Thu, 14 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.allgaeuer-zeitung.de/
content-length
25052
x-served-by
cache-iad-kcgs7200025-IAD, cache-iad-kcgs7200025-IAD, cache-lax10680-LGB, cache-iad-kjyo7100031-IAD, cache-fra-etou8220025-FRA
last-modified
Mon, 14 Aug 2023 16:01:47 GMT
server
nginx
x-timer
S1704649570.934619,VS0,VE2
etag
"88b43b5f1f275244b70818f443fea9a4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 15, 0, 224, 1
supply-feature
am-trc-events.taboola.com/postmedia-torontosun/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/postmedia-torontosun/log/3/supply-feature?route=AM:AM:V&tvi48=14791&tvi50=9864&lti=deflated&ri=43e9fc9e326a735c154baabb7fa49325&sd=v2_41a942792ee364c14ad3d6f7f66e0048_0a624e20-2526-4739-810d-8903a40a64e3-tuctc9468e1_1704649569_1704649569_CIi3jgYQuIdjGLPooKjOMSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=0a624e20-2526-4739-810d-8903a40a64e3-tuctc9468e1&pi=/&wi=3351448824570609430&pt=home&vi=1704649569331&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2235%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A46%3A09.914&id=1101&llvl=2&cv=20240107-6-RELEASE&
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 07 Jan 2024 17:46:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.7.5/ 		121 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.7.5/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240107-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7bd96688cbb98c39cc3c0dc22f09cbfd22d353d77b651ebc255cfaedfecdbc5

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
via
1.1 dc57cbf9d7336ae929f762b5ada2ed98.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
632383
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
34238
x-served-by
cache-fra-etou8220114-FRA
last-modified
Sun, 31 Dec 2023 10:01:09 GMT
server
AmazonS3
x-timer
S1704649570.027276,VS0,VE0
etag
"cf9f8c79c74a3093183012fb770abf82"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
vlSrrwuWG6AsTzV7KsViTku81sswjDfAxWS_YBw1JyB0jcrtPyODsg==
x-cache-hits
41039
ca852450ddef2c05d8cb.js
fem.gprod.postmedia.digital/v93.0/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v93.0/chunks/ca852450ddef2c05d8cb.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b1631a16b9a272828ad99cdb2ff9beb5ca3f1bcfe33741fc51fb9fb1e764e227

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:02:45 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1702321262
age
1633405
x-guploader-uploadid
ABPtcPpaWm0d60dk10OdDFRAt7PFPu8x7tuiWBj7FlzAB-oyMqrfnqildjb9nO0N7MGfjGS4Ha5FBPHCdtoiTqk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1108
last-modified
Mon, 11 Dec 2023 19:02:01 GMT
server
UploadServer
etag
W/"b8c89500a3911a44ff74904e79f8d535"
vary
Accept-Encoding
x-goog-generation
1702321321293267
x-goog-hash
crc32c=5hc1ug==, md5=uMiVAKORGkT/dJBOefjVNQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
3199
accept-ranges
none
ads
securepubads.g.doubleclick.net/gampad/ 		548 KB
55 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=480068266870360&correlator=1457940759126039&eid=95320409&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&iu_parts=3081%2CSMCO_ENUR_TSUN_EN_WEB%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x90%7C970x90%7C728x90%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&fluid=0%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704649570069&lmt=1704649403&adxs=200%2C797%2C768%2C797%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200&adys=154%2C1620%2C2188%2C3226%2C4058%2C5117%2C6099%2C5843%2C6444%2C6184%2C6731%2C6525%2C7075%2C6866%2C7463%2C7207%2C7732%2C7548&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftorontosun.com%2F&vis=1&psz=1600x90%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&msz=1600x-1%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600&ga_vid=1389705724.1704649570&ga_sid=1704649570&ga_hid=426145336&ga_fc=false&a3p=EhsKDDMzYWNyb3NzLmNvbRjf7KCozjFIAFICCG8SOwoKcHViY2lkLm9yZxIkYzZlMDg4NGUtMWU2MS00NTlmLWFiODEtOGJmMmQ3YmRhYWM2GOjqoKjOMUgA&dlt=1704649568643&idt=550&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D31273d9f43b46667%26hb_bidder%3Drubicon%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.10%26hb_adid%3D311b16da57240a63%26hb_bidder%3Drubicon%7Cslot%3Dinfeed%26loc%3D2%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.10%26hb_adid%3D309d75aa71e58ec7%26hb_bidder%3Drubicon%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.14%26hb_adid%3D305232f2cdc39186%26hb_bidder%3Drubicon%7Cslot%3Dinfeed%26loc%3D3%26amznbid%3D2%26amznp%3D2%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D307e3c9eca3a2314%26hb_bidder%3Drubicon%7Cslot%3Dinfeed%26loc%3D4%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.13%26hb_adid%3D306913781f0cf4b3%26hb_bidder%3Drubicon%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.10%26hb_adid%3D310df175567e5ab5%26hb_bidder%3Drubicon%7Cslot%3Dinfeed%26loc%3D5%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D313696f2d57b63ab%26hb_bidder%3Drubicon%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D308bbbf1192828b%26hb_bidder%3Drubicon%7Cslot%3Dinfeed%26loc%3D6%26amznbid%3D2%26amznp%3D2%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D970x90%26hb_pb%3D0.14%26hb_adid%3D29990a3069909f1b%26hb_bidder%3Dappnexus%7Cslot%3Dinfeed%26loc%3D7%26amznbid%3D2%26amznp%3D2%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cslot%3Dinfeed%26loc%3D8%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D30247153052e7898%26hb_bidder%3Drubicon%7Cloc%3D9%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%7Cslot%3Dinfeed%26loc%3D9%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D303074cba724f0df%26hb_bidder%3Drubicon%7Cloc%3D10%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.10%26hb_adid%3D3044a7f3c144d2c3%26hb_bidder%3Drubicon&cust_params=permutive%3D96400%252Crts%26prmtvvid%3D7cdead2d-71f0-4a30-83a7-cbec66abdc63%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26no_pol%3Dtrue%26page%3Dindex%26pr%3Dtsun%26sensitive%3Dn%26negative%3Dn%26et%3Dsm%26ck%3Dindex%26imp%3Dindex%26prmtvsdk%3Dweb&adks=913967088%2C1205333068%2C3841865906%2C4150895342%2C3841865917%2C225519802%2C3841865916%2C225519797%2C3841865919%2C225519796%2C3841865918%2C225519799%2C3841865913%2C225519798%2C3841865912%2C225519793%2C3841865915%2C3169864135&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1efc12e119a8efc0a560bc4c19ff3af02ba61806e2c61397d9b3ceb977d48be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
71397,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56125
x-xss-protection
0
google-lineitem-id
-1,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-2,-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-1,-2,-2,-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 97A4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 17:46:10 GMT
expires
Mon, 06 Jan 2025 17:46:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
googima.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/googima.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80c9671594b35dca109b7ecf4d7ca12db35663ba90b6e591fee421a3d3a6816a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
via
1.1 varnish
age
69451
x-cache
HIT
content-length
22454
x-served-by
cache-sof1510034-SOF
last-modified
Mon, 13 Nov 2023 20:12:26 GMT
server
AmazonS3
x-timer
S1704649570.132219,VS0,VE0
etag
"016fdad688d9003e0b0c4157e803cf37"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
23117
bidding.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		448 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3587ccc786d72c7d352e3cd589f1c34a6d5f99944560a6c2e7f6f69f0a69b9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
via
1.1 varnish
age
463
x-cache
HIT
content-length
144290
x-served-by
cache-sof1510034-SOF
last-modified
Thu, 14 Dec 2023 13:42:51 GMT
server
AmazonS3
x-timer
S1704649570.131430,VS0,VE0
etag
"20b62ce1e7993cc814efa737c197c766"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, immutable
accept-ranges
bytes
x-cache-hits
2
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/jwpsrv.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3c5ff38a6b645121ae055d1bb18885c2f185331f58f6229443c2f031684216f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
via
1.1 varnish
age
296
x-cache
HIT
content-length
19890
x-served-by
cache-sof1510034-SOF
last-modified
Thu, 14 Dec 2023 19:59:18 GMT
server
AmazonS3
x-timer
S1704649570.131469,VS0,VE0
etag
"1a96e7c0d0040b922d2458e3bc2cfe7f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
702
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		318 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/jwplayer.core.controls.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3626395a3596984e23ef3c2e882eee1fe93e4830f6c6b90ba9aad5028d2b6c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
via
1.1 varnish
age
4648674
x-cache
HIT
content-length
85284
x-served-by
cache-sof1510034-SOF
last-modified
Mon, 13 Nov 2023 20:12:20 GMT
server
AmazonS3
x-timer
S1704649570.132540,VS0,VE0
etag
"95e4ba794923b67ae5be72627198a8b3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
124652
JQkbLqiZ
cdn.jwplayer.com/v2/playlists/ 		59 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/JQkbLqiZ
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:9000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
2cda89c4ad79baf57e87a1560fc098d546f8cbeff5de45de242458748a77db52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:09 GMT
content-encoding
gzip
via
1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
age
1
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
8442
x-amz-cf-id
kPBArvtq5-J60giWbNRmo875JyjFoG3E5BIRLC84uOwjjk5XE7JK7Q==
expires
Sun, 07 Jan 2024 17:49:09
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://torontosun.com
Connection
keep-alive
Date
Sun, 07 Jan 2024 17:46:10 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

Date
Sun, 07 Jan 2024 17:46:10 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://torontosun.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		413 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6a936bf89e1100e04af426880bbbbcdf995f6501eb58a5e7ca3382b0ce74ac3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
via
1.1 varnish
age
4648675
x-cache
HIT
content-length
126154
x-served-by
cache-sof1510034-SOF
last-modified
Mon, 13 Nov 2023 20:12:23 GMT
server
AmazonS3
x-timer
S1704649570.184334,VS0,VE0
etag
"c735ce7c150fe5e0fdf3e61f12fd8527"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
121091
EP4j6LNJEeu2Q2J+7u8ONQ.json
entitlements.jwplayer.com/ 		69 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/EP4j6LNJEeu2Q2J+7u8ONQ.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67A5) /
Resource Hash
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
last-modified
Sun, 07 Jan 2024 17:29:43 GMT
server
ECAcc (frb/67A5)
age
987
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=6720
accept-ranges
bytes
content-length
80
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Sun, 07 Jan 2024 17:46:10 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
bb6e1029a6e6deb39619e842f08b6bf0c8b55a0d03eb120c5200905b09a2da59

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
xekD8K28.srt
assets-jpcust.jwpsrv.com/tracks/
Redirect Chain
  • https://cdn.jwplayer.com/tracks/xekD8K28.srt
  • https://assets-jpcust.jwpsrv.com/tracks/xekD8K28.srt
9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/tracks/xekD8K28.srt
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
03365fde75666d418b76da2bdc668f9a070c2f764d3a96bb56e6a678d3a6beb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
162
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
3687
x-served-by
cache-iad-kiad7000167-IAD, cache-sof1510038-SOF
last-modified
Fri, 05 Jan 2024 23:40:12 GMT
server
nginx
x-timer
S1704649571.602844,VS0,VE2
etag
"5463d3112255651629a7041db297ec55"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
8047, 1

Redirect headers

date
Sun, 07 Jan 2024 17:46:10 GMT
via
1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/tracks/xekD8K28.srt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
2I_qgc_pXt7azpXovl-J8SEGSz0EZArxxqeXw98POg_dd-YyexMivQ==
polyfills.webvtt.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/polyfills.webvtt.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f955bad4911e135ef8894618754dbed63059322adf7404c619734960cce6adc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
via
1.1 varnish
age
4647970
x-cache
HIT
content-length
4510
x-served-by
cache-sof1510034-SOF
last-modified
Mon, 13 Nov 2023 20:12:22 GMT
server
AmazonS3
x-timer
S1704649570.342785,VS0,VE0
etag
"4ecf1daa69f7252ad15b34ff4485ec7a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
22878
ATeFDMnl-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/ATeFDMnl-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/ATeFDMnl-120.vtt
5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/ATeFDMnl-120.vtt
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
236212c07aab919dcda0385dfb06993371f1b85a7f813787d9c5366052a8fb99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
164
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
915
x-served-by
cache-iad-kjyo7100100-IAD, cache-sof1510038-SOF
last-modified
Fri, 05 Jan 2024 23:34:16 GMT
server
nginx
x-timer
S1704649571.602843,VS0,VE2
etag
"3fc90bee644b88d66e46522d734c4487"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
8266, 1

Redirect headers

date
Sun, 07 Jan 2024 17:46:10 GMT
via
1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/ATeFDMnl-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
zg4vatibCOnovNKbymZQ3XwS0y84iuy6rPJLrekCluPH9mIpcpp6BA==
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.cast.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e11545f37f9b79411db316051568e9232e4306b7b86a1fc28195596d21a8839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
via
1.1 varnish
age
4648247
x-cache
HIT
content-length
10035
x-served-by
cache-sof1510034-SOF
last-modified
Mon, 13 Nov 2023 20:12:23 GMT
server
AmazonS3
x-timer
S1704649570.389940,VS0,VE0
etag
"11ee85ad71debb9f00a186341c5562fb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
76152
related.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		103 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/related.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9d9f5036d0bd2be56f58b96153837812b097932175127c8b0261eb0ba7b58de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
via
1.1 varnish
age
4648673
x-cache
HIT
content-length
25137
x-served-by
cache-sof1510034-SOF
last-modified
Mon, 13 Nov 2023 20:12:25 GMT
server
AmazonS3
x-timer
S1704649570.391108,VS0,VE0
etag
"e6b820b0a7ae68bd30c9a97e44e1ea55"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
68163
ATeFDMnl.m3u8
cdn.jwplayer.com/manifests/ 		2 KB
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/manifests/ATeFDMnl.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:9000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
a30e7f501df585cbaa72873bde803d922372e99a76afd443dea3adaedafb197e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
via
1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
426
x-amz-cf-id
babE-DWBS1aP2MnyLh5_tdQu8LFQ6onVimrpznbN3Co5sj6X9u4BcA==
ch9GHjMH-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/ATeFDMnl/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/ch9GHjMH-720.jpg
49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/ch9GHjMH-720.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e55be80f24ce1dd7737d5871d5df358295b88be19088083e4b4f2b7ac6aa618e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
289
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
50467
x-served-by
cache-iad-kjyo7100064-IAD, cache-sof1510034-SOF
last-modified
Fri, 05 Jan 2024 23:40:30 GMT
server
nginx
x-timer
S1704649571.548903,VS0,VE1
etag
"7959882b371f8cded736595b4bb55fe5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
6282, 1

Redirect headers

date
Sun, 07 Jan 2024 17:46:10 GMT
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/ch9GHjMH-720.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
t37rctPnBapMXUqV_4lAv1bXJsVXyC3IBUDXfvrlNPDCAYJ5qcb3HA==
ch9GHjMH-640.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/ATeFDMnl/poster.jpg?width=640
  • https://assets-jpcust.jwpsrv.com/thumbnails/ch9GHjMH-640.jpg
41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/ch9GHjMH-640.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2c6f340c73c5d38b09aec58e548f9c8a81612304ce4ff6c5d328d5cae7971001

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
128
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
42248
x-served-by
cache-iad-kjyo7100083-IAD, cache-sof1510034-SOF
last-modified
Fri, 05 Jan 2024 23:40:29 GMT
server
nginx
x-timer
S1704649571.570872,VS0,VE124
etag
"8d16516c8e462c515ee1b0d4f04e5fad"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
4044, 0

Redirect headers

date
Sun, 07 Jan 2024 17:46:10 GMT
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/ch9GHjMH-640.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
WwW5-Q3GvbAAWHDUiCEW947vVg08ZenkaAq4szOaMFLCFiPpY3twMw==
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
8efe1e083d7c5a03888a13c044d8778686f1c0f813b8a56b8d3f67393266d977

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.6.0
Content-Type
application/json
access-control-allow-origin
https://torontosun.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
Expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1031514
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4406ec0b1c3096c47cc81ccd957221894a1b848a562b1715993e7a61da1d8b97

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0N2r7HGbJTrnYEVH48usGGoKUDWFwYjDt7bKd%2B87VqJ3jhy3jSKXfL8Qc0yWUqlAQeNjOTBvRuQwJDMnolOfjWCztfwyUKE%2FSFEM9RUA76vBd1NmYiA1D0tCsjezSUfMUv%2FMW5gw"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
841e04c6ff48453a-TXL
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
st
imprammp.taboola.com/ Frame D58C 		439 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66632208&crid=6982207&dast=V84HoCLAYYCJENds6jERMwECIb7JxHIy4AAABgYID-AEk4dxOPaeRYC5a7kVs0WQ3XwsVq4lYYdxvHcmNZriwbIyAxi2Nm2IxWbtFytFiLZovNWuGbTNyK5XJlmCwnnpXNZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHgAoKb4A-EHEAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwACwYI2lAQCKA8IbLU-7z2X3BwCAhwgQAAACGCQAEg4ISgDIdB2cAAAAAAAAAABg8f___x9jAF8XQgYBQaJ_D4AHHwAPRAqUizACAAAAAPV_oHZkkk5QsagCAECQbgXgCgBAAGM5go1VGAAAAIAxC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aISI6ofTBF0o9Kj5BQQAWPMLCADAZtwAALwRgBN0CFoxGKxOQMwOAAAAwJ3___9_PSC0WDhHk91ysnJ5ZqONY7QweUa2mW9mm60Mg9Fwe4aspXF3xY6W-4gIy-z3HYR8t8vw8LkMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4GYDAZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBwMI2Ga0sg7VkNZmtRbvNci1cDEZu4XKwWZgGC9to5VmLXh_TxzmaDVeOLRIMANmL4CKdCP6e09tlcjrcor_lbzf9Pa-7RSzRnCzSieyyLy0WztFkt5ysXJ7ZaOMYLUyekW3mm9lmK8NgNNwXFrbJaGUZrCWryWwt2m2Wa-FiMHILl4PNwjRY2EYrz1r0-pg-ztFsuHLsG7vBaDZarmbLfWM3GM1Gy9Vsue8wmZ6pz9loPUlWH5nQ93upfjanQeEyWLw_iWkx7c4OnrPv6HQZl8mizuj3-_1-v9_v9_v9Bq3nYDYofLNz1KbM3tLSanphEBsMilgiOF2kE6Hf7bKIJZKnRToRbVbOmce58kxmC99mtXGsRhOHw2LxzRym5WaymoglStNFOtFL1H_EgIO5ZLWa6-aKwWyVAAAAAAAAAAAswTTTTQAAAACcDGq5mE0GywWAMYyrC9gEAAAAAABgl4sgr_y_259FscYeo4C_5_R2mZwOt-hv-dtNf8_rbmUAGJ07zDbzjCDWarWsAQAACGADAAAI4KYbbwLCKzn7gKKQotYLPXD5EeRwNto_ABVirVbL54u1Wi2B_____wQBAAAAAABMEA0CAAAAAADgyAA!&cmcv=&pix=undefined&cb=1704649570412&uv=151230705&tms=1704649570412&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!dfrc_vA!eidc_vA!t45!ufm_vC!uftchrwf_vC!ul151230-705_vB!unf_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=a97bc4d1-097d-4258-815b-a87c19c29e2c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5c517ea7fc2e8e584f8a7e41a884ecdb298e19132cca965c86f203b1d497fef6

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sun, 07 Jan 2024 17:46:10 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220025-FRA
x-timer
S1704649570.431220,VS0,VE10
sync
am-match.taboola.com/ Frame E4E3 		422 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V84HoCLAYYCJENds6jERMwECIb7JxHIy4AAABgYID-AEk4dxOPaeRYC5a7kVs0WQ3XwsVq4lYYdxvHcmNZriwbIyAxi2Nm2IxWbtFytFiLZovNWuGbTNyK5XJlmCwnnpXNZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHgAoKb4A-EHEAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwACwYI2lAQCKA8IbLU-7z2X3BwCAhwgQAAACGCQAEg4ISgDIdB2cAAAAAAAAAABg8f___x9jAF8XQgYBQaJ_D4AHHwAPRAqUizACAAAAAPV_oHZkkk5QsagCAECQbgXgCgBAAGM5go1VGAAAAIAxC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aISI6ofTBF0o9Kj5BQQAWPMLCADAZtwAALwRgBN0CFoxGKxOQMwOAAAAwJ3___9_PSC0WDhHk91ysnJ5ZqONY7QweUa2mW9mm60Mg9Fwe4aspXF3xY6W-4gIy-z3HYR8t8vw8LkMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4GYDAZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBwMI2Ga0sg7VkNZmtRbvNci1cDEZu4XKwWZgGC9to5VmLXh_TxzmaDVeOLRIMANmL4CKdCP6e09tlcjrcor_lbzf9Pa-7RSzRnCzSieyyLy0WztFkt5ysXJ7ZaOMYLUyekW3mm9lmK8NgNNwXFrbJaGUZrCWryWwt2m2Wa-FiMHILl4PNwjRY2EYrz1r0-pg-ztFsuHLsG7vBaDZarmbLfWM3GM1Gy9Vsue8wmZ6pz9loPUlWH5nQ93upfjanQeEyWLw_iWkx7c4OnrPv6HQZl8mizuj3-_1-v9_v9_v9Bq3nYDYofLNz1KbM3tLSanphEBsMilgiOF2kE6Hf7bKIJZKnRToRbVbOmce58kxmC99mtXGsRhOHw2LxzRym5WaymoglStNFOtFL1H_EgIO5ZLWa6-aKwWyVAAAAAAAAAAAswTTTTQAAAACcDGq5mE0GywWAMYyrC9gEAAAAAABgl4sgr_y_259FscYeo4C_5_R2mZwOt-hv-dtNf8_rbmUAGJ07zDbzjCDWarWsAQAACGADAAAI4KYbbwLCKzn7gKKQotYLPXD5EeRwNto_ABVirVbL54u1Wi2B_____wQBAAAAAABMEA0CAAAAAADgyAA!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
61aafdd69b28536e6d5376e8b7b9044da15bb4934410c00591bd18d23f283284

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 07 Jan 2024 17:46:10 GMT
machineid
3407
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66632208&crid=6982207&dast=V84HoCLAYYCJENds6jERMwECIb7JxHIy4AAABgYID-AEk4dxOPaeRYC5a7kVs0WQ3XwsVq4lYYdxvHcmNZriwbIyAxi2Nm2IxWbtFytFiLZovNWuGbTNyK5XJlmCwnnpXNZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHgAoKb4A-EHEAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwACwYI2lAQCKA8IbLU-7z2X3BwCAhwgQAAACGCQAEg4ISgDIdB2cAAAAAAAAAABg8f___x9jAF8XQgYBQaJ_D4AHHwAPRAqUizACAAAAAPV_oHZkkk5QsagCAECQbgXgCgBAAGM5go1VGAAAAIAxC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aISI6ofTBF0o9Kj5BQQAWPMLCADAZtwAALwRgBN0CFoxGKxOQMwOAAAAwJ3___9_PSC0WDhHk91ysnJ5ZqONY7QweUa2mW9mm60Mg9Fwe4aspXF3xY6W-4gIy-z3HYR8t8vw8LkMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4GYDAZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBwMI2Ga0sg7VkNZmtRbvNci1cDEZu4XKwWZgGC9to5VmLXh_TxzmaDVeOLRIMANmL4CKdCP6e09tlcjrcor_lbzf9Pa-7RSzRnCzSieyyLy0WztFkt5ysXJ7ZaOMYLUyekW3mm9lmK8NgNNwXFrbJaGUZrCWryWwt2m2Wa-FiMHILl4PNwjRY2EYrz1r0-pg-ztFsuHLsG7vBaDZarmbLfWM3GM1Gy9Vsue8wmZ6pz9loPUlWH5nQ93upfjanQeEyWLw_iWkx7c4OnrPv6HQZl8mizuj3-_1-v9_v9_v9Bq3nYDYofLNz1KbM3tLSanphEBsMilgiOF2kE6Hf7bKIJZKnRToRbVbOmce58kxmC99mtXGsRhOHw2LxzRym5WaymoglStNFOtFL1H_EgIO5ZLWa6-aKwWyVAAAAAAAAAAAswTTTTQAAAACcDGq5mE0GywWAMYyrC9gEAAAAAABgl4sgr_y_259FscYeo4C_5_R2mZwOt-hv-dtNf8_rbmUAGJ07zDbzjCDWarWsAQAACGADAAAI4KYbbwLCKzn7gKKQotYLPXD5EeRwNto_ABVirVbL54u1Wi2B_____wQBAAAAAABMEA0CAAAAAADgyAA!&cmcv=&pix=31589837&cb=1704649570412&uv=151230705&tms=1704649570412&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!dfrc_vA!eidc_vA!t45!ufm_vC!uftchrwf_vC!ul151230-705_vB!unf_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1704649568310.8!ts:1704649570412&mntl=1
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-length
0
server
nginx
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 07 Jan 2024 17:46:10 GMT
generic
match.adsrvr.org/track/cmf/ Frame D58C 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66632208&crid=6982207&dast=V84HoCLAYYCJENds6jERMwECIb7JxHIy4AAABgYID-AEk4dxOPaeRYC5a7kVs0WQ3XwsVq4lYYdxvHcmNZriwbIyAxi2Nm2IxWbtFytFiLZovNWuGbTNyK5XJlmCwnnpXNZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHgAoKb4A-EHEAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwACwYI2lAQCKA8IbLU-7z2X3BwCAhwgQAAACGCQAEg4ISgDIdB2cAAAAAAAAAABg8f___x9jAF8XQgYBQaJ_D4AHHwAPRAqUizACAAAAAPV_oHZkkk5QsagCAECQbgXgCgBAAGM5go1VGAAAAIAxC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aISI6ofTBF0o9Kj5BQQAWPMLCADAZtwAALwRgBN0CFoxGKxOQMwOAAAAwJ3___9_PSC0WDhHk91ysnJ5ZqONY7QweUa2mW9mm60Mg9Fwe4aspXF3xY6W-4gIy-z3HYR8t8vw8LkMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4GYDAZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBwMI2Ga0sg7VkNZmtRbvNci1cDEZu4XKwWZgGC9to5VmLXh_TxzmaDVeOLRIMANmL4CKdCP6e09tlcjrcor_lbzf9Pa-7RSzRnCzSieyyLy0WztFkt5ysXJ7ZaOMYLUyekW3mm9lmK8NgNNwXFrbJaGUZrCWryWwt2m2Wa-FiMHILl4PNwjRY2EYrz1r0-pg-ztFsuHLsG7vBaDZarmbLfWM3GM1Gy9Vsue8wmZ6pz9loPUlWH5nQ93upfjanQeEyWLw_iWkx7c4OnrPv6HQZl8mizuj3-_1-v9_v9_v9Bq3nYDYofLNz1KbM3tLSanphEBsMilgiOF2kE6Hf7bKIJZKnRToRbVbOmce58kxmC99mtXGsRhOHw2LxzRym5WaymoglStNFOtFL1H_EgIO5ZLWa6-aKwWyVAAAAAAAAAAAswTTTTQAAAACcDGq5mE0GywWAMYyrC9gEAAAAAABgl4sgr_y_259FscYeo4C_5_R2mZwOt-hv-dtNf8_rbmUAGJ07zDbzjCDWarWsAQAACGADAAAI4KYbbwLCKzn7gKKQotYLPXD5EeRwNto_ABVirVbL54u1Wi2B_____wQBAAAAAABMEA0CAAAAAADgyAA!&cmcv=&pix=undefined&cb=1704649570412&uv=151230705&tms=1704649570412&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!dfrc_vA!eidc_vA!t45!ufm_vC!uftchrwf_vC!ul151230-705_vB!unf_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=a97bc4d1-097d-4258-815b-a87c19c29e2c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
server
Kestrel
content-length
70
content-type
image/gif
0a624e20-2526-4739-810d-8903a40a64e3-tuctc9468e1
pr-bh.ybp.yahoo.com/sync/taboola/ Frame D58C 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/0a624e20-2526-4739-810d-8903a40a64e3-tuctc9468e1?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66632208&crid=6982207&dast=V84HoCLAYYCJENds6jERMwECIb7JxHIy4AAABgYID-AEk4dxOPaeRYC5a7kVs0WQ3XwsVq4lYYdxvHcmNZriwbIyAxi2Nm2IxWbtFytFiLZovNWuGbTNyK5XJlmCwnnpXNZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHgAoKb4A-EHEAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwACwYI2lAQCKA8IbLU-7z2X3BwCAhwgQAAACGCQAEg4ISgDIdB2cAAAAAAAAAABg8f___x9jAF8XQgYBQaJ_D4AHHwAPRAqUizACAAAAAPV_oHZkkk5QsagCAECQbgXgCgBAAGM5go1VGAAAAIAxC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aISI6ofTBF0o9Kj5BQQAWPMLCADAZtwAALwRgBN0CFoxGKxOQMwOAAAAwJ3___9_PSC0WDhHk91ysnJ5ZqONY7QweUa2mW9mm60Mg9Fwe4aspXF3xY6W-4gIy-z3HYR8t8vw8LkMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4GYDAZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBwMI2Ga0sg7VkNZmtRbvNci1cDEZu4XKwWZgGC9to5VmLXh_TxzmaDVeOLRIMANmL4CKdCP6e09tlcjrcor_lbzf9Pa-7RSzRnCzSieyyLy0WztFkt5ysXJ7ZaOMYLUyekW3mm9lmK8NgNNwXFrbJaGUZrCWryWwt2m2Wa-FiMHILl4PNwjRY2EYrz1r0-pg-ztFsuHLsG7vBaDZarmbLfWM3GM1Gy9Vsue8wmZ6pz9loPUlWH5nQ93upfjanQeEyWLw_iWkx7c4OnrPv6HQZl8mizuj3-_1-v9_v9_v9Bq3nYDYofLNz1KbM3tLSanphEBsMilgiOF2kE6Hf7bKIJZKnRToRbVbOmce58kxmC99mtXGsRhOHw2LxzRym5WaymoglStNFOtFL1H_EgIO5ZLWa6-aKwWyVAAAAAAAAAAAswTTTTQAAAACcDGq5mE0GywWAMYyrC9gEAAAAAABgl4sgr_y_259FscYeo4C_5_R2mZwOt-hv-dtNf8_rbmUAGJ07zDbzjCDWarWsAQAACGADAAAI4KYbbwLCKzn7gKKQotYLPXD5EeRwNto_ABVirVbL54u1Wi2B_____wQBAAAAAABMEA0CAAAAAADgyAA!&cmcv=&pix=undefined&cb=1704649570412&uv=151230705&tms=1704649570412&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!dfrc_vA!eidc_vA!t45!ufm_vC!uftchrwf_vC!ul151230-705_vB!unf_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=a97bc4d1-097d-4258-815b-a87c19c29e2c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:4577:47d8:bc2a:f25c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame D58C 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66632208&crid=6982207&dast=V84HoCLAYYCJENds6jERMwECIb7JxHIy4AAABgYID-AEk4dxOPaeRYC5a7kVs0WQ3XwsVq4lYYdxvHcmNZriwbIyAxi2Nm2IxWbtFytFiLZovNWuGbTNyK5XJlmCwnnpXNZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHgAoKb4A-EHEAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwACwYI2lAQCKA8IbLU-7z2X3BwCAhwgQAAACGCQAEg4ISgDIdB2cAAAAAAAAAABg8f___x9jAF8XQgYBQaJ_D4AHHwAPRAqUizACAAAAAPV_oHZkkk5QsagCAECQbgXgCgBAAGM5go1VGAAAAIAxC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aISI6ofTBF0o9Kj5BQQAWPMLCADAZtwAALwRgBN0CFoxGKxOQMwOAAAAwJ3___9_PSC0WDhHk91ysnJ5ZqONY7QweUa2mW9mm60Mg9Fwe4aspXF3xY6W-4gIy-z3HYR8t8vw8LkMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4GYDAZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBwMI2Ga0sg7VkNZmtRbvNci1cDEZu4XKwWZgGC9to5VmLXh_TxzmaDVeOLRIMANmL4CKdCP6e09tlcjrcor_lbzf9Pa-7RSzRnCzSieyyLy0WztFkt5ysXJ7ZaOMYLUyekW3mm9lmK8NgNNwXFrbJaGUZrCWryWwt2m2Wa-FiMHILl4PNwjRY2EYrz1r0-pg-ztFsuHLsG7vBaDZarmbLfWM3GM1Gy9Vsue8wmZ6pz9loPUlWH5nQ93upfjanQeEyWLw_iWkx7c4OnrPv6HQZl8mizuj3-_1-v9_v9_v9Bq3nYDYofLNz1KbM3tLSanphEBsMilgiOF2kE6Hf7bKIJZKnRToRbVbOmce58kxmC99mtXGsRhOHw2LxzRym5WaymoglStNFOtFL1H_EgIO5ZLWa6-aKwWyVAAAAAAAAAAAswTTTTQAAAACcDGq5mE0GywWAMYyrC9gEAAAAAABgl4sgr_y_259FscYeo4C_5_R2mZwOt-hv-dtNf8_rbmUAGJ07zDbzjCDWarWsAQAACGADAAAI4KYbbwLCKzn7gKKQotYLPXD5EeRwNto_ABVirVbL54u1Wi2B_____wQBAAAAAABMEA0CAAAAAADgyAA!&cmcv=&pix=undefined&cb=1704649570412&uv=151230705&tms=1704649570412&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!dfrc_vA!eidc_vA!t45!ufm_vC!uftchrwf_vC!ul151230-705_vB!unf_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=a97bc4d1-097d-4258-815b-a87c19c29e2c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
bridge3.609.1_en_ca.html
imasdk.googleapis.com/js/core/ Frame A8E9 		750 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en_ca.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e7efb6ae6f9571dd815db7eee285ce5288648414d2ce024f97135625180c6af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
172535
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245974
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 17:50:35 GMT
expires
Sat, 04 Jan 2025 17:50:35 GMT
last-modified
Mon, 18 Dec 2023 19:42:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 07 Jan 2024 17:46:10 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6A8C 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:48:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 07 Jan 2024 17:48:22 GMT
generic
match.adsrvr.org/track/cmf/ Frame E4E3 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V84HoCLAYYCJENds6jERMwECIb7JxHIy4AAABgYID-AEk4dxOPaeRYC5a7kVs0WQ3XwsVq4lYYdxvHcmNZriwbIyAxi2Nm2IxWbtFytFiLZovNWuGbTNyK5XJlmCwnnpXNZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHgAoKb4A-EHEAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwACwYI2lAQCKA8IbLU-7z2X3BwCAhwgQAAACGCQAEg4ISgDIdB2cAAAAAAAAAABg8f___x9jAF8XQgYBQaJ_D4AHHwAPRAqUizACAAAAAPV_oHZkkk5QsagCAECQbgXgCgBAAGM5go1VGAAAAIAxC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aISI6ofTBF0o9Kj5BQQAWPMLCADAZtwAALwRgBN0CFoxGKxOQMwOAAAAwJ3___9_PSC0WDhHk91ysnJ5ZqONY7QweUa2mW9mm60Mg9Fwe4aspXF3xY6W-4gIy-z3HYR8t8vw8LkMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4GYDAZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBwMI2Ga0sg7VkNZmtRbvNci1cDEZu4XKwWZgGC9to5VmLXh_TxzmaDVeOLRIMANmL4CKdCP6e09tlcjrcor_lbzf9Pa-7RSzRnCzSieyyLy0WztFkt5ysXJ7ZaOMYLUyekW3mm9lmK8NgNNwXFrbJaGUZrCWryWwt2m2Wa-FiMHILl4PNwjRY2EYrz1r0-pg-ztFsuHLsG7vBaDZarmbLfWM3GM1Gy9Vsue8wmZ6pz9loPUlWH5nQ93upfjanQeEyWLw_iWkx7c4OnrPv6HQZl8mizuj3-_1-v9_v9_v9Bq3nYDYofLNz1KbM3tLSanphEBsMilgiOF2kE6Hf7bKIJZKnRToRbVbOmce58kxmC99mtXGsRhOHw2LxzRym5WaymoglStNFOtFL1H_EgIO5ZLWa6-aKwWyVAAAAAAAAAAAswTTTTQAAAACcDGq5mE0GywWAMYyrC9gEAAAAAABgl4sgr_y_259FscYeo4C_5_R2mZwOt-hv-dtNf8_rbmUAGJ07zDbzjCDWarWsAQAACGADAAAI4KYbbwLCKzn7gKKQotYLPXD5EeRwNto_ABVirVbL54u1Wi2B_____wQBAAAAAABMEA0CAAAAAADgyAA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
server
Kestrel
content-length
70
content-type
image/gif
0a624e20-2526-4739-810d-8903a40a64e3-tuctc9468e1
pr-bh.ybp.yahoo.com/sync/taboola/ Frame E4E3 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/0a624e20-2526-4739-810d-8903a40a64e3-tuctc9468e1?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V84HoCLAYYCJENds6jERMwECIb7JxHIy4AAABgYID-AEk4dxOPaeRYC5a7kVs0WQ3XwsVq4lYYdxvHcmNZriwbIyAxi2Nm2IxWbtFytFiLZovNWuGbTNyK5XJlmCwnnpXNZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHgAoKb4A-EHEAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwACwYI2lAQCKA8IbLU-7z2X3BwCAhwgQAAACGCQAEg4ISgDIdB2cAAAAAAAAAABg8f___x9jAF8XQgYBQaJ_D4AHHwAPRAqUizACAAAAAPV_oHZkkk5QsagCAECQbgXgCgBAAGM5go1VGAAAAIAxC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aISI6ofTBF0o9Kj5BQQAWPMLCADAZtwAALwRgBN0CFoxGKxOQMwOAAAAwJ3___9_PSC0WDhHk91ysnJ5ZqONY7QweUa2mW9mm60Mg9Fwe4aspXF3xY6W-4gIy-z3HYR8t8vw8LkMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4GYDAZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBwMI2Ga0sg7VkNZmtRbvNci1cDEZu4XKwWZgGC9to5VmLXh_TxzmaDVeOLRIMANmL4CKdCP6e09tlcjrcor_lbzf9Pa-7RSzRnCzSieyyLy0WztFkt5ysXJ7ZaOMYLUyekW3mm9lmK8NgNNwXFrbJaGUZrCWryWwt2m2Wa-FiMHILl4PNwjRY2EYrz1r0-pg-ztFsuHLsG7vBaDZarmbLfWM3GM1Gy9Vsue8wmZ6pz9loPUlWH5nQ93upfjanQeEyWLw_iWkx7c4OnrPv6HQZl8mizuj3-_1-v9_v9_v9Bq3nYDYofLNz1KbM3tLSanphEBsMilgiOF2kE6Hf7bKIJZKnRToRbVbOmce58kxmC99mtXGsRhOHw2LxzRym5WaymoglStNFOtFL1H_EgIO5ZLWa6-aKwWyVAAAAAAAAAAAswTTTTQAAAACcDGq5mE0GywWAMYyrC9gEAAAAAABgl4sgr_y_259FscYeo4C_5_R2mZwOt-hv-dtNf8_rbmUAGJ07zDbzjCDWarWsAQAACGADAAAI4KYbbwLCKzn7gKKQotYLPXD5EeRwNto_ABVirVbL54u1Wi2B_____wQBAAAAAABMEA0CAAAAAADgyAA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:4577:47d8:bc2a:f25c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame E4E3 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V84HoCLAYYCJENds6jERMwECIb7JxHIy4AAABgYID-AEk4dxOPaeRYC5a7kVs0WQ3XwsVq4lYYdxvHcmNZriwbIyAxi2Nm2IxWbtFytFiLZovNWuGbTNyK5XJlmCwnnpXNZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0u0HQ6fK57vehv-dtNf8_rbtf43X45AAAAAHgAoKb4A-EHEAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwACwYI2lAQCKA8IbLU-7z2X3BwCAhwgQAAACGCQAEg4ISgDIdB2cAAAAAAAAAABg8f___x9jAF8XQgYBQaJ_D4AHHwAPRAqUizACAAAAAPV_oHZkkk5QsagCAECQbgXgCgBAAGM5go1VGAAAAIAxC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aISI6ofTBF0o9Kj5BQQAWPMLCADAZtwAALwRgBN0CFoxGKxOQMwOAAAAwJ3___9_PSC0WDhHk91ysnJ5ZqONY7QweUa2mW9mm60Mg9Fwe4aspXF3xY6W-4gIy-z3HYR8t8vw8LkMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4GYDAZoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBwMI2Ga0sg7VkNZmtRbvNci1cDEZu4XKwWZgGC9to5VmLXh_TxzmaDVeOLRIMANmL4CKdCP6e09tlcjrcor_lbzf9Pa-7RSzRnCzSieyyLy0WztFkt5ysXJ7ZaOMYLUyekW3mm9lmK8NgNNwXFrbJaGUZrCWryWwt2m2Wa-FiMHILl4PNwjRY2EYrz1r0-pg-ztFsuHLsG7vBaDZarmbLfWM3GM1Gy9Vsue8wmZ6pz9loPUlWH5nQ93upfjanQeEyWLw_iWkx7c4OnrPv6HQZl8mizuj3-_1-v9_v9_v9Bq3nYDYofLNz1KbM3tLSanphEBsMilgiOF2kE6Hf7bKIJZKnRToRbVbOmce58kxmC99mtXGsRhOHw2LxzRym5WaymoglStNFOtFL1H_EgIO5ZLWa6-aKwWyVAAAAAAAAAAAswTTTTQAAAACcDGq5mE0GywWAMYyrC9gEAAAAAABgl4sgr_y_259FscYeo4C_5_R2mZwOt-hv-dtNf8_rbmUAGJ07zDbzjCDWarWsAQAACGADAAAI4KYbbwLCKzn7gKKQotYLPXD5EeRwNto_ABVirVbL54u1Wi2B_____wQBAAAAAABMEA0CAAAAAADgyAA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.198.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-198-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
manifest-audio_eng=112003-video_eng=165958.m3u8
videos-cloudfront-usp.jwpsrv.com/659b8c22_2110c6545c3f7c09433b355fda062bcb009cfd70/site/ReDAXyY4/media/ATeFDMnl/version/ATeFDMnl/manifest.ism/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/659b8c22_2110c6545c3f7c09433b355fda062bcb009cfd70/site/ReDAXyY4/media/ATeFDMnl/version/ATeFDMnl/manifest.ism/manifest-audio_eng=112003-video_eng=165958.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:2c00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
79856efd88e20be51b8c2d3e8458488d1025cb7f37aec110c821bdbce0a1bb84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 00:09:41 GMT
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
149789
x-cache
Hit from cloudfront
content-length
5978
server
Apache
etag
"usp-DB3810F8"
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
9TUv_aQkd9F_5QX5vd9caMLSJVUtqOkEtoabpNbssZC1MUTp4XKhhg==
cx-overlay.js
tags.catapultx.com/cxo/ 		127 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/cx-overlay.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/cx-bootstrapper-init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9fba1b0797e04bb4e94dffcf9068f89e75b4fa5569dc9efcb5aa72275435457b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
84
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBEZLoED0G22GWEcB%2BH3zHbo6cC3g%2BoR%2FjfHSusn3UfbDiG1KQU2Fyt5WFbXcxcpphpmTVl%2BfHnBMbzNerAlZ4CHh9YNlsPqv43FM8l748%2Ft7HJ3qn93RmkFvg9qBUS7xbH%2BUcJRcT0UbV1regmnEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
841e04c8ac909bc2-FRA
ATeFDMnl-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/ATeFDMnl-120.jpg
  • https://assets-jpcust.jwpsrv.com/strips/ATeFDMnl-120.jpg
202 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/strips/ATeFDMnl-120.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
37dbff3585ffc11e82ba63e5cc80c788c0f81d8fd4b80df9870c19cc5279951d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
117
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
206140
x-served-by
cache-iad-kjyo7100032-IAD, cache-sof1510034-SOF
last-modified
Fri, 05 Jan 2024 23:34:16 GMT
server
nginx
x-timer
S1704649571.816921,VS0,VE111
etag
"7712a2510f75958f50bd834c929c545a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
4613, 0

Redirect headers

date
Sun, 07 Jan 2024 17:46:10 GMT
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/ATeFDMnl-120.jpg
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
j_O3scAQnls4FwIDwvpI7ZWsqGsIFBwaL3SLs3ShALi2SjHm_P2DFw==
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Sun, 07 Jan 2024 17:46:10 GMT
cast_sender.js
www.gstatic.com/eureka/clank/120/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 08:08:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 08 Jan 2024 08:08:21 GMT
p-fc3a8e1a.system.js
tags.catapultx.com/cxo/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/p-fc3a8e1a.system.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/cx-overlay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3e72ffa59a0684c988173f4ea0d75435f8ff50995c92974aa316288efe96a539

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
84
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xlzBMosO2Qg7VIgGw2iqSE800HmOu%2BcGd47D7vnmB0mF9pHosnrxSvcywIeCTwH6Vk5MZterc3h6pIPEcd%2Fv1NvOKXovkdvuvh%2FQUGZqBHO7QP8XbGji%2BCAG0zCUIpQd1CTHxESeYjoCrFvURwgJ8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
841e04c91cff9bc2-FRA
manifest-audio_eng=112003-video_eng=165958-1.ts
videos-cloudfront-usp.jwpsrv.com/659b8c22_2110c6545c3f7c09433b355fda062bcb009cfd70/site/ReDAXyY4/media/ATeFDMnl/version/ATeFDMnl/manifest.ism/ 		206 KB
207 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/659b8c22_2110c6545c3f7c09433b355fda062bcb009cfd70/site/ReDAXyY4/media/ATeFDMnl/version/ATeFDMnl/manifest.ism/manifest-audio_eng=112003-video_eng=165958-1.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:2c00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
2480aebf0a0768478196d3e12e9c5c7677346c2e932294ebd0a24c58b03cdbe8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 00:09:42 GMT
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-usp-info1
t=1970-01-01T00:00:00Z lookahead=2
x-amz-cf-pop
FRA56-P7
age
149788
x-cache
Hit from cloudfront
content-length
210936
server
Apache
etag
"usp-0F1B6168"
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
link
<manifest-audio_eng=112003-video_eng=165958-2.ts>; rel="next"
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
L4v1sL6JwuKpF3NNNSzpKBGdDW-Dzamt0DXAksDMk1hG7wPu3JNG2A==
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
signinprompt
edge-auth.microsoft.com/v0.5/ Frame 6247 		472 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=6131311c-dc5f-430e-b8d7-5231edd0ffe3&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/js/ms_auth_client.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
e3054414e976c11e50add9beb539f96c98dc453b124997cc00a18377e7e49044
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-O56yDR2ebDSnls35XPfAVZ5bKP3ygl25mg9J7XDPMpXSPUehxwg0BEXBFswiUkmvUYIy3fhw9p+In0VY6wI9Po77G/gd7Vv1lsBjAAClIfh/s2C0bYO6huXOxZg6elgBXgnisv7hMUlEyuu5rXQc2mfZwOhCh2/SkZCKDO2F+7I=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
script-src 'strict-dynamic' 'nonce-O56yDR2ebDSnls35XPfAVZ5bKP3ygl25mg9J7XDPMpXSPUehxwg0BEXBFswiUkmvUYIy3fhw9p+In0VY6wI9Po77G/gd7Vv1lsBjAAClIfh/s2C0bYO6huXOxZg6elgBXgnisv7hMUlEyuu5rXQc2mfZwOhCh2/SkZCKDO2F+7I=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
content-type
text/html; charset=utf-8
date
Sun, 07 Jan 2024 17:46:10 GMT
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: E8C6893680D749748F1E8ECBB06B827B Ref B: AMS231032606019 Ref C: 2024-01-07T17:46:10Z
load
experience.tinypass.com/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=KlFb8Hg2nS
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0876b1b660da79fad9471d3e15816803e4c8f066cba866063bca01f316f7ec93
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
date
Sun, 07 Jan 2024 17:46:10 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 07 Jan 2024 17:10:25 GMT
server
cloudflare
age
2145
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
841e04ca1eb79b1c-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
pq5zt2jyfp
expires
Sun, 07 Jan 2024 18:16:10 GMT
vf-v2.js
cdn.viafoura.net/ 		860 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:3000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2196688d207f9a82188db611ae912978d9c8216c2b4315784871bce6d42846d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
YlbS_G4WAW7t_ds3W.YeUbIaDvXXT1Jm
content-encoding
br
via
1.1 24145882259ee3aa55cb95d62adb00ea.cloudfront.net (CloudFront)
date
Sun, 07 Jan 2024 17:41:41 GMT
x-amz-cf-pop
AMS58-P2
age
270
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:26 GMT
server
AmazonS3
etag
W/"70684489be37a1b0f601e0e4dcb4baad"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
dpunQj_4NQ8p3IIfPvCP_onMmtjl6VZeLOwfecztpgRC5YdqV9quVA==
gtm.js
www.googletagmanager.com/ 		451 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b37c636901648d8313b4c544e3ac49dd082363a2ba3b5054e17827cb3a42bf82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128225
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jan 2024 17:46:10 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 02:10:24 GMT
content-encoding
gzip
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
56171
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
YaH2dNc5z8LHYKSDHMnyvQg2As_zysamWq4M7j-LExbQ0WkivJ8z-g==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 		325 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3453badf9d7b19aeb5d5f8c9c99b712316e6e5ed4396936a63c3a6bf3e66701e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200117-IAD, cache-sof1510029-SOF
date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
109
x-timer
S1704649571.958371,VS0,VE0
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache
HIT, HIT
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
116130
x-cache-hits
13, 2
gtm.js
www.googletagmanager.com/ 		155 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5b2235f368177459bb062c822eee7926fd1133945771090dfd1493b66c223399
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50886
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jan 2024 17:46:10 GMT
p-31c577a7.system.js
tags.catapultx.com/cxo/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/p-31c577a7.system.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/cx-overlay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a87dab54792ca3697212f10ca3a1504a38c2c6d609612d0e3954824d2726a172

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
83
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYm9O%2BibCbqC6UC%2F6VjzLUQ9OHfSNoU%2FavitC3RQNCfRmdaovmCC7tLcyKeJKQesoAA2TeHvNPAprgQCZrvZ6rrKalRXXWcepM3kHl6ngz7TpcBB0QvrPoWcvh6OGd2EYmosOX%2B5jAs84alYvEDg%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
841e04c9ad909bc2-FRA
ms_auth_server_button.min.js
edge-auth.microsoft.com/v0.5/js/ Frame 6247 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=6131311c-dc5f-430e-b8d7-5231edd0ffe3&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
7c8f24757683d5fece3f8af5853e19b1432c3d9110c3f6307b1ea434807eb4c7
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-pWhHehgjjB7nB22H5DQXqguxsAAgH6Yt5JF7T68J2gVaaVB0HKylmsPC2QvqLhA2drLu39YkfahyXXEm7DlF/j4qG0qVYMm7iE00dqz+Q8TEUATR8skeXazZ3FCgrM07ZglQFsOeWAzkTzLPVlDL/39BMjkZgfEcJJm0vVe/NG8=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=6131311c-dc5f-430e-b8d7-5231edd0ffe3&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-pWhHehgjjB7nB22H5DQXqguxsAAgH6Yt5JF7T68J2gVaaVB0HKylmsPC2QvqLhA2drLu39YkfahyXXEm7DlF/j4qG0qVYMm7iE00dqz+Q8TEUATR8skeXazZ3FCgrM07ZglQFsOeWAzkTzLPVlDL/39BMjkZgfEcJJm0vVe/NG8=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
date
Sun, 07 Jan 2024 17:46:10 GMT
last-modified
Mon, 01 Jan 1601 14:50:07 GMT
x-msedge-ref
Ref A: 03BD8A2759F54847A0D005FDA34EA9FE Ref B: AMS231032606019 Ref C: 2024-01-07T17:46:10Z
etag
"7c590d111d"
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
26781
bulk
trc.taboola.com/postmedia-torontosun/log/3/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/postmedia-torontosun/log/3/bulk?tvi48=14791&tvi50=9864&route=AM%3AAM%3AV&lti=deflated&bulkSize=5
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240107-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
date
Sun, 07 Jan 2024 17:46:10 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7531
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220025-FRA
pragma
no-cache
server
nginx
x-timer
S1704649571.886505,VS0,VE10
content-type
image/gif
access-control-allow-origin
https://torontosun.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
p-cb52e3b0.system.entry.js
tags.catapultx.com/cxo/ 		553 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/cx-overlay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4da325f33603cea1c0fb888724333710a30f485bd6bacd5bb5c3cf094c1048f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
83
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OjwEknh6u50AQbrRq%2Bqzv3aZ%2BQY8Yp0zs3BNuclcIngSj9c6HfQ363USjYDZadFNMJpw2qA0FKZCGq6xisLfvM%2FovFo2c%2F59GVQVPY8DyQwmhoTxlT4yD5NiFyJYysvSVBAz%2FIuvk5ZasFQG2fUBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
841e04ca0dde9bc2-FRA
c7bc79cc-3306-43af-b052-e8036b6d9962
https://torontosun.com/ 		366 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://torontosun.com/c7bc79cc-3306-43af-b052-e8036b6d9962
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
943030a2bb4a69de7b031fefa25844e7cfd27154a2ba1f4b05d180a55273ab21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
374591
Content-Type
text/javascript
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sun, 07 Jan 2024 17:46:10 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
20980
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-etou8220025-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1704649571.914595,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
7
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
10340
metric
edge-auth.microsoft.com/ Frame 6247 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/metric
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-7dGsjgXxlRtaE9AwqzAGbUJGbljXfTS3YK3BjBgFCNYXW+1vaxEwc9Q4z43LQ5Gbm6STBzwRM3iJZY8VfakpNnLjJ0y9IyHQ4FuuM78Pj1SZU7qFBoUsH0hMxoCw1n1l8HKuLSflO3fZ8VMYQFqOI30oxkWrrH2Qxfq1qImAYxA=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=6131311c-dc5f-430e-b8d7-5231edd0ffe3&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-7dGsjgXxlRtaE9AwqzAGbUJGbljXfTS3YK3BjBgFCNYXW+1vaxEwc9Q4z43LQ5Gbm6STBzwRM3iJZY8VfakpNnLjJ0y9IyHQ4FuuM78Pj1SZU7qFBoUsH0hMxoCw1n1l8HKuLSflO3fZ8VMYQFqOI30oxkWrrH2Qxfq1qImAYxA=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Sun, 07 Jan 2024 17:46:10 GMT
x-msedge-ref
Ref A: DB5497ABDC354C599FA4FC6227704903 Ref B: AMS231032606019 Ref C: 2024-01-07T17:46:10Z
content-length
0
x-cache
CONFIG_NOCACHE
metric
edge-auth.microsoft.com/ Frame 6247 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/metric
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-YEObpwsFNECBgDgddtiYKJGuoJMz2W22+oyKc/pvWDsRfoydcJOHdtd7rtcpvsjIJcWza3PxwOr2xxeOpVdJrJRuEJktkmAEduLcVou4l9eeBsnSJdps0tfKYBz8PVOXPhgl5oUnzIgx/x5yLeaqgG4xb3EJ/QegWQ4SrupAtJw=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=6131311c-dc5f-430e-b8d7-5231edd0ffe3&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-YEObpwsFNECBgDgddtiYKJGuoJMz2W22+oyKc/pvWDsRfoydcJOHdtd7rtcpvsjIJcWza3PxwOr2xxeOpVdJrJRuEJktkmAEduLcVou4l9eeBsnSJdps0tfKYBz8PVOXPhgl5oUnzIgx/x5yLeaqgG4xb3EJ/QegWQ4SrupAtJw=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Sun, 07 Jan 2024 17:46:10 GMT
x-msedge-ref
Ref A: 5B1F77AEE9CD4B98BFF4BC4A18340B57 Ref B: AMS231032606019 Ref C: 2024-01-07T17:46:10Z
content-length
0
x-cache
CONFIG_NOCACHE
manifest-audio_eng=112003-video_eng=332489.m3u8
videos-cloudfront-usp.jwpsrv.com/659b8c22_2110c6545c3f7c09433b355fda062bcb009cfd70/site/ReDAXyY4/media/ATeFDMnl/version/ATeFDMnl/manifest.ism/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/659b8c22_2110c6545c3f7c09433b355fda062bcb009cfd70/site/ReDAXyY4/media/ATeFDMnl/version/ATeFDMnl/manifest.ism/manifest-audio_eng=112003-video_eng=332489.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:2c00:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
3de639f2f0ebcd89f4a882c98be04e22bbba56324d5ebe2c510fdfdb2e669840

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 00:09:17 GMT
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
149813
x-cache
Hit from cloudfront
content-length
5978
server
Apache
etag
"usp-40F16EF4"
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
ygIAAEE6WWmhOCH7x-IeR3pMM3LVE4YNXJ0JEjHBjRV-jhN7sLj70A==
tinypass.min.js
cdn.tinypass.com/api/ 		388 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js?version=2
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=KlFb8Hg2nS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec18ebaedb655fd8c94eb9c8160e218920dbe41c7059171f06c03d0dedd5010a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:10 GMT
x-amz-version-id
0QIZetJ_7irXXHtLgdmNhkMj0U1YDIAl
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
XJ91Y4JZVYX82WNQ
age
2000
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
XPnpwiN3oL41QmU61uYAvz5OM+wUT4HGsq999+OTHFLdSZaE2c+w0PJgM/eruKH1Z6H5CJdcj2Y=
last-modified
Tue, 19 Dec 2023 11:23:13 GMT
server
cloudflare
etag
W/"f8312bff3c7ba81de4b41efef3dbdb77"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
841e04ca8f119b1c-FRA
expires
Sun, 07 Jan 2024 21:46:10 GMT
wLe9WzmE-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/STu5EiL5/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-120.jpg
5 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-120.jpg
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dc8f07d0d7d589f25b15ba0fde69522ac179c805e13ea2ebe667a08583d8df99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
268
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
4361
x-served-by
cache-iad-kiad7000035-IAD, cache-sof1510034-SOF
last-modified
Fri, 05 Jan 2024 18:59:47 GMT
server
nginx
x-timer
S1704649571.141169,VS0,VE1
etag
"2520c96a175ff1eb9f6de1583a67f4ad"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
6716, 1

Redirect headers

date
Sun, 07 Jan 2024 17:46:11 GMT
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
q98cVIhtXrHxx4LKY5uCwcBJvYi5ZmCl8au_5f_t3Mv9IqKQfCWDkA==
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
841e04cad80a37f1-FRA
date
Sun, 07 Jan 2024 17:46:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W00dzAMuBFKPo4Q%2F1v7Ul5oKTm0%2BSoCEB%2FIU1CW6ClIKSLnQ3%2B9VjWTzjubYgyNcv7I6u3K5pd5gpbBd30QXrYs2Z6MsixXBPrmUDj%2FsszTqBvCT0oYJLwuBcYl6badGL5izSNSMEjDgI704y7s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7DRXXvvZC5nGLoeQ5FIyjI7FSP3Zb4UODt2tlxVouF%2FS3xQHi1%2F6h7fEaOrD3LI8Kil9vI96xy1j045p%2BFHO6xdy1PKxLNHtbK0dzClOjbWwqnVGlVV5%2BWp%2F0nArns2TG3dC3Pqh892qOPB7Ks%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
841e04cbb8e037f1-FRA
content-length
0
torontosun.com
demand.qortex.ai/api/v1/group/configs/QiUOkGRFYUWNdgFd8CThQ/ 		19 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/group/configs/QiUOkGRFYUWNdgFd8CThQ/torontosun.com
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11006991c45fb65b530c1945894d4797e0b957a575895c27ae8e4326238ffeb6

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srzUMBnk3hJxCRuLoK5gpcKH%2B3lcn93s8XLF3tkQyB7azyzXcy9fevOi%2BLR73tYhxwLusqov9m7owJS7MIVtSt%2B%2BbDhqEGmjDY1Ix%2BLXHTIo%2FijZINONvhHVjNOoSmD0oYTTKUXwQrjN21ueL9U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
841e04cae81b37f1-FRA
player-event
events.qortex.ai/api/v1/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfkTgQiOHgTmZmLjf1tWLpzM75sadsCWpR33kELZTWFKt%2FGmczA1jP1%2F%2Bc7E0r6NPw%2FJi0cdqgo2sqZgpzW4PbhRZv9QxpqkzJSwQR3PpCd2a9uTp5W5bIWM%2FlXosnWIdNzsV%2FLqvIzQeeqeQGo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
841e04cc496637f1-FRA
content-length
0
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
841e04cb588537f1-FRA
date
Sun, 07 Jan 2024 17:46:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlQc4193VivhjsSIncs25OXk43DGaBH%2FLy%2F6WVsct%2Fpj3XKnxpJpB5PpgWy5sb3QDEKLkx7jh94q4Upj9Ep7tKcAskxyb3DKnqF1yLBTv0pvFk65daIfXh%2BL5oq6e%2BtKQkk%2F7jemrTGrrU%2FHOuA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
container.html
eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 86E9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 17:46:10 GMT
expires
Mon, 06 Jan 2025 17:46:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v2
api.viafoura.co/v2/torontosun.com/bootstrap/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/torontosun.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4848:9168:e8ca:4c02:4000 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c45ddb38cf1a41aae12456548436afacbe8963b3fdb2e12cc8ef5dcfa7ce9e38

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-07198d477e4dc6983
pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sun, 07 Jan 2024 17:46:11 GMT
v2
api.viafoura.co/v2/torontosun.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/torontosun.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4848:9168:e8ca:4c02:4000 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://torontosun.com
access-control-max-age
1728000
cache-control
max-age=0
date
Sun, 07 Jan 2024 17:46:11 GMT
expires
Sun, 07 Jan 2024 17:46:11 GMT
server
nginx/1.18.0 (Ubuntu)
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:28b::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 17:46:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Dec 2023 11:02:02 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6055
Expires
Sun, 07 Jan 2024 18:46:11 GMT
execute
c2.piano.io/xbuilder/experience/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=KlFb8Hg2nS
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b8e90150baf5a2af5b6cd13b3e0cbef7533fcc1bc0534d8a1acbd55307e9ff6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
cqn9ngghtb
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
841e04ccd9e436de-FRA
js
www.googletagmanager.com/gtag/ 		264 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
71611e65aa09201d91933a7b4ed3d14d910bbf9060ac7fcd1858a373c47c5b40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91308
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Jan 2024 17:46:11 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
2052
date
Sun, 07 Jan 2024 17:46:11 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
2356
x-fastly-trace-id
1279978065
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-sof1510036-SOF
x-timer
S1704649571.451683,VS0,VE0
gtm.js
www.googletagmanager.com/ 		232 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ae114fd6e3f195baf18bb3aee13ec73a4cf45c5e563158e321e572336ed6505
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68904
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jan 2024 17:46:11 GMT
identify
identity.mparticle.com/v1/ 		176 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
279293cff4cfc93f69817f35816edd31da345660af3f03926d6fd640e091bba4
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
gzip
via
1.1 varnish
x-mp-max-age
86400
strict-transport-security
max-age=900
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
x-served-by
cache-sof1510036-SOF
server
Kestrel
x-timer
S1704649572.509226,VS0,VE138
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-fastly-trace-id
1279978953
accept-ranges
bytes
x-cache-hits
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1A75 		479 B
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEJy1yaMDGPmA84ACMAE&v=APEucNWAfAzD-arlJrpxAxtw97tJzRoGBv6yTdjebTlUx0HzLw--g-qQlYbZyd5SCktZoHMfO-s3jkZCvH8lyY_0DMXdxSU1HCHYIDY-8zMYH1eCoosUn8JrehriD9dcgxBL2LCE0MNHqz5cfug0Q59Z4N0G83b1TH-gaWTonpQ9mKJJep2QYJkzR7rBp7kSm4tMmUpPbR95
Requested by
Host: eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
URL: https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6b39190993e85b1795a44137f4b4bd8ecc562296a6856436a493804b2c4510a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
179
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 17:46:11 GMT
expires
Sun, 07 Jan 2024 17:46:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 86E9 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
URL: https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 17:46:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 86E9 		42 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BuRG62KgWFUuILmAPjZHvoMKwGquGGuvQMkm0TLVXEkhkZJ0kG3uzSUD8RRAySrTEwum5F13r892smwm5qz0CjEnoR2fsJqAXGs2-XPMWB04JY9Us
Requested by
Host: eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
URL: https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aa.js
q.adrta.com/s/pbm/ Frame 86E9 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/s/pbm/aa.js?cb=1795176146_1704649570_366942
Requested by
Host: eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
URL: https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.37.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-37-162.compute-1.amazonaws.com
Software
nginx /
Resource Hash
95702f2a23f96dd13a0d81ef2ddf4dd5ca80cc9fa1a190ef80ceacdb9578ea3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 86E9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js
Requested by
Host: eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
URL: https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 14:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
11366
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Jan 2024 14:36:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 86E9 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
URL: https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 14:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
11368
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Jan 2024 14:36:43 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 86E9 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
URL: https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 18:34:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
429088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 01 Jan 2025 18:34:43 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 86E9 		204 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
URL: https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 17:46:11 GMT
gtm.js
www.googletagmanager.com/ 		120 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJC8VVB&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f8f172ac46ed6c7e780e94b793b329888c592468c20046bb48ed2b11d259a631
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46603
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jan 2024 17:46:11 GMT
gtm.js
www.googletagmanager.com/ 		308 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5122fe576162260e3acac3a1c858f95ed8f08c86652914ec338eb0cf15188550
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93796
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jan 2024 17:46:11 GMT
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je4130v880952817z879194588&_p=1704649570800&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1389705724.1704649570&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1704649571&sct=1&seg=0&dl=https%3A%2F%2Ftorontosun.com%2F&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&en=page_view&_fv=1&_ss=1&tfd=3059
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-72QH41ZTMR&cid=1389705724.1704649570&gtm=45je4130v880952817z879194588&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je4130v880952817&_p=1704649570800&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1389705724.1704649570&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=2&sid=1704649571&sct=1&seg=0&dl=https%3A%2F%2Ftorontosun.com%2F&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&en=ad_impression&_c=1&ep.query_id=CI_Q5cDqy4MDFYHRuwgd3VUD0Q&_et=3&tfd=3064
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-72QH41ZTMR&cid=1389705724.1704649570&gtm=45je4130v880952817z879194588&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=942537349
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
841e04cd3a5637f1-FRA
date
Sun, 07 Jan 2024 17:46:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtKHnBSSV0oQTUtV60a3set9tSzwgxk5Tv9gFZ6xVMnWzS56qBSmdCJUxgWczf04y9Tpjra8%2Bylrj86%2B1anLTSMIrm4PamQ38dQmcEk%2BFP4cxerjvFyVEwEmQrpYQHjUUkj6kIcQ7tMqI48A%2Fuw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161089/5500/ 		212 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161089/5500/pwt.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4dcf78b31f69c1674cb5a75cd5fd5744538b50eaf34076396d9cf54acebee6e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:43:34 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=154436
accept-ranges
bytes
content-length
65407
expires
Tue, 09 Jan 2024 12:40:07 GMT
player-event
events.qortex.ai/api/v1/ 		0
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCXX7NEivJYLq%2FbJJJHC6N8uoUPSGlvTQ2Fchuq5gTpZ%2FzU%2FGDnuEoaZUySGP1Nvr8cY1z3xHKCqpMVQYJ%2B1NUHvGY5D%2FNGxZ0gDLEOCbc6kTIsXJEuoTI4GtvnsdDXqgSu0PrJmFxckgpQsT1A%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
841e04ce1b1d37f1-FRA
content-length
0
user-sync
sync.adkernel.com/ Frame AE96 		0
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=202197&r=https%3A%2F%2Fdemand.qortex.ai%2Fsync%3Fakuid%3Dhttps%3A%2F%2Ftorontosun.com%7C%7BUID%7D
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Sun, 07 Jan 2024 17:46:11 GMT
Server
nginx
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
841e04cd4a6437f1-FRA
date
Sun, 07 Jan 2024 17:46:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDtOoRYaL0WRDCq7aQs%2Fki%2B6eBuQqaqtKC0nhOXD2ZwXK1asgVRWdGupJzPYvcagknMoGIDnjU0BLgYyRSMBLtr0r9T0GqgZD45krKB0su0RoNHT5zrb%2FVQVZrYUlJQAoPJV6QNHJyIDd4GxywY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYTkAJGmvz58oxuVSTP5dokwjlOpNF5HnjQXOJmRWkyJlVqkhAOywHNSjr70IPXKqncOR35FTmEMyxuDkPvt%2FZ9FVtFjsLdHeWviUDVPptbxpY0Ybze2Dd3ktJ2HjXE9dcSOkfkW4Yf4XdR9Kg8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
841e04ce2b3637f1-FRA
content-length
0
cx.js
cdn.cxense.com/ 		111 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:28b::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
baa1e321fd815ef7c8bec6e9daa2ef002aadb656cc27cfdf6661dfdac33e0cda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 17:46:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Dec 2023 12:22:49 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37123
Expires
Sun, 07 Jan 2024 18:46:11 GMT
gtm.js
www.googletagmanager.com/ 		231 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFGNKKG&l=mpartical
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e81a27b0ffa5bfd7c2479297efa262f8e2bea76aabf94437eb8a2a36a65419fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75114
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jan 2024 17:46:11 GMT
js
www.googletagmanager.com/gtag/ 		265 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
476f23c3ccf2937fcafe45c3b5c80c950d48a6d080132131a0bf0a5e35d77ebf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91402
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Jan 2024 17:46:11 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 15:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
7074
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 07 Jan 2024 17:48:17 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		156 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7f6e2585f4bb89f9d5c4bf0bfdf2d8637fd97a0818ca76fe281eb7229e8fbf6

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
124
x-envoy-upstream-service-time
12
alt-svc
h3=":443"; ma=86400
content-length
45824
x-response-time
4ms
last-modified
Sun, 07 Jan 2024 17:44:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
841e04ce6df82298-CDG
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2aa7779577c8f4ff268d5bbd5b13b7d577930c1824b43b4b5442d4c92a695154
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 07 Jan 2024 17:46:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54372
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
DPDUhZP2e9W46Mel8qxXNW9zVjzqLtzz+XkdNY1fWu0nhigeeSOI23oSewj/SbIqmllQaX5/bL/CxepbxLGJiw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.min.js
get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
XfYprRTzfIx5sUT1DKibUZklTDJ88StC
content-encoding
gzip
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
date
Sun, 07 Jan 2024 01:42:48 GMT
last-modified
Thu, 24 Aug 2023 11:20:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
57804
x-amz-server-side-encryption
AES256
etag
W/"10ba0dba424c8954df3533bfd881e874"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
_OF8QAYAmYHQeBObLILhhU7vSzea6Tal-EO1xRRYRhFz_Aht9a08GQ==
p.js
cdn.parsely.com/keys/torontosun.com/ 		58 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/torontosun.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-60.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
3c5b584817a547de78b1d37a6c7e65fc36cb2f74abb5e7fb01e1d91579c59f05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
public
date
Sun, 07 Jan 2024 06:22:30 GMT
content-encoding
gzip
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
last-modified
Fri, 06 Oct 2023 19:46:20 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
41160
etag
W/"6520640c-e74f"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
oaCeUe5RNvBcAa6LlLtF399pZ42mto0F38vsTCYmVx91GMcZcem_Iw==
expires
Mon, 08 Jan 2024 06:20:11 GMT
m
ad.yieldlab.net/ Frame 1A75
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEL-fkF3SGSgh15rHg4TlQ4Q&google_cver=1
0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEL-fkF3SGSgh15rHg4TlQ4Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEJy1yaMDGPmA84ACMAE&v=APEucNWAfAzD-arlJrpxAxtw97tJzRoGBv6yTdjebTlUx0HzLw--g-qQlYbZyd5SCktZoHMfO-s3jkZCvH8lyY_0DMXdxSU1HCHYIDY-8zMYH1eCoosUn8JrehriD9dcgxBL2LCE0MNHqz5cfug0Q59Z4N0G83b1TH-gaWTonpQ9mKJJep2QYJkzR7rBp7kSm4tMmUpPbR95
Protocol
HTTP/1.1
Server
23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Jan 2024 17:46:11 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Sat, 06 Jan 2024 17:46:11 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEL-fkF3SGSgh15rHg4TlQ4Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1A75
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJuYlLkaefsY7jQ7vLjll0&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJuYlLkaefsY7jQ7vLjll0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEJy1yaMDGPmA84ACMAE&v=APEucNWAfAzD-arlJrpxAxtw97tJzRoGBv6yTdjebTlUx0HzLw--g-qQlYbZyd5SCktZoHMfO-s3jkZCvH8lyY_0DMXdxSU1HCHYIDY-8zMYH1eCoosUn8JrehriD9dcgxBL2LCE0MNHqz5cfug0Q59Z4N0G83b1TH-gaWTonpQ9mKJJep2QYJkzR7rBp7kSm4tMmUpPbR95
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIQZXmIjZckOviVS5ndSwcb5pcqglqKUz9GnRR5C%2B%2FWuIQCcztEhp0sd7quF8Ly8rmE39scukkTWU%2FISsofdiB3HCmvHBak8ZZ%2F2s2G4BbcXLzozP0eyJvVH74bR%2Bi7eP9cHaAqClAr7tg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841e04cedce22675-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJuYlLkaefsY7jQ7vLjll0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1A75
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZrjY28SiV5HO8ECgTsU7wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJuYlLkaefsY7jQ7vLjll0&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJuYlLkaefsY7jQ7vLjll0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEJy1yaMDGPmA84ACMAE&v=APEucNWAfAzD-arlJrpxAxtw97tJzRoGBv6yTdjebTlUx0HzLw--g-qQlYbZyd5SCktZoHMfO-s3jkZCvH8lyY_0DMXdxSU1HCHYIDY-8zMYH1eCoosUn8JrehriD9dcgxBL2LCE0MNHqz5cfug0Q59Z4N0G83b1TH-gaWTonpQ9mKJJep2QYJkzR7rBp7kSm4tMmUpPbR95
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwPdaXzzFr5tBG8JTVCXPXZQoDa1Xx5hPP0lU2CgXqF36sL9vEw%2F%2B9vYyopBo2HzWM8x%2FXQmUhcnS%2B7sJJQNNuHmnWSKhLSxWivKHEW7n4dkpQSp6lxMXPU5flfnS8M6X7LcnXW77HcJJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841e04cf5e082675-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDJuYlLkaefsY7jQ7vLjll0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 86E9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4080970156587&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 86E9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4080970156587&version=m202309260101&ct=76&x=6&cor=10347908810826754000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 86E9 		95 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bsc0phpsrOOF8CM8ce9suhe1R7EsMYDGtQwqPIODeIRfLIdvG1dvTLkT5z5KJfYzwWKfSVJWhYHxE8KmWQYlAXZXKV5jlpHuru_AIh7bMmXD5lg0gUM-dAM7UU2Ayh6B9pXWQlvmj6S_KntC9sn5BeYjd0wOfeQO82604PK5LtUy2EGyo&dbm_d=AKAmf-BacQ1tI4dB0She19Xb4RdpMZh8cpa9h3kfCrhNQZ2Qa6M4tyI8W5bibfnVXv3mzpy1bdLltqam0v3B1OtsJ7j5fbUtmtrot1gqABHffTh93XTIq-uy-_9iw8QmzZo-m67N7DHv_2CPkjVC-AZUznpPSxoTGn4jn-UyN9D_dhod-nhcqxgBVgiLIYJg4-doHFPm3OmHpYxWOnka-ApDirCmd59QpQDPPhJo2LRw3MQnTsxlTTWUpULUz16xkIXPwzQ-vA088hwjh3lgSr3sjijnKxKZz8tmtHQXhKKhi8I1oqbsDGgmD_OXPbwIM3TZBICsj1L2iwJTM0kkzPdOHBy5fbm9o8A8zo_DFthjyDzbHnFbzMzWoXTHuDJD14cBBc87uvHpXPQ51lsGHRfWJ61ca5XN8HnqsPvxrymWLXHIHJFL2_7LQZNwShMSSMyUr1q9TAaFQtB6zMrLO6CR_fgP1HkaVx8a8FCpyESbE4UtF4SmM1e1WcfI6MwTBMznQ2TTlGlYPtTwjQ8HN1pucGWfZGyVg4YUPaaY4vQFec4x2GdOrOkjt5VybPmb2Txm66rzMmPCf28ylpFL-Pr69DiSQITLHiRRQb8HWAUpIvnxc_Pg74s6CxLn8y5kv4wbEcM9AqrEQ3C7nKUl-igAJuVQvBgjDBEpazRxDz15K85vqi_YZ25NUKKG4dyBJh7rfyHiXrIvcbElDC8SRqjnH7p-vAROQ-u1tgJ8WDbEr8Vxk8YDpHtOm05B3vMch676OkJ85P5p504vxMWQvxzQXUcGoWr84cn4rM63nZl23hmHQXJYukXFY2YRWKXbBRW75pcD_xvjjB5shiCpi3V8RkXFTcq1RXgYOQ2WEDcnlvhZb3YL9KZVHtUz7cTaEgdV7oJRcV9W1Ovpv8Q-rK-MD774juwJmcEktUYzAdDzLXJOEQI3Uk55EtumZcG8MNTapkGnKx65LMKZwVqDbEmNL7MxR74zFI8DEXEXWOmAmeYFoYBfXbMyD3z4i1WA_dI5Oh9KmR4Av3tGjOvGkrNzF3e3Er6BXoOw5w2hZRwPIJVaTBWq4WSIQwtOkkiAYzg8NBCoAvXJlN6QtABenPF-R4ORvp_NqFOxiuTJpe1MzQs_nOYE8A7RR8OaNAf9nWugB7ccmtHUhHSOOKb1dvJ0nXoFcCfF2Kzqquh4kh0K_y44coZ5mXeYGHZVVXm8kRkZqu6Ts1H1waqbrvHIbOpVVPZMU6v62tqO4K_GzA4ytUq8cfNM0ZwIX0doEIZhy0M6qnxQOtDCFhNPWd5xBOI6gM_pqoehzyU3LOv9jOxFTFj2Rz7Xi5K3Igr7VYTLuxZd-m99iL9aBrftWs53uGielnFgjjYrHYfdF-zQuGajLKHwyt38g6dI-JsN_pAfY_Yv7YJPYJxaJXK7OSZE9e7hZOjUeR5yPBxWYvCEVmS-WzjcJdNnZh5zbuKfYlvox88bCnVatsYUnDcVCJbNVebdED086m8S8htGViOWXfOkS--stMUnM96N8zK9JoSLQQ5lafCWCJ8_UdWg0mBcGz9eT-kxY95Ot_FppGFTeOkquyecMq99d6HfXfkoGAwNhche0r3prhZblMPUdkD2fMZEvBzgSoO8pKvvLd7WMcKffOY2Y2IMJsFVbqrGJnGwb-QBvSpgRBb_EfozOA_nLTqLPNFc54BGhqBfuVbWJ4Jp8QcFqn1I6LNzAxkXPmorPZCJ3sVyfd00oOeoXEtyKAtreFlILViDbNfSKLDb9ouC-A_UdPbNSJq-4Zhj4YXjFGMVjVBI17WrpiCZcbacJRO4FMDpbMhhqsp1-ZQPq54J2zayYdaeYCz1hZwvB0_NghoyfqqSpU_abtYYus4Nxfi-qLIctxln_sN7rXEZMBSMH2ZLQORfFZbXUTNz12xMmWb4Rvxklh-Vy6SQ_upnt9VtZW21F0A-opM46YTcAQktO-mctoQA4dIDkmWzDBUwNP8RGN7JLedMSiBuBnkkjsUqn22p6UhQpS9Wa6AA9Cht29_SyeNIR1jJ15kApVTB0WzXCf67qoUNRBywvvXHKjpc3zWPhyaGGTi4SUmWZH3OoccYNqm596MORPes3YFNK8PBbgv1V4c9fJPITSOKNlKnPsAsFAm3av9b4i2E9QqSxfBwmTR9XPf1CzYq4mFWOaJaAZj1njioHK8hkPpfoD0Op90vAkn6vmkSRm1g2flJp4_12fur1xXDsCnbz1-8tcwj4zcgclufFFUPUlkAVQ21vxTKFHUYyl4JaVZeN2Xn0nF_iM-GJXNEOHk7hK22q07w6fu-MYceidvzx9JTUHJ7rUJx4fh8SrAxo7xn9x97O55Ww7s98dP-znIHUW-_x0he97ucoU0Et8VhmibpfINU60CEiL0YxShpDLvPamGvoERWbVAjWWAo_hvXjoBwRiFV51_zSJHc4E7yWKAOxmL1rt5au-4OFJM75zntm6ZTFfAyR1r5uZDW_ZdPDEVz_jvDE7Hjtqn6IvSpPdfOYm2IxxVi0GHB_oTf5LBd75pOkOQN9jgdZNXRTpxkajjNu_nloQ2PqSqrtRZVGXVxln8qfCxtHjLoLsYT0Rws4k0XF_EjCMlxAK3giCXJ7Qj_YZ3yYMgZWaI19AXWstlQX-2_IzUsir6LwQ45yIgR73S0MClYy3KsxrDA6RYPC6tILeUOWE9Z8H9Fi2klL3IiUKXMPgXxAU63biJ1PGIx8ZoHmj_qQ2CMFfSPv9cM1LvfgB7Kdxdpsszt2Qu390ajc9wzMzRE7AL8PJbLUuGHowUzaeRkhafrEaI6nMdFlUhP1RdJd47PgfMp_1Wc8KK6_21LDxop1FKiulwqVD0BerWurhQq4jtoO1N9RQ6wo98SHgwS_7lxJ5sma4Q9kIk03g0B5pASddo-6kP-7vzPbH8UB31tD28Q_RTNiVM6ctjjgZRTkVLLybYOhfOD6xS1OqJ8NmcLPBil7ybJM_5NBZYrLjExWWHVVm7mV0wU8XbMB3LVlkX6VejXk0NqUuRu6caA1mNgVzYZg_kAwfLlak5kxoaXp9F5fVq33F_cPiEex3lNLIhCqjChfdCAtW0og62auSz4nspvoJVDW8jTIB5UD9S1z25pVPv5Zey5hqBhaXsqCfTIJI-esr27uxGrrsoZg7wHUQ9poj42Ie8X-aTikd2sK6AxKg9BoITu1yORE5V7RW-wfammeg7ZZQV90maCzTjLqf7ublKF2BkhxmQgA6M37hP5Hp2fjT7CocDP-JgOLAiUzIOG3wiGgqt5tPbgsAkAtTbiEcS-GZh2eElN3DP_2g_q4tApp0wY4xOzsfYdc7TgD2kAaO8jbm5RPbxq01LmVYH1qTMbAtbhRrVbI5enGfsb6h6X5MgEzT5xS5pWySWBPw6tMYeIOrRjp26yOjqC31BV6FRyeqJbS6h2TKj3JqCDJw1FR9Y_PS53yuaZfjQ8xuGus7LOTXP3NzXlYttmfEMtoRqHYKW-sZRp67fgeV7l4if5RLrczBt_vBra2AtLM_Cat0qnh_wXQxTl1yirNirDHngPLdn-_8x4v5V7ta1w6c2rwX6hvZXyvK94sWloVNNPqQfacuo_N270ZZiOeDj0uDg5Ebmb78kmt78yvnzG8es&pr=6%3A0.329976&cid=CAQSMgAvHhf_peYANGA0MlkV7mCSLhYRVuIxJRgftVH2qw911pl6MrXfwGiD81rzMNSYWqNMGAE&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1Nzc4NCZzaXRlSWQ9Mzk5MTQ2JmFkSWQ9MTkzODA0NSZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTIyOTg3JmNyZWF0aXZlSWQ9MCZ1Y3JpZD02ODQ3ODk1NzQ5ODU0MjE0MjE5JmFkU2VydmVySWQ9MjQzJmltcGlkPUU0OUZCQkY5LThCMTctNEYzQS05MTdFLTEwMjA4NzM2MTBDNCZwYXNzYmFjaz0w_url%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftorontosun.com%2F&ds=l&xdt=1&iif=1&cor=10347908810826754000&adk=253267037&idt=206&cac=0&dtd=31
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3033192f9c27d05fe285869ad1d098c16099ac8630742f72ff000a3570f36817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40259
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 08 Jan 2024 17:46:11 GMT
sp1.html
cdn.cxense.com/ Frame 20AA 		456 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:28b::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
289
Content-Type
text/html
Date
Sun, 07 Jan 2024 17:46:11 GMT
Expires
Wed, 17 Jan 2024 17:46:11 GMT
Last-Modified
Thu, 30 Nov 2023 11:55:50 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame FC43 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Jan 2024 17:46:11 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 45CB 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=75344
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 07 Jan 2024 17:46:11 GMT
expires
Mon, 08 Jan 2024 14:41:55 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame A114 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
637
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
841e04ceec79453a-TXL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 07 Jan 2024 17:46:11 GMT
expires
Sun, 07 Jan 2024 21:46:11 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H792QCFZPV&gtm=45je4130v880952819&_p=1704649570808&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1389705724.1704649570&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&sid=1704649571&sct=1&seg=0&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&en=ad_impression&_fv=1&_ss=1&_c=1&ep.debug_mode=false&ep.gtm_version=55&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=15.1.1&ep.fem_version=v93.0&ep.brand=Toronto%20Sun&ep.timestamp=2024-01-07T18%3A46%3A11.436%2B01%3A00&ep.query_id=CI_Q5cDqy4MDFYHRuwgd3VUD0Q&tfd=3312
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H792QCFZPV&cid=1389705724.1704649570&gtm=45je4130v880952819&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-H792QCFZPV&v=3&t=t&pid=818928023&cv=5&rv=4130&tc=17&es=1&e=gtag.config&eid=1&u=AAAAAAAAAAAAAAAg&h=Ag&dl=torontosun.com%2F&tdp=G-H792QCFZPV;80952819;1;6;0&z=0
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=G-H792QCFZPV&v=3&t=t&pid=818928023&cv=5&rv=4130&tc=17&es=1&e=gtag.config&eid=1&u=AAAAAAAAAAAAAAAg&h=Ag&dl=torontosun.com%2F&tdp=G-H792QCFZPV;80952819;1;6;0&z=0
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-H792QCFZPV&v=3&t=t&pid=818928023&cv=5&rv=4130&tc=17&es=1&e=*&eid=2&u=AAAAAAAIAAAAAAAg&h=Ag&tr=1ogtcrossdomain.1ogtreferralexclusion.1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgagamlink.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemoutboundclick.1ccdempageview.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdautoredact.1ccdgalast&ti=2ogtcrossdomain.2ogtreferralexclusion.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgagamlink.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemoutboundclick.2ccdempageview.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-H792QCFZPV&v=3&t=t&pid=818928023&cv=5&rv=4130&tc=17&es=1&e=gtag.config&eid=3&u=AAAAAAAIAAAAACAg&ut=Ag&h=Ag&epr=1G.3G&tr=1gct&ti=1gct&z=0
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H792QCFZPV&cid=1389705724.1704649570&gtm=45je4130v880952819&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=465343714
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-H792QCFZPV&v=3&t=t&pid=818928023&cv=5&rv=4130&tc=17&e=*&eid=2&u=AAAAAAAIAAAAACAg&ut=Ag&h=Ag&epr=1G.2G&z=0
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-H792QCFZPV&v=3&t=t&pid=818928023&cv=5&rv=4130&tc=17&es=1&e=gtm.dom&eid=4&u=AAAAAAAIAAAAACAg&ut=Ag&h=Ag&z=0
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=426145336&t=pageview&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=796762494&gjid=935920422&cid=1389705724.1704649570&tid=UA-213173459-5&_gid=92137773.1704649572&_r=1&_slc=1&gtm=45He4130n81P3Q4QHWv854753396&cd2=2024-01-07T18%3A46%3A11.441%2B01%3A00&cd7=anonymous&cd17=0&cd23=Toronto%20Sun&cd24=Cheetah&cd25=15.1.1&cd26=v93.0&cd27=0&cd28=GTM-P3Q4QHW&cd29=55&cd31=index&cd52=index&cd65=false&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd1=1389705724.1704649570&z=146845947
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=426145336&t=pageview&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=1453548228&gjid=1493930578&cid=1389705724.1704649570&tid=UA-114648105-14&_gid=92137773.1704649572&_r=1&_slc=1&gtm=45He4130n81P3Q4QHWv854753396&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1938972319
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
07e6168cc4f12c66e03b1c278e8edba4e031a0ce6577aaee54e3cfbe73f2b3b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
971 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-71.ams54.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:20:16 GMT
via
1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront), 1.1 4445c4223f8c2460ef5d29a08d1cc6ac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2, AMS54-C1
age
26754
x-amzn-requestid
87c95c36-5fe6-4a54-a62d-acb0b7fab62f
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
RKgjMGMriYcEt2g=
content-length
555
x-amz-cf-id
6udEZ7kMVtEeH0-JA8Dzqe3seZiQJOWQtnIaZRxajEfqx4whMXUEAQ==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding
gzip
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
date
Sun, 07 Jan 2024 03:39:24 GMT
last-modified
Tue, 13 Jun 2023 14:58:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
50808
x-amz-server-side-encryption
AES256
etag
W/"565eb88b90415391668a5cb7cfb4557a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
BmYjEdtqssIlR7r3Aj5Q291AqT0JLGec508fzOGX6DEjC62YsbkH6g==
cx.js
cdn.cxense.com/ Frame 20AA 		111 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:28b::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c024a500b6884e87cb923bdfab0b6303d5130c87bd4e00612ea410613e765faf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 17:46:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Dec 2023 12:22:49 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37123
Expires
Sun, 07 Jan 2024 18:46:11 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 86E9 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
Origin
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 21:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 07 Jan 2024 21:44:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame 86E9 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bsc0phpsrOOF8CM8ce9suhe1R7EsMYDGtQwqPIODeIRfLIdvG1dvTLkT5z5KJfYzwWKfSVJWhYHxE8KmWQYlAXZXKV5jlpHuru_AIh7bMmXD5lg0gUM-dAM7UU2Ayh6B9pXWQlvmj6S_KntC9sn5BeYjd0wOfeQO82604PK5LtUy2EGyo&dbm_d=AKAmf-BacQ1tI4dB0She19Xb4RdpMZh8cpa9h3kfCrhNQZ2Qa6M4tyI8W5bibfnVXv3mzpy1bdLltqam0v3B1OtsJ7j5fbUtmtrot1gqABHffTh93XTIq-uy-_9iw8QmzZo-m67N7DHv_2CPkjVC-AZUznpPSxoTGn4jn-UyN9D_dhod-nhcqxgBVgiLIYJg4-doHFPm3OmHpYxWOnka-ApDirCmd59QpQDPPhJo2LRw3MQnTsxlTTWUpULUz16xkIXPwzQ-vA088hwjh3lgSr3sjijnKxKZz8tmtHQXhKKhi8I1oqbsDGgmD_OXPbwIM3TZBICsj1L2iwJTM0kkzPdOHBy5fbm9o8A8zo_DFthjyDzbHnFbzMzWoXTHuDJD14cBBc87uvHpXPQ51lsGHRfWJ61ca5XN8HnqsPvxrymWLXHIHJFL2_7LQZNwShMSSMyUr1q9TAaFQtB6zMrLO6CR_fgP1HkaVx8a8FCpyESbE4UtF4SmM1e1WcfI6MwTBMznQ2TTlGlYPtTwjQ8HN1pucGWfZGyVg4YUPaaY4vQFec4x2GdOrOkjt5VybPmb2Txm66rzMmPCf28ylpFL-Pr69DiSQITLHiRRQb8HWAUpIvnxc_Pg74s6CxLn8y5kv4wbEcM9AqrEQ3C7nKUl-igAJuVQvBgjDBEpazRxDz15K85vqi_YZ25NUKKG4dyBJh7rfyHiXrIvcbElDC8SRqjnH7p-vAROQ-u1tgJ8WDbEr8Vxk8YDpHtOm05B3vMch676OkJ85P5p504vxMWQvxzQXUcGoWr84cn4rM63nZl23hmHQXJYukXFY2YRWKXbBRW75pcD_xvjjB5shiCpi3V8RkXFTcq1RXgYOQ2WEDcnlvhZb3YL9KZVHtUz7cTaEgdV7oJRcV9W1Ovpv8Q-rK-MD774juwJmcEktUYzAdDzLXJOEQI3Uk55EtumZcG8MNTapkGnKx65LMKZwVqDbEmNL7MxR74zFI8DEXEXWOmAmeYFoYBfXbMyD3z4i1WA_dI5Oh9KmR4Av3tGjOvGkrNzF3e3Er6BXoOw5w2hZRwPIJVaTBWq4WSIQwtOkkiAYzg8NBCoAvXJlN6QtABenPF-R4ORvp_NqFOxiuTJpe1MzQs_nOYE8A7RR8OaNAf9nWugB7ccmtHUhHSOOKb1dvJ0nXoFcCfF2Kzqquh4kh0K_y44coZ5mXeYGHZVVXm8kRkZqu6Ts1H1waqbrvHIbOpVVPZMU6v62tqO4K_GzA4ytUq8cfNM0ZwIX0doEIZhy0M6qnxQOtDCFhNPWd5xBOI6gM_pqoehzyU3LOv9jOxFTFj2Rz7Xi5K3Igr7VYTLuxZd-m99iL9aBrftWs53uGielnFgjjYrHYfdF-zQuGajLKHwyt38g6dI-JsN_pAfY_Yv7YJPYJxaJXK7OSZE9e7hZOjUeR5yPBxWYvCEVmS-WzjcJdNnZh5zbuKfYlvox88bCnVatsYUnDcVCJbNVebdED086m8S8htGViOWXfOkS--stMUnM96N8zK9JoSLQQ5lafCWCJ8_UdWg0mBcGz9eT-kxY95Ot_FppGFTeOkquyecMq99d6HfXfkoGAwNhche0r3prhZblMPUdkD2fMZEvBzgSoO8pKvvLd7WMcKffOY2Y2IMJsFVbqrGJnGwb-QBvSpgRBb_EfozOA_nLTqLPNFc54BGhqBfuVbWJ4Jp8QcFqn1I6LNzAxkXPmorPZCJ3sVyfd00oOeoXEtyKAtreFlILViDbNfSKLDb9ouC-A_UdPbNSJq-4Zhj4YXjFGMVjVBI17WrpiCZcbacJRO4FMDpbMhhqsp1-ZQPq54J2zayYdaeYCz1hZwvB0_NghoyfqqSpU_abtYYus4Nxfi-qLIctxln_sN7rXEZMBSMH2ZLQORfFZbXUTNz12xMmWb4Rvxklh-Vy6SQ_upnt9VtZW21F0A-opM46YTcAQktO-mctoQA4dIDkmWzDBUwNP8RGN7JLedMSiBuBnkkjsUqn22p6UhQpS9Wa6AA9Cht29_SyeNIR1jJ15kApVTB0WzXCf67qoUNRBywvvXHKjpc3zWPhyaGGTi4SUmWZH3OoccYNqm596MORPes3YFNK8PBbgv1V4c9fJPITSOKNlKnPsAsFAm3av9b4i2E9QqSxfBwmTR9XPf1CzYq4mFWOaJaAZj1njioHK8hkPpfoD0Op90vAkn6vmkSRm1g2flJp4_12fur1xXDsCnbz1-8tcwj4zcgclufFFUPUlkAVQ21vxTKFHUYyl4JaVZeN2Xn0nF_iM-GJXNEOHk7hK22q07w6fu-MYceidvzx9JTUHJ7rUJx4fh8SrAxo7xn9x97O55Ww7s98dP-znIHUW-_x0he97ucoU0Et8VhmibpfINU60CEiL0YxShpDLvPamGvoERWbVAjWWAo_hvXjoBwRiFV51_zSJHc4E7yWKAOxmL1rt5au-4OFJM75zntm6ZTFfAyR1r5uZDW_ZdPDEVz_jvDE7Hjtqn6IvSpPdfOYm2IxxVi0GHB_oTf5LBd75pOkOQN9jgdZNXRTpxkajjNu_nloQ2PqSqrtRZVGXVxln8qfCxtHjLoLsYT0Rws4k0XF_EjCMlxAK3giCXJ7Qj_YZ3yYMgZWaI19AXWstlQX-2_IzUsir6LwQ45yIgR73S0MClYy3KsxrDA6RYPC6tILeUOWE9Z8H9Fi2klL3IiUKXMPgXxAU63biJ1PGIx8ZoHmj_qQ2CMFfSPv9cM1LvfgB7Kdxdpsszt2Qu390ajc9wzMzRE7AL8PJbLUuGHowUzaeRkhafrEaI6nMdFlUhP1RdJd47PgfMp_1Wc8KK6_21LDxop1FKiulwqVD0BerWurhQq4jtoO1N9RQ6wo98SHgwS_7lxJ5sma4Q9kIk03g0B5pASddo-6kP-7vzPbH8UB31tD28Q_RTNiVM6ctjjgZRTkVLLybYOhfOD6xS1OqJ8NmcLPBil7ybJM_5NBZYrLjExWWHVVm7mV0wU8XbMB3LVlkX6VejXk0NqUuRu6caA1mNgVzYZg_kAwfLlak5kxoaXp9F5fVq33F_cPiEex3lNLIhCqjChfdCAtW0og62auSz4nspvoJVDW8jTIB5UD9S1z25pVPv5Zey5hqBhaXsqCfTIJI-esr27uxGrrsoZg7wHUQ9poj42Ie8X-aTikd2sK6AxKg9BoITu1yORE5V7RW-wfammeg7ZZQV90maCzTjLqf7ublKF2BkhxmQgA6M37hP5Hp2fjT7CocDP-JgOLAiUzIOG3wiGgqt5tPbgsAkAtTbiEcS-GZh2eElN3DP_2g_q4tApp0wY4xOzsfYdc7TgD2kAaO8jbm5RPbxq01LmVYH1qTMbAtbhRrVbI5enGfsb6h6X5MgEzT5xS5pWySWBPw6tMYeIOrRjp26yOjqC31BV6FRyeqJbS6h2TKj3JqCDJw1FR9Y_PS53yuaZfjQ8xuGus7LOTXP3NzXlYttmfEMtoRqHYKW-sZRp67fgeV7l4if5RLrczBt_vBra2AtLM_Cat0qnh_wXQxTl1yirNirDHngPLdn-_8x4v5V7ta1w6c2rwX6hvZXyvK94sWloVNNPqQfacuo_N270ZZiOeDj0uDg5Ebmb78kmt78yvnzG8es&pr=6%3A0.329976&cid=CAQSMgAvHhf_peYANGA0MlkV7mCSLhYRVuIxJRgftVH2qw911pl6MrXfwGiD81rzMNSYWqNMGAE&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1Nzc4NCZzaXRlSWQ9Mzk5MTQ2JmFkSWQ9MTkzODA0NSZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTIyOTg3JmNyZWF0aXZlSWQ9MCZ1Y3JpZD02ODQ3ODk1NzQ5ODU0MjE0MjE5JmFkU2VydmVySWQ9MjQzJmltcGlkPUU0OUZCQkY5LThCMTctNEYzQS05MTdFLTEwMjA4NzM2MTBDNCZwYXNzYmFjaz0w_url%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftorontosun.com%2F&ds=l&xdt=1&iif=1&cor=10347908810826754000&adk=253267037&idt=206&cac=0&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 14:45:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
10822
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Jan 2024 14:45:49 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 86E9 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bsc0phpsrOOF8CM8ce9suhe1R7EsMYDGtQwqPIODeIRfLIdvG1dvTLkT5z5KJfYzwWKfSVJWhYHxE8KmWQYlAXZXKV5jlpHuru_AIh7bMmXD5lg0gUM-dAM7UU2Ayh6B9pXWQlvmj6S_KntC9sn5BeYjd0wOfeQO82604PK5LtUy2EGyo&dbm_d=AKAmf-BacQ1tI4dB0She19Xb4RdpMZh8cpa9h3kfCrhNQZ2Qa6M4tyI8W5bibfnVXv3mzpy1bdLltqam0v3B1OtsJ7j5fbUtmtrot1gqABHffTh93XTIq-uy-_9iw8QmzZo-m67N7DHv_2CPkjVC-AZUznpPSxoTGn4jn-UyN9D_dhod-nhcqxgBVgiLIYJg4-doHFPm3OmHpYxWOnka-ApDirCmd59QpQDPPhJo2LRw3MQnTsxlTTWUpULUz16xkIXPwzQ-vA088hwjh3lgSr3sjijnKxKZz8tmtHQXhKKhi8I1oqbsDGgmD_OXPbwIM3TZBICsj1L2iwJTM0kkzPdOHBy5fbm9o8A8zo_DFthjyDzbHnFbzMzWoXTHuDJD14cBBc87uvHpXPQ51lsGHRfWJ61ca5XN8HnqsPvxrymWLXHIHJFL2_7LQZNwShMSSMyUr1q9TAaFQtB6zMrLO6CR_fgP1HkaVx8a8FCpyESbE4UtF4SmM1e1WcfI6MwTBMznQ2TTlGlYPtTwjQ8HN1pucGWfZGyVg4YUPaaY4vQFec4x2GdOrOkjt5VybPmb2Txm66rzMmPCf28ylpFL-Pr69DiSQITLHiRRQb8HWAUpIvnxc_Pg74s6CxLn8y5kv4wbEcM9AqrEQ3C7nKUl-igAJuVQvBgjDBEpazRxDz15K85vqi_YZ25NUKKG4dyBJh7rfyHiXrIvcbElDC8SRqjnH7p-vAROQ-u1tgJ8WDbEr8Vxk8YDpHtOm05B3vMch676OkJ85P5p504vxMWQvxzQXUcGoWr84cn4rM63nZl23hmHQXJYukXFY2YRWKXbBRW75pcD_xvjjB5shiCpi3V8RkXFTcq1RXgYOQ2WEDcnlvhZb3YL9KZVHtUz7cTaEgdV7oJRcV9W1Ovpv8Q-rK-MD774juwJmcEktUYzAdDzLXJOEQI3Uk55EtumZcG8MNTapkGnKx65LMKZwVqDbEmNL7MxR74zFI8DEXEXWOmAmeYFoYBfXbMyD3z4i1WA_dI5Oh9KmR4Av3tGjOvGkrNzF3e3Er6BXoOw5w2hZRwPIJVaTBWq4WSIQwtOkkiAYzg8NBCoAvXJlN6QtABenPF-R4ORvp_NqFOxiuTJpe1MzQs_nOYE8A7RR8OaNAf9nWugB7ccmtHUhHSOOKb1dvJ0nXoFcCfF2Kzqquh4kh0K_y44coZ5mXeYGHZVVXm8kRkZqu6Ts1H1waqbrvHIbOpVVPZMU6v62tqO4K_GzA4ytUq8cfNM0ZwIX0doEIZhy0M6qnxQOtDCFhNPWd5xBOI6gM_pqoehzyU3LOv9jOxFTFj2Rz7Xi5K3Igr7VYTLuxZd-m99iL9aBrftWs53uGielnFgjjYrHYfdF-zQuGajLKHwyt38g6dI-JsN_pAfY_Yv7YJPYJxaJXK7OSZE9e7hZOjUeR5yPBxWYvCEVmS-WzjcJdNnZh5zbuKfYlvox88bCnVatsYUnDcVCJbNVebdED086m8S8htGViOWXfOkS--stMUnM96N8zK9JoSLQQ5lafCWCJ8_UdWg0mBcGz9eT-kxY95Ot_FppGFTeOkquyecMq99d6HfXfkoGAwNhche0r3prhZblMPUdkD2fMZEvBzgSoO8pKvvLd7WMcKffOY2Y2IMJsFVbqrGJnGwb-QBvSpgRBb_EfozOA_nLTqLPNFc54BGhqBfuVbWJ4Jp8QcFqn1I6LNzAxkXPmorPZCJ3sVyfd00oOeoXEtyKAtreFlILViDbNfSKLDb9ouC-A_UdPbNSJq-4Zhj4YXjFGMVjVBI17WrpiCZcbacJRO4FMDpbMhhqsp1-ZQPq54J2zayYdaeYCz1hZwvB0_NghoyfqqSpU_abtYYus4Nxfi-qLIctxln_sN7rXEZMBSMH2ZLQORfFZbXUTNz12xMmWb4Rvxklh-Vy6SQ_upnt9VtZW21F0A-opM46YTcAQktO-mctoQA4dIDkmWzDBUwNP8RGN7JLedMSiBuBnkkjsUqn22p6UhQpS9Wa6AA9Cht29_SyeNIR1jJ15kApVTB0WzXCf67qoUNRBywvvXHKjpc3zWPhyaGGTi4SUmWZH3OoccYNqm596MORPes3YFNK8PBbgv1V4c9fJPITSOKNlKnPsAsFAm3av9b4i2E9QqSxfBwmTR9XPf1CzYq4mFWOaJaAZj1njioHK8hkPpfoD0Op90vAkn6vmkSRm1g2flJp4_12fur1xXDsCnbz1-8tcwj4zcgclufFFUPUlkAVQ21vxTKFHUYyl4JaVZeN2Xn0nF_iM-GJXNEOHk7hK22q07w6fu-MYceidvzx9JTUHJ7rUJx4fh8SrAxo7xn9x97O55Ww7s98dP-znIHUW-_x0he97ucoU0Et8VhmibpfINU60CEiL0YxShpDLvPamGvoERWbVAjWWAo_hvXjoBwRiFV51_zSJHc4E7yWKAOxmL1rt5au-4OFJM75zntm6ZTFfAyR1r5uZDW_ZdPDEVz_jvDE7Hjtqn6IvSpPdfOYm2IxxVi0GHB_oTf5LBd75pOkOQN9jgdZNXRTpxkajjNu_nloQ2PqSqrtRZVGXVxln8qfCxtHjLoLsYT0Rws4k0XF_EjCMlxAK3giCXJ7Qj_YZ3yYMgZWaI19AXWstlQX-2_IzUsir6LwQ45yIgR73S0MClYy3KsxrDA6RYPC6tILeUOWE9Z8H9Fi2klL3IiUKXMPgXxAU63biJ1PGIx8ZoHmj_qQ2CMFfSPv9cM1LvfgB7Kdxdpsszt2Qu390ajc9wzMzRE7AL8PJbLUuGHowUzaeRkhafrEaI6nMdFlUhP1RdJd47PgfMp_1Wc8KK6_21LDxop1FKiulwqVD0BerWurhQq4jtoO1N9RQ6wo98SHgwS_7lxJ5sma4Q9kIk03g0B5pASddo-6kP-7vzPbH8UB31tD28Q_RTNiVM6ctjjgZRTkVLLybYOhfOD6xS1OqJ8NmcLPBil7ybJM_5NBZYrLjExWWHVVm7mV0wU8XbMB3LVlkX6VejXk0NqUuRu6caA1mNgVzYZg_kAwfLlak5kxoaXp9F5fVq33F_cPiEex3lNLIhCqjChfdCAtW0og62auSz4nspvoJVDW8jTIB5UD9S1z25pVPv5Zey5hqBhaXsqCfTIJI-esr27uxGrrsoZg7wHUQ9poj42Ie8X-aTikd2sK6AxKg9BoITu1yORE5V7RW-wfammeg7ZZQV90maCzTjLqf7ublKF2BkhxmQgA6M37hP5Hp2fjT7CocDP-JgOLAiUzIOG3wiGgqt5tPbgsAkAtTbiEcS-GZh2eElN3DP_2g_q4tApp0wY4xOzsfYdc7TgD2kAaO8jbm5RPbxq01LmVYH1qTMbAtbhRrVbI5enGfsb6h6X5MgEzT5xS5pWySWBPw6tMYeIOrRjp26yOjqC31BV6FRyeqJbS6h2TKj3JqCDJw1FR9Y_PS53yuaZfjQ8xuGus7LOTXP3NzXlYttmfEMtoRqHYKW-sZRp67fgeV7l4if5RLrczBt_vBra2AtLM_Cat0qnh_wXQxTl1yirNirDHngPLdn-_8x4v5V7ta1w6c2rwX6hvZXyvK94sWloVNNPqQfacuo_N270ZZiOeDj0uDg5Ebmb78kmt78yvnzG8es&pr=6%3A0.329976&cid=CAQSMgAvHhf_peYANGA0MlkV7mCSLhYRVuIxJRgftVH2qw911pl6MrXfwGiD81rzMNSYWqNMGAE&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1Nzc4NCZzaXRlSWQ9Mzk5MTQ2JmFkSWQ9MTkzODA0NSZrYWRzaXplaWQ9MzMmdGxkSWQ9MCZjYW1wYWlnbklkPTIyOTg3JmNyZWF0aXZlSWQ9MCZ1Y3JpZD02ODQ3ODk1NzQ5ODU0MjE0MjE5JmFkU2VydmVySWQ9MjQzJmltcGlkPUU0OUZCQkY5LThCMTctNEYzQS05MTdFLTEwMjA4NzM2MTBDNCZwYXNzYmFjaz0w_url%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftorontosun.com%2F&ds=l&xdt=1&iif=1&cor=10347908810826754000&adk=253267037&idt=206&cac=0&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 14:47:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
10715
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Jan 2024 14:47:36 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 86E9 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
446215
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 13:49:16 GMT
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1704649571724&plid=91321f1f-cae7-48ac-a40f-308a30ed032f&idsite=torontosun.com&url=https%3A%2F%2Ftorontosun.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Ftorontosun.com%2F&sref=&sts=1704649571719&slts=0&title=Home+%7C+Toronto+Sun+Home+Page+%7C+Toronto+Sun&date=Sun+Jan+07+2024+18%3A46%3A11+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=dca53018-b682-49fa-83e3-aabb66cbd328&u=pid%3D9d53c084-9526-4826-afa7-e111a43d9dd7
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 17:46:11 GMT
Cache-Control
no-cache
Last-Modified
Sunday, 07-Jan-2024 17:46:11 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 45CB 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52315477&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-length
0
1685973801652415
connect.facebook.net/signals/config/ 		142 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.139&r=stable&domain=torontosun.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c3a1e19ae447c458c806cec0f399a8b654602801a1b68e7c0341562c22b90f7e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 07 Jan 2024 17:46:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
37725
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
1en7QLTWjmEVWefZ2aga9gyG39ITC7Ly3qUSoGgthAzhfvXx15J/knlfw24smg0KQ8RiuSnvHgePzXo8m0sRrQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-213173459-5&cid=1389705724.1704649570&jid=796762494&gjid=935920422&_gid=92137773.1704649572&_u=YCDACAAABAAAACAEK~&z=304455701
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 07 Jan 2024 17:46:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		231 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QZZLREHFVM&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b302fdbffe8372e45c7f86a5135f5c337fee18cab823c7b07d413bd16eca3f54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83800
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Jan 2024 17:46:11 GMT
usync.js
eus.rubiconproject.com/ Frame FC43 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
094400fb43c70285180192f21c9f677821824153b56f4d886169102c35ecb443

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 17:46:11 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Jan 2024 22:07:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15667
Connection
keep-alive
Content-Length
13174
Expires
Sun, 07 Jan 2024 22:07:18 GMT
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-sof1510022-SOF
date
Sun, 07 Jan 2024 17:46:11 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1704649572.958812,VS0,VE32
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
r.js
q.adrta.com/s/pbm/ Frame 86E9 		123 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/s/pbm/r.js?v=23.000&rcb=124797&cb=1795176146_1704649570_366942
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/s/pbm/aa.js?cb=1795176146_1704649570_366942
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.37.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-37-162.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f1a41e5636a3d813eeec5a8f75d62b18a761d253f4907fcf5486cc653562ed53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
usermatch
ssum-sec.casalemedia.com/ Frame B6F9 		2 KB
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b9aba0c01a3e4c4a12e43c46de34a659292379b00467f31989e0348943f5b48

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
841e04cfceeb453a-TXL
content-encoding
br
content-type
text/html
date
Sun, 07 Jan 2024 17:46:11 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6UCzCzyVjw1UdAjKjtdq9ilLz8XOUjSU5%2B0mqhMtuK8%2B4Pyca8tRvCd43tJnZ3gB%2FBVXKn2MyuSMqJ7kqbsdfOsVLrsYS56ilkCgSelEitVd9S46QrER5Sm5k6Pg1UyhiUXXZ%2BFyWVHqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5BEC 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
URL: https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=153913
content-encoding
gzip
content-length
14529
content-type
text/html
date
Sun, 07 Jan 2024 17:46:11 GMT
expires
Tue, 09 Jan 2024 12:31:24 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
truncated
/ Frame 86E9 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
879b365e2f6dfecf6cd414de319c88b1c8431dfbc77722771634f61de899cacd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
ingest.php
events.newsroom.bi/ 		50 B
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.30.128 Domont, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy08.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
e0a4db8779dc244a772e.js
sdk.mrf.io/statics/ 		50 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/e0a4db8779dc244a772e.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c615104d3516e49abe78a9102737c6aa04056c6a8090e5746a38921d3b3811ab

Request headers

Referer
https://torontosun.com/
Origin
https://torontosun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
gzip
via
1.1 c334b6410f9d489eb2a951a4371f3d18.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
LHR61-C1
age
123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Dec 2023 09:09:46 GMT
server
cloudflare
etag
W/"44ac276b251e58c5c7f65bad76e76963"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
841e04cff9512298-CDG
x-amz-cf-id
hzNtKtXFMXfufL79f_bNwEDctf130LK_uyNTgSK4atSEDCPdQ9n3qQ==
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-5&cid=1389705724.1704649570&jid=796762494&_u=YCDACAAABAAAACAEK~&z=649173510
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-5&cid=1389705724.1704649570&jid=796762494&_u=YCDACAAABAAAACAEK~&z=649173510
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p1.js
p1cluster.cxense.com/ Frame 20AA 		47 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0037.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
42ae702fc0851e21873dedaddeff9d2677cf5f70abd940bcf55cbec8d49320b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
last-modified
Fri, 07 Jul 2023 17:46:11 GMT
server
Jetty(9.4.28.v20200408)
etag
21vzvibldx2ja2ft1fncj4nmrm
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
47
expires
Tue, 07 Jan 2025 17:46:11 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240107-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Sun, 07 Jan 2024 17:46:11 GMT
x-amz-request-id
9T8G4R1J257WC6ZV
age
2118
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by
cache-fra-etou8220025-FRA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1704649572.881021,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
87
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
15117
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 08 Jan 2024 17:46:11 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
2053
date
Sun, 07 Jan 2024 17:46:11 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
2358
x-fastly-trace-id
1279985112
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-sof1510036-SOF
x-timer
S1704649572.896036,VS0,VE0
identify
identity.mparticle.com/v1/ 		176 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4828921796abd897af9afdbe28c87173093baea0fa58c5013f31ef013aa6f1c5
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:12 GMT
content-encoding
gzip
via
1.1 varnish
x-mp-max-age
86400
strict-transport-security
max-age=900
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
x-served-by
cache-sof1510036-SOF
server
Kestrel
x-timer
S1704649572.956469,VS0,VE131
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-fastly-trace-id
1279986018
accept-ranges
bytes
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-sof1510022-SOF
date
Sun, 07 Jan 2024 17:46:11 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1704649572.958423,VS0,VE31
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
identify
api.permutive.com/v2.0/ 		50 B
123 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
7cabb3c0f17d1e7cf705d1809c736c7e7a856b10e6870ac81a628b3bc67bf9b3

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 436E 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
444332
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:20:39 GMT
expires
Wed, 01 Jan 2025 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame FC43 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e06182bf224d96e6550f4595601cdb0b
Expires
0
usermatchredir
ssum-sec.casalemedia.com/ Frame B6F9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZrjY28SiV5HO8ECgTsU7wAABIwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGrw-yRn-MtumcnGHkgUda0&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGrw-yRn-MtumcnGHkgUda0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RK6wkG4r4G2RkVfvhhj0lJCjL6jHGDHgSed8Nq%2FT2mUNmHzJ71vEiLdfVi%2Bag81TVXZhKCZwGWI0CgtKquUIxHGiOCVi04fPHuCcwbDr01e1fOxpdx3n%2BHLiviPXY0OSQZZhTt7YNPiOVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841e04d0e94c2675-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGrw-yRn-MtumcnGHkgUda0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B6F9 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame B6F9
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZrjY28SiV5HO8ECgTsU7wAABIwAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZrjY28SiV5HO8ECgTsU7wAABIwAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZrjY28SiV5HO8ECgTsU7wAABIwAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Jan 2024 17:46:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XKWDPE1WKM5S3GRWSY3Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 07 Jan 2024 17:46:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HQH8ZES6FV4J54C70G16
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZrjY28SiV5HO8ECgTsU7wAABIwAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame B6F9
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZrjY28SiV5HO8ECgTsU7wAA%261164&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZrjY28SiV5HO8ECgTsU7wAA%261164&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=6a8d2fef584243dd8e57f5cbff3f8c01
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
241373
expires
Sun, 07 Jan 2024 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Sun, 07 Jan 2024 17:46:12 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
ix
ad4m.at/ad/sim/ Frame B6F9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
crum
dsum.casalemedia.com/ Frame B6F9
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a0c919ee-7e61-0682-16b4236d
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a0c919ee-7e61-0682-16b4236d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgzSfpmaoqh%2BH638lZXSHZcCmmfZOkaWqT7J%2FBP5F4PmfKl3yYsZNdyXfBDbjosaoqAdHoSCl5wbuT%2Bt2KLHNzFwDgLQ798OoNKCjUUHArz7RuqjFTEF2c7l3pJReM%2FByx9lj1lK"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841e04d28e83453a-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 07 Jan 2024 17:46:12 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a0c919ee-7e61-0682-16b4236d
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum-sec.casalemedia.com/ Frame B6F9
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=746ded226e243b2f2l5i0y00lr3scc1n
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=746ded226e243b2f2l5i0y00lr3scc1n
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FH27cwq6UIES8iP2L6yL2CefgEkVVsa4Yc6rMn2RsVqDf0%2BANCKPLbrrjCR6H2PwffHlvWwkvNXtl8uF0uG0uXo%2FYjiFyGmFR8vq4qzMWfgsKCkCQ6OBM2U9lJqgGPN6Y%2Fsa13pwlmTjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841e04d3cf4f2675-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 07 Jan 2024 17:46:12 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=746ded226e243b2f2l5i0y00lr3scc1n
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
x.bidswitch.net/ Frame B6F9 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.198.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-198-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
htw-pixel.gif
cdn.indexww.com/ht/ Frame B6F9 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZZrjY28SiV5HO8ECgTsU7wAA%261164
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:12 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
36181
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
841e04d0fa6a453a-TXL
content-length
43
expires
Mon, 08 Jan 2024 17:46:12 GMT
thirdpartycookie
api.viafoura.co/v2/torontosun.com/ 		45 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/torontosun.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4848:9168:e8ca:4c02:4000 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-instance-id
i-020a06b7687399669
pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://torontosun.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sun, 07 Jan 2024 17:46:11 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Ftorontosun.com%2F&rl=&if=false&ts=1704649571929&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704649571926.961098404&cs_est=true&ler=empty&it=1704649571755&coo=false&rqm=GET
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 07 Jan 2024 17:46:12 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 86E9 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9edd5080ba31477d99e1ea20b721b25107635f954e55b74d6519d37e9f939f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:21:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
1501
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62690
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 18:21:10 GMT
index.html
s0.2mdn.net/sadbundle/4648939273511239680/ Frame B250 		86 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9587556fe64fa6b605e8878778f52e98abd622c47524fc5b446fe66c0d0398a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
473976
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18430
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 06:06:35 GMT
expires
Wed, 01 Jan 2025 06:06:35 GMT
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 86E9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsttd0Tu1_gcVbPu7z0UMnELFw8_yXdw7-SfaBKnw0DjXeeZTnDQqY6UIMbydTQ0VITydglA5kDjSKLl2EVBqW_e9GvzUXNtW81owZDjZvKa2oGh0Gqns6gyz800GdOsToPN55Czq6VeymfQFEFgzA1JZ61UJA1Dai2VWWVRZgkqLCMB9XhnIchPTs6Xo3_9Y-FqFceM0wxn-dPhlS83ZJHdBAyEDhRwhIwwCP7c2SVhsTshMRybYf6YxEzZ-0SG1xsGnZrc9Uv6b6uuSGT9RtUetafzbKS7cri2kaLydy7bVUTeagz7WqVHVJCQBzERAhcoYQoMrzA8VQ-208g2D2CudG6ZIgUMyPZApj1zhzi4qIHYJ1Yu5SG6WY2QGXry4xGpZS1hiMdZk5nFu2WCP-reWI8uoAEyDONGhoFY9C4jNqp7n5EcGGguBpEJZkHkoGiMeNxiaEou1STPNAkQeMdJL9fdidBWvC1BiWxssM_E-zdfYup_Xd6SWcYhmFgYHszUoCPxq5opyUr1XGcJkpWYM_hJIX8Y56q37i6Gn_jgPRTPvz3B04oC5HIRaI-bPwlbBWPXiFmk2A2EI5fPTafikbEleV8nlkew6fQYUHJPIiZoZ-SH-d7xKP2tuyIxu66YiQKNw_Ht6eR6ObKuiVSMe-aNBQxJNwW4XfVxWXAl7yIVLISa2QgRKaSNESXa7iGlfE3K7hJKOAFPCHldda0CaiZ3EAYXaDG-62_-Bvd9I2PwhlptYzQ2AI6XD2KTzgydvZ6iYVu41iiFzxVrJU6T81JSr13NfyeEqKBRUtZjRNpheyGsmMkij2YTcE-lC5mpzAEnVNAPbZxXezDhsMpxyt7Ur_4Rz7dYLF3mBdLDSaHilodYFOhUSrvQ3dkTVf1SiP4D4O77KFtG1MtToZLE5GaTPQi2K5iSzBKAZSM-OEWl1Gk7BXwr5ipxLDyJ1kOtnfC-gpcGFwqretIcdrZPkkejsA3NIomNyGiTm_FAN4eYpJUtDwBcnFYnFDELg319qm4wFJD_qZPd4fb4sCSpIDaJwM42CW2_eMJ_z96JFNIaa9ARXeWTC82QdzfQHxlp9ENWhqRwVDwlVmlwE2jj2QYocBE-OFnVWL3dfuNsJYCeM-Vg0TbcM-pEY9KKTTZ0_Ubbv06fSodZf8tp8bPYnaUQOZff0T1M9zEYFJazmRmnR5EIsa9lObpkNWUyj7umIrcLSAmDfoEd_OlYPu6YhGZnL0VEro9BFyWIF3TdEk1g1j5--G1wBbLwhphD8Mt3S6BdtDjwQDh1pOk6SGo24uVloNUIPKX4-cGuj1yZOVFfDnSGFriUBammslpcEA&sai=AMfl-YSFuoMZkLzFskyvzrEkUoJNhdcC7b1UJY8hQxxJuaEp8PVGGokpoU2v-zySPhyeZW0XSV1-Ql2x785ZiRuSYP1u6NYVaSbYg9m6Wcg-ES5UwWMhz8p5_PbloojdgsPbE5OTcbsOzePBsI8anrLdFn20VoMQbGHIHER5N9fGd5U9VWTy3-bw4PbdSTPljoiMrcrflNyUBHbwnY6ACNYNKE3bHq1BVmtLZOGf18UFZq-V17t7Ey2hga80usw&sig=Cg0ArKJSzBHiCnAo5JmEEAE&uach_m=%5BUACH%5D&pr=6:0.329976&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=240&cbvp=1&cstd=237&cisv=r20240103.19049&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 07 Jan 2024 17:46:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
onetag-geo.s-onetag.com/ 		555 B
970 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-71.ams54.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:20:16 GMT
via
1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront), 1.1 4445c4223f8c2460ef5d29a08d1cc6ac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2, AMS54-C1
age
26754
x-amzn-requestid
87c95c36-5fe6-4a54-a62d-acb0b7fab62f
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
RKgjMGMriYcEt2g=
content-length
555
x-amz-cf-id
IyBDeAvXfrX_i5OJxZtQJJ40bik0ivNbXeJNBCk7igxTH80bTjV4vw==
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QZZLREHFVM&gtm=45je4130v9124468815&_p=1704649570800&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1389705724.1704649570&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Ftorontosun.com%2F&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&sid=1704649571&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3663
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QZZLREHFVM&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
audiences
api.permutive.com/audience-matching/v1/id/482680f6-8665-4539-9ffd-29d0651b15a9/ 		12 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/482680f6-8665-4539-9ffd-29d0651b15a9/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 17:46:12 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
cdnf.js
pix.adrta.com/ Frame 86E9 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pix.adrta.com/cdnf.js?v=23.000
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/s/pbm/aa.js?cb=1795176146_1704649570_366942
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-21.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6d6e1b5a8106e8624cd94dfb25383a222f722bb8fa8817780d91405bccd991b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
o8Dqn2fSaANd7t63xhmbtoZe_cmSJAMf
content-encoding
gzip
via
1.1 abc3ecd1d98ae9cd426d47386509de18.cloudfront.net (CloudFront)
date
Sat, 06 Jan 2024 21:24:22 GMT
last-modified
Sat, 28 Oct 2023 05:29:11 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
73315
x-amz-server-side-encryption
AES256
etag
W/"82b6743c32bc1214117ff9c6593e4ac5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
zK_jWNJ8xEuMOwN3c6rDwT_Id_JOO7GoFxMYaWwvq4OiTmD0LdWirA==
/
pips.taboola.com/ 		4 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220114-FRA
date
Sun, 07 Jan 2024 17:46:12 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://torontosun.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame B250 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3236090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25280
last-modified
Wed, 28 Jun 2023 20:03:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"649c91f5-62c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAz6DSxtg0C%2BZCesqEmRllut%2BGkH%2Fb4%2BmRRfiqEXKMic1ewdqm7YYYFrxSFloKXOyUAY2dypQIJjwfRaV587VLbeB1PdfZTwsYzfs0SIV1srpxqC0TZQZuFx5TNJPRJoo9BW4BPAshDI7QMIhZotbecJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
841e04d23b6437d2-FRA
expires
Fri, 27 Dec 2024 17:46:12 GMT
CSSRulePlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame B250 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/CSSRulePlugin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4790824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
821
last-modified
Wed, 28 Jun 2023 20:03:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"649c91f5-335"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfPt%2BXIrzFsHLdtK6qjHkFyu4ELFMqiiQ7shD3iuKdttSsXEDtiSthCWBGOFq9udDsNwkFLh%2Bo3jaPS%2BL%2BimNAc75KyPlNEH56B8pf9aPb7lUCuhvl0KUL2n6pCbWMMm45KcBxSA8oNRbZQ6jZmFFP7d"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
841e04d23b6637d2-FRA
expires
Fri, 27 Dec 2024 17:46:12 GMT
13dc9848.svg
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		669 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/13dc9848.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 06:14:04 GMT
date
Tue, 02 Jan 2024 06:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
4bc00967.jpeg
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/4bc00967.jpeg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
316d9a3b20eecd0d75bb9c4598d6086d2aa453d1cd42a5b7d4abed7d8c6ae545
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 21:06:35 GMT
date
Thu, 04 Jan 2024 21:06:35 GMT
x-content-type-options
nosniff
age
247177
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66672
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
a6f611a5.jpg
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/a6f611a5.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6ca1199ae49c8f7e3c4e0096ef1575f25457cf067355c483fe744de092ef20b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Mon, 06 Jan 2025 09:16:56 GMT
date
Sun, 07 Jan 2024 09:16:56 GMT
x-content-type-options
nosniff
age
30556
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53458
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
21a581d0.jpg
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/21a581d0.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f30d47f9cdcdd6cd0347c9b418cd1d7013db02af6416161ec98a610c8f82b66c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 06:14:04 GMT
date
Tue, 02 Jan 2024 06:14:04 GMT
x-content-type-options
nosniff
age
473528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56976
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
4332eb45.svg
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/4332eb45.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sat, 04 Jan 2025 07:13:46 GMT
date
Fri, 05 Jan 2024 07:13:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210746
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2343
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
f378cfc5.svg
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/f378cfc5.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 06:14:04 GMT
date
Tue, 02 Jan 2024 06:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2433
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
31152810.svg
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		302 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/31152810.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 06:14:04 GMT
date
Tue, 02 Jan 2024 06:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
b8492361.png
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/b8492361.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40f32e66aa62e3c8204720cae7628b70f2df9ae39ee466f9583446827bd9aa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 06:14:04 GMT
date
Tue, 02 Jan 2024 06:14:04 GMT
x-content-type-options
nosniff
age
473528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2959
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
34c11484.png
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/34c11484.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10e7079b404c6321d8c9549dbd28736f3ca875ea3ffe282294ffd95f6b2b75e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 06:14:04 GMT
date
Tue, 02 Jan 2024 06:14:04 GMT
x-content-type-options
nosniff
age
473528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5232
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
092870ae.png
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/092870ae.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5db1f04209d2d64905b19f31ae793b2feb6e633807f20763ee1410ac1f3837b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sat, 04 Jan 2025 08:57:53 GMT
date
Fri, 05 Jan 2024 08:57:53 GMT
x-content-type-options
nosniff
age
204499
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2192
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
7b8def93.png
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/7b8def93.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd5e1a468aa89dac498d285b2d12db4b2aa64118d6d0fa709b0785d9250f42fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 17:35:54 GMT
date
Thu, 04 Jan 2024 17:35:54 GMT
x-content-type-options
nosniff
age
259818
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3763
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
050e87d6.png
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/050e87d6.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ba9741829fcef2b1659404ffdc6889b47ef4f434de5ccbd67aa7172b03d7071
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 06:14:04 GMT
date
Tue, 02 Jan 2024 06:14:04 GMT
x-content-type-options
nosniff
age
473528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1543
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
40fa64a5.png
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/40fa64a5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd12cc8b75c3517537cfd15861d827c1d5471b0541f8fd330ee2f59d5fa6cd9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 06:14:04 GMT
date
Tue, 02 Jan 2024 06:14:04 GMT
x-content-type-options
nosniff
age
473528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3173
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
d3ce6798.svg
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		820 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/d3ce6798.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 06:14:04 GMT
date
Tue, 02 Jan 2024 06:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
470
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
1147abdf.svg
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		769 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/1147abdf.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 06:14:04 GMT
date
Tue, 02 Jan 2024 06:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
401
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
39c507e6.png
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/39c507e6.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15c6cc98266d6c47464af2861b51e17b34f69a0b319b1b33a765c47e3fd7edc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 06:14:04 GMT
date
Tue, 02 Jan 2024 06:14:04 GMT
x-content-type-options
nosniff
age
473528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2179
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
8d202c55.png
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/8d202c55.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8b2b3828d723bf17a1b4616c18a4912932c3cea19c3df5662b1b22602b50347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sat, 04 Jan 2025 07:13:46 GMT
date
Fri, 05 Jan 2024 07:13:46 GMT
x-content-type-options
nosniff
age
210746
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3462
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
dfd4a3e2.png
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/dfd4a3e2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
198972eba33cc7147a2bbe5ad68e947a17961a4bb43b8f418e0dc4fb2a642950
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 16:36:26 GMT
date
Thu, 04 Jan 2024 16:36:26 GMT
x-content-type-options
nosniff
age
263386
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1706
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
b36afb92.png
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/b36afb92.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4c372f5831ede09fa80c662c9bd065187b1dc2dc6a6607c430e6e2a85c3fa6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 06:14:04 GMT
date
Tue, 02 Jan 2024 06:14:04 GMT
x-content-type-options
nosniff
age
473528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3536
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
d88b4b88.png
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/d88b4b88.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f7da1199c6a289b6a2ebd119a089e02760f568d0320e461b26cf731a1178d61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 06:14:04 GMT
date
Tue, 02 Jan 2024 06:14:04 GMT
x-content-type-options
nosniff
age
473528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14096
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
aa0670cd.png
s0.2mdn.net/sadbundle/4648939273511239680/images/ Frame B250 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4648939273511239680/images/aa0670cd.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4217be0e3ca7ff2f7377988d57a39a56cd1ae384ec7b71f1ecfb16c07ec8c9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4648939273511239680/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 06:14:04 GMT
date
Tue, 02 Jan 2024 06:14:04 GMT
x-content-type-options
nosniff
age
473528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30354
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 12:09:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
rfv.php
compassdata.mrf.io/ 		27 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://compassdata.mrf.io/rfv.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.128.96.92 Sartrouville, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy06.cl11.ovh.mrf.io
Software
istio-envoy /
Resource Hash
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryKTW3Z5ZWy2XHHdNC

Response headers

date
Sun, 07 Jan 2024 17:46:12 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
42
intl-messageformat.1ffa056616fa00afbfc0.js
cdn.viafoura.net/chunks/defaultVendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/defaultVendors~languages/intl-messageformat.1ffa056616fa00afbfc0.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:3000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42716b1e53a7779105575276cedc2e75677bc64e77b0a712bc0d48e2479abd98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
HO9xTEwUA9XX7mdUyeB5zFlGyaHcZJoU
content-encoding
br
via
1.1 24145882259ee3aa55cb95d62adb00ea.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
2079453
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:07:47 GMT
server
AmazonS3
etag
W/"1c693504509bdbb60c6776720954c7c1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
q8xkA_zxsdyt4fXz63-1jlcYvzzlCfnKMnNeaNeFLMNFEzvyzt6VKw==
intl-messageformat.bba378369051b3ea02d6.js
cdn.viafoura.net/chunks/languages/ 		135 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.bba378369051b3ea02d6.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:3000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af979786c73f4c25357e6528bb264f3dffae203ec6ff1adced8b57c3532f6d4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
UzLWjcfYom6uexWyVPi6r3Nw71PzbVar
via
1.1 24145882259ee3aa55cb95d62adb00ea.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
2079453
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Thu, 14 Dec 2023 16:07:56 GMT
server
AmazonS3
etag
"41f960d448b03a594d459a897779ddf6"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
E396wvfCx6jm6ec1qQEbBrCANKaDaxCI6cUGob_t87OzGsNgOLuvng==
en-us-base-json.22dd055f6ebc67a95f1d.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.22dd055f6ebc67a95f1d.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:3000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2d2f5d052658ef5589fe450a8654dbeb88d97511ce36f21f1c3bb3b38fa3c24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
eMLa6OOnuDbIY213u_T07FIUE3Zk08lX
content-encoding
br
via
1.1 24145882259ee3aa55cb95d62adb00ea.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
2079453
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:01 GMT
server
AmazonS3
etag
W/"dfb5516fd649a383d34843bb4b99126e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
5iKXAFi3eo3v1yuSyNPm4mto3HZxuDX3hNa2N2OFy5dJLgGI9R1RRg==
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 436E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 15:59:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
6380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 Jan 2025 15:59:52 GMT
rep.gif
comcluster.cxense.com/Repo/ Frame 20AA 		43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.44&typ=pgv&rnd=lr3scb6ccagofxvc&sid=1138596495834131576&loc=https%3A%2F%2Ftorontosun.com%2F&new=1&arf=0&ltm=1704649571543&ref=&tzo=-60&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lr3scbgcs9cid813&ckp=lr3scb6crlzb0e5h&glb=&cp_userState=anon&cst=21vzvibldx2ja2ft1fncj4nmrm
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0037.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Sun, 07 Jan 2024 17:46:12 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=0a624e20-2526-4739-810d-8903a40a64e3-tuctc9468e1&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 17:46:13 GMT
cache-control
no-store
server
nginx
id
id.cxense.com/public/user/ 		102 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lr3scb6crlzb0e5h%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%2221vzvibldx2ja2ft1fncj4nmrm%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%2221vzvibldx2ja2ft1fncj4nmrm%22%7D%5D%2C%22siteId%22%3A%221138596495834131576%22%2C%22location%22%3A%22https%3A%2F%2Ftorontosun.com%2F%22%7D&callback=cXJsonpCB1
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0037.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
8338f4704a3f9873ecc9d7898b30e3938b191b95a1c27de9d6f25b47f6371399
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:12 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
102
expires
Mon, 26 Jul 1997 05:00:00 GMT
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		42 B
172 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
409eb6fa5259239312d230eb977f4517ab437e60dc4597af28c7d4a71669ac2e

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-sof1510022-SOF
date
Sun, 07 Jan 2024 17:46:12 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1704649572.166292,VS0,VE33
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
LoginRadiusV2.js
auth.lrcontent.com/v2/ 		211 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/LoginRadiusV2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:12 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
3104
x-amz-cf-pop
FRA56-C1
cf-polished
origSize=1336927
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 04 Dec 2023 07:20:21 GMT
server
cloudflare
etag
W/"34dedade3a8f1aa4aa0db4d3bf475de7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
841e04d2292e2bcd-FRA
x-amz-cf-id
Za52deKs_LpVoE6SFjiUU-TkEgehMXwGHS6nGzKvC0YjhywmBUlfWw==
expires
Sun, 07 Jan 2024 21:46:12 GMT
ingest
i.viafoura.co/v3/torontosun.com/ 		67 B
391 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/torontosun.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.44.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-44-110.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://torontosun.com
date
Sun, 07 Jan 2024 17:46:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ipv6.adrta.com/ Frame 86E9 		132 B
244 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ipv6.adrta.com/?callback=_1704649572221
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:b4f:4b01:e956:729a:ad86:b3cb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8a4c9502d0943cc6fa52530ec0a36dce3895779e0fd02ee5505d03469f871703
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
content-type
text/javascript; charset=utf-8
i
adrta.com/ Frame 86E9 		144 B
272 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adrta.com/i?cb=4111628&__aasv=23.001&__aaii=2141252765329764783&__aait=1704649571835&__aavz=-60&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=7&__aahd=%7B%22chrome%22%3A%22na%22%7D&__aarf=2&__aart=9&__aacd=1&__aaax=0&__aaay=0&__aasz=970x90&__aapf=0&__aaec=4&__aaup=1&__aaae=0&__aaat=0&__aaav=0&__aaas=0&__aaah=0&__aaph=0&__aapw=0&__aapc=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aaho=1&__aacb=1795176146_1704649570_366942&__aaxf=80.255.7.106%2C%2010.1.1.118&__aaci=pbm&paid=pbm&kv24=1&avid=1482&plid=6847895749854214219&lineItemId=&caid=22987&publisherId=157784&pricePaid=0.379747&kv12=1938045&siteId=399146&kv3=&kv15=167&kv11=E49FBBF9-8B17-4F3A-917E-1020873610C4&kv18=&kv19=&kv5=80&kv6=47052&kv13=torontosun.com&kv8=torontosun.com&kv2=torontosun.com&__aapu=https%3A%2F%2Feba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&__aapr=https%3A%2F%2Ftorontosun.com&__aatu=https%3A%2F%2Ftorontosun.com
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.93.133.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-133-145.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8307383dd24408367e9444fc721e8a56e215b6b1743e2d27983a8f52a21fc8f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/javascript;charset=ISO-8859-1
pragma
no-cache
date
Sun, 07 Jan 2024 17:46:12 GMT
cache-control
no-cache
content-encoding
gzip
server
nginx
expires
Thu, 01 Jan 1970 00:00:00 GMT
svod-module-js.af0a0ec7f140c97a1728.js
cdn.viafoura.net/chunks/vuex_store/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.af0a0ec7f140c97a1728.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:20a0:3000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a633cd18a8ef38d694ec323dfd22731854e161f2ebee27b2eb9870a7df78980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
oVcFYRVQ6xZnBh6.ADJboKZ1fI_ywaEX
content-encoding
br
via
1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
age
2079452
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:02 GMT
server
AmazonS3
etag
W/"29fcd3e8ac2266d59e9874ce666e077c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
FHqAcvgk1dvDcomNRnGvoSMKw1ydrnGvLmE8d1JTtEUI2rHoX8KrmA==
multimedia.php
events.newsroom.bi/ 		12 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/multimedia.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/e0a4db8779dc244a772e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.30.128 Domont, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy08.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Jan 2024 17:46:12 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
view
googleads4.g.doubleclick.net/pcs/ Frame 86E9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsttd0Tu1_gcVbPu7z0UMnELFw8_yXdw7-SfaBKnw0DjXeeZTnDQqY6UIMbydTQ0VITydglA5kDjSKLl2EVBqW_e9GvzUXNtW81owZDjZvKa2oGh0Gqns6gyz800GdOsToPN55Czq6VeymfQFEFgzA1JZ61UJA1Dai2VWWVRZgkqLCMB9XhnIchPTs6Xo3_9Y-FqFceM0wxn-dPhlS83ZJHdBAyEDhRwhIwwCP7c2SVhsTshMRybYf6YxEzZ-0SG1xsGnZrc9Uv6b6uuSGT9RtUetafzbKS7cri2kaLydy7bVUTeagz7WqVHVJCQBzERAhcoYQoMrzA8VQ-208g2D2CudG6ZIgUMyPZApj1zhzi4qIHYJ1Yu5SG6WY2QGXry4xGpZS1hiMdZk5nFu2WCP-reWI8uoAEyDONGhoFY9C4jNqp7n5EcGGguBpEJZkHkoGiMeNxiaEou1STPNAkQeMdJL9fdidBWvC1BiWxssM_E-zdfYup_Xd6SWcYhmFgYHszUoCPxq5opyUr1XGcJkpWYM_hJIX8Y56q37i6Gn_jgPRTPvz3B04oC5HIRaI-bPwlbBWPXiFmk2A2EI5fPTafikbEleV8nlkew6fQYUHJPIiZoZ-SH-d7xKP2tuyIxu66YiQKNw_Ht6eR6ObKuiVSMe-aNBQxJNwW4XfVxWXAl7yIVLISa2QgRKaSNESXa7iGlfE3K7hJKOAFPCHldda0CaiZ3EAYXaDG-62_-Bvd9I2PwhlptYzQ2AI6XD2KTzgydvZ6iYVu41iiFzxVrJU6T81JSr13NfyeEqKBRUtZjRNpheyGsmMkij2YTcE-lC5mpzAEnVNAPbZxXezDhsMpxyt7Ur_4Rz7dYLF3mBdLDSaHilodYFOhUSrvQ3dkTVf1SiP4D4O77KFtG1MtToZLE5GaTPQi2K5iSzBKAZSM-OEWl1Gk7BXwr5ipxLDyJ1kOtnfC-gpcGFwqretIcdrZPkkejsA3NIomNyGiTm_FAN4eYpJUtDwBcnFYnFDELg319qm4wFJD_qZPd4fb4sCSpIDaJwM42CW2_eMJ_z96JFNIaa9ARXeWTC82QdzfQHxlp9ENWhqRwVDwlVmlwE2jj2QYocBE-OFnVWL3dfuNsJYCeM-Vg0TbcM-pEY9KKTTZ0_Ubbv06fSodZf8tp8bPYnaUQOZff0T1M9zEYFJazmRmnR5EIsa9lObpkNWUyj7umIrcLSAmDfoEd_OlYPu6YhGZnL0VEro9BFyWIF3TdEk1g1j5--G1wBbLwhphD8Mt3S6BdtDjwQDh1pOk6SGo24uVloNUIPKX4-cGuj1yZOVFfDnSGFriUBammslpcEA&sai=AMfl-YSFuoMZkLzFskyvzrEkUoJNhdcC7b1UJY8hQxxJuaEp8PVGGokpoU2v-zySPhyeZW0XSV1-Ql2x785ZiRuSYP1u6NYVaSbYg9m6Wcg-ES5UwWMhz8p5_PbloojdgsPbE5OTcbsOzePBsI8anrLdFn20VoMQbGHIHER5N9fGd5U9VWTy3-bw4PbdSTPljoiMrcrflNyUBHbwnY6ACNYNKE3bHq1BVmtLZOGf18UFZq-V17t7Ey2hga80usw&sig=Cg0ArKJSzBHiCnAo5JmEEAE&uach_m=%5BUACH%5D&pr=6:0.329976&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=588&vt=11&dtpt=348&dett=3&cstd=237&cisv=r20240103.19049&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://torontosun.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
841e04d3bebd1963-FRA
date
Sun, 07 Jan 2024 17:46:12 GMT
server
cloudflare
vary
Origin
appInfo
config.lrcontent.com/ciam/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca8e011c30e88f7508e3aa362170192447703c3054a19d3df50335a6d9576640

Request headers

Referer
https://torontosun.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
max-age=86400
cf-ray
841e04d42f761963-FRA
gen_204
pagead2.googlesyndication.com/pagead/ Frame 436E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BWqTjY-OaZb2oIs7hx_AP3L28oAoAAAAAOAHgBAI&bg=!t7SltPvNAAY3kmNgF5I7ADQBe5WfOMzp5s7Etyu1usw_SBcC0FsoDllgx6zVh201FzmjLoq-hbxBNErWCN9bPtDye4KjAgAAAIBSAAAAA2gBBwoAIp_Z5IFSYrgJFWdU7bbK_Gr7P5PKZF5-uVh1ZnE71wRqKQqZAxBpWltnUCkPaCr9EVRuBg7b6jUHN1mM9Q4_WfH00GaJ5TuELiN1-ZzvyluD_CL0u_E1kaO-wtqRh11kqxcn-ZxsyFjzbxEgQ5FCr2_p5SRY8SXGUWIVdA1f8m6YMyDiqXCVZkGB0JbYv6RY_if7qZCuld9qa6aXdDpSMC8Ynoqf9ik5vn2MovzV46ow6OwTqMxWBqha-rtyLfRW1D6aBGyOMduF9XUMv-ak14Fg38QFLW1Gywp-4-ZfXDnB1zi_JS73LRXb_w7fK4fUeDQ46wGgYrkFw5ijQk9cG0PgOWR3MU1wy1JCEz3u76i4VQOpY_QFyY6gdu7jzwp9dSgEX_2xYfA-OQXGxOxI-3asi04_McDS4Evar_1tFtJnjUBG-LhKLAYAnnChaN7VZZU-ZWPfyb6gkhDEEypVjTtPXWu77eE7RXB20viUwN8KCXTjyqVZazO3yxAxQcCL04CggTTRE6YwTaR4WswN9XGsQnvD-uq1eJ4jpEcczUyAt0o1MuTyhotll_k5kxeWOmoJ0VjuGzh5SbBp-BojI6ielOuBDj3y8I2uKR2AtQT6oVCyti02TAdWXr8c9Q6MpdIXDJsAklRX4zHR8HH1yd-yMukqiXqVjyy_LsyX8sW1aew_6a-DH5maXpTJ9h_LEaGHpk5D3fu_BznvDDtbhrPmParwQQtySnD5MaLtszH-AL1yabyXRgGkc74L5-7aOLkAQrgrb6k2Hj2D7BediengiSmwMWPldxoxUWbLZ1x38PusRYTJVfFJ1A_uZ2qkswq7ZBW_oNkxIGJrIxWgEuTb-OCxl7tDn0r1_WrZYQ7qkpIckrKMkLi4RjJctVUDVBA4y8-9cG-z-iyLo9cDjVbClMMCcnh0lppyjod1fpk5odSwRwm5tsP67QyXlhtH4tuCHUfI6LMpj4taiOCYoJjncOaciQNZL75TLyYYX3HbEGdQAQleXKgetcNL3z_ob5EIQ7tcv0HiLOd7V_plPfr7x7nV6YIqU8wu8L2Aqr85hvmP_dZSbdWlInpB_E7t6B_5oHMS
Requested by
Host: eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
URL: https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://torontosun.com
Connection
keep-alive
Date
Sun, 07 Jan 2024 17:46:12 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://torontosun.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 17:46:12 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://torontosun.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
adview
securepubads.g.doubleclick.net/pagead/ Frame 86E9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4spWYuOaZY-XDYGj7_UP3auNiA24mfOiXOm17rv6AsCNtwEQASAAYJWqoIKwB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJ4AIAqAMByAMCqgSPAk_Q8gh0SLbQ4eQD5m9q4hpHw26WKZE72coNLf1HGZXwHK4Tg7aLY7X0qCl7mQ9vhReO0WQEfJe8B5VwPi6AiosDHiLv2pa0S9X7d9qoSIbQeEAyrkB-ViBNMb1B-1gxIxmyeBeXb039u3JLBDcf0c0i4r9NBokRsgnk1hlmHtRTigAf9Fa6Nx_EuftwnWj8AFHTHX7mFDI1DZaH5Je6ebfsz8cfxpPx23V4bTZ31-2RL2aQFDVzHpYxsu3RaSy721CNz_dc7SxWXx78TwMFF_iUWnSgcepT7uf50brXy_d3w8oAW4w7VwLkiuxId4WKfjo47mHz1NV0tsQ-AeYKTeycXp7JvyqB6pwM6qy4UVjgBAGABur4iYPu67zs3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgHAQATIC6wI6AoBASL39wTpYtYHgwOrLgwOACgP6CwIIAYAMAeINEwjQquHA6suDAxWB0bsIHd1VA9HQFQGAFwGyFxwKGhIUcHViLTU2MTEwNTM2NjI2MTMzOTAYzfUR&sigh=RH2PFY6AwNY&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_EDEO9fgXtjkd7LcKfdt57spvahw8l3rWL9guHNVBcJfOVpDrkR0PzH4VQfuabmP8DHgX3SP6BtQbAhsPrE7thnphsDE0DmcyCRgB&tpd=AGWhJmvRcEW39TIMPk5zKNE26zsrdnXYT-5PM3R58baaJ4LcNFoHwfKGrOju3J4bPTaURJXaXdIYoO3RRQ4j34N4s-b1sfEf2bMefPlTMd6gQ5VnKXMxAdZwwL4f_IOLdMC6x3i66HZy2ZCvMowCji0Ji_6ximuXYidFZdRuhVkMhwNZAsChMKOM7evL_hIIcDr7a2_zPb3jq0X4W6v8DTpih9EvIaRBiXP4e-ZbYcBk1zOyaF6miWvYRN5TdWXEuoDT9RLLzgiC3n70zo7u1i69fznuMi83LOuEq2MSzLQWX32RwdqXY_fhohHJttErzW2RZ_sBdu3w6QD15vixrtj1Rqi5gndjPeLceRLmKJeWhThkW1Wjuob8BYuTcSX06OQ8NPk9DjLHuWJJgoUjZY3_uuuJg08kBTq60aHbtsIJawKJETKrK3c-790VQPkzJosXE35Uu6Bxr9UxboucEGCS10mq973S0jlOmDQPCUW2lbB9TJlrrzpU6mnVgtQlTSOY7awo93cGlg75hNvDJuMpY6QFcXXjO0NyfzItHDcqRagjdmmSq5jNGqV98AvfwTLzHMsJpLcJh5tq4RLjiOeNLvI6xUB789JD5Qr-G5y5ar5JX0ywmQOwbKoba-O7koBgxZU3uvz9QgOohVOSu2r-_ccGJG1jNvKq1mIN7m-dsCTea_Lb4yyoN8RvzxxCt9zhzZjaaFc5Y5DOdv9d8lcEU1jtaCwiXAmHV-ffLROL-I7xsq_C93nZek-B6rBjBJ8Qi9j572zwiP6Kxemy9gXDyDGR7HKBxxQFDAfxQw9_xhXUxtSyyHhvhXkwr81d9JrKVvKDsDo3ZYfAo2WIse8kaE_ljFozmn8pruR5siPVwS8W9C0Xnc0TsB2U3AycxW3sLruvxGUknvOLDIl5sGSQaq36NKBYhxgp3GqwmSWI41fbfgi0wktZcEcL1PGQ1ICpzgxq_Pbqd_0LfcTxUGPMSJpnxwbh0QGVYYD1t14nRoD0pn_VzEAc-_QdvrbmnHl6LmvexkszaFiARcTSXMJl0c9YJwZV3SV0M4mza_rKauWUNc1ExfUviW0yDEPGn8yDg6YGZdlSeIzTLL0iDIfa04EWGjx6o7_necUYSfqcURhE5AEwL0AX9baCuv6e7hGtV7oZ4mzMiDB4Pt0Os-bAvbu-VZbvwG6f8-aHmdtxIuHBaWkycGJ0TBPXIcao-OoLUplwLIoWH-uPt8DBn9GsyHu07arx3vC-NGN8ztx-txGw23ngwlu90EKyjlKhlaMBvDIJGNYWFfPtr6aLxZzywN-IcgmvwYm861_Tr-yTDcKE0v-JdtiHqe11Ah9HKmlYz3dcJT-hEkKUtHt32iwUeDp1gDrzGMvBDZwzySREIRW0bF6F83pdPRg5MnTbVEw6Yi2-bjAYfp7xjKEKph5ZLoMgtZrowxrx62Lz-zrU64wClD39rlr4y5Zd0ZvRzhJ4LW3bGeUUrZlN5CZBysouEnUQpvHw3hYn6vDkWa3vbXg7QIX7Ys_4qWUV-bnW4qXgBWltNfyq_08emI2nm8GZt3hp0v0_ZJScYsuinbteObx_xSozncB6dJ5MfrTkuSVl77r3KaYLzOgfX5CiPPNzfBnRdNe-NzBEs8X3-2YXhgc517ITzbVoR22MAMoEZLmvJv0bomE4DvS6q80PcHAFBjrxyLvrXDqBuNKuvIpB9ghstfT3dsUicykuWSHvOdglY0glraxUHbJx5KjwGQ21Qeb4FY8vUJUAAoTTcRHeHoPilqFc02XTvWMnx4u810IGLtFbl_0jw4Ja&cbvp=2&vis=1
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
dw-check.html
experiences.mrf.io/marfeelpass/statics/ Frame BACA 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=5
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6821
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400, s-maxage=2592000
cf-cache-status
HIT
cf-ray
841e04d7ffdbf097-CDG
content-encoding
gzip
content-type
text/html
date
Sun, 07 Jan 2024 17:46:13 GMT
last-modified
Thu, 23 Nov 2023 12:08:24 GMT
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-envoy-upstream-service-time
2
ping.gif
placement-prd.jwpltx.com/v1/placement/ 		0
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://placement-prd.jwpltx.com/v1/placement/ping.gif?h=1914985118&e=pll&n=2597301126761733&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&plv=0.13.0&sa=1704649569235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:9c00:15:2b26:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:13 GMT
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
X6QaZGNmW5EXYUuFakoNs41OIWTYICjwqODwK__AFz0fAVEPvUhCww==
x-cache
Miss from cloudfront
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d192d18d813d82f9b04220a9b66f8494c8599fa496aa75ac822493218adc34f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12243
x-xss-protection
0
ping.gif
ping-meta-prd.jwpltx.com/v1/jwplayer6/ 		0
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping-meta-prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-479021006&e=xapi&n=2200063926799660&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&emi=1n8aksf3h2of&id=ATeFDMnl&pli=1uy2ki718e14&pv=8.30.1&tv=3.43.2&ed=6&prs=idle&pid=dchHpZtp&ph=1&sdk=0&xam=on&xfmp=viewable&sa=1704649570359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:f000:0:723d:9040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:13 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
xwuwnIQAOsdE8fs8mViULn-G09oaLOpf73jAwh58kN67FG9vPPq2lg==
x-cache
Miss from cloudfront
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=807867953&e=e&n=0765184438977353&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=tiuFp3AB&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=1n8aksf3h2of&i=0&id=ATeFDMnl&lid=1ktr2fsm790e&lsa=read&mt=0&pbd=1&pbr=1&pgi=1gnqzu1rjcei&ph=1&pid=dchHpZtp&pii=0&pl=282&plc=20&pli=1uy2ki718e14&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&pu=https%3A%2F%2Ftorontosun.com%2F&pv=8.30.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=On%20Tour%20with%20Jon%20McCarthy%3A%20Golf%20predictions%20for%202024&tv=3.43.2&vb=1&vi=1&vl=90&wd=501&ab=1&bpv=7.5.0&cae=0&cb=1&cdid=leadVideoIFrameHeadline&cme=0&dd=1&fed=JQkbLqiZ&flc=0&fv=&ga=0&lng=en-CA&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FATeFDMnl.m3u8&pbc=0&pd=2&pdr=&plng=en-CA&plt=2050&pni=1&po=0&pogt=%20Toronto%20Sun&rf=%2F%2Fcdn.jwplayer.com%2Fv2%2Fplaylists%2F4KFQF7jC%3Frelated_media_id%3DMEDIAID&sn=%7B%22controlbar%22%3A%7B%22background%22%3A%22rgba(0%2C0%2C0%2C0)%22%2C%22icons%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22iconsActive%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23FFFFFF%22%7D%2C%22menus%22%3A%7B%22background%22%3A%22%23333333%22%2C%22text%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22textActive%22%3A%22%23FFFFFF%22%7D%2C%22timeslider%22%3A%7B%22progress%22%3A%22%23F2F2F2%22%2C%22rail%22%3A%22rgba(255%2C255%2C255%2C0.3)%22%7D%2C%22tooltips%22%3A%7B%22background%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23000000%22%7D%7D&sp=0&st=250&sa=1704649570365
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:4c00:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:13 GMT
via
1.1 8c6af47a034eacd38f7f934dfc1eaa40.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
AMS58-P2
x-amz-cf-id
Aon8JquBn4fRlLqnb2dCX-wbUnUrMlvpzGF8XBwyJtra7jdZuokzJw==
x-cache
Miss from cloudfront
ping.gif
prd.jwpltx.com/v1/clienta/ 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/clienta/ping.gif?h=1275418723&e=abq&n=4288381933062462&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=tiuFp3AB&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=1n8aksf3h2of&i=0&id=ATeFDMnl&lid=1ktr2fsm790e&lsa=read&mt=0&pbd=1&pbr=1&pgi=1gnqzu1rjcei&ph=1&pid=dchHpZtp&pii=0&pl=282&plc=20&pli=1uy2ki718e14&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&pu=https%3A%2F%2Ftorontosun.com%2F&pv=8.30.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=On%20Tour%20with%20Jon%20McCarthy%3A%20Golf%20predictions%20for%202024&tv=3.43.2&vb=1&vi=1&vl=90&wd=501&ab=1&abid=p86rl71rhqwp&apid=p86rl71rhqwp&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=0&flpy=USD&vpb=%7B%22pubmatic.id%22%3A%225353002%22%2C%22pubmatic.pubid%22%3A%22160305%22%2C%22rubicon.pubid%22%3A%2214648%22%2C%22rubicon.siteId%22%3A%22505096%22%2C%22rubicon.zoneId%22%3A%223013902%22%2C%22indexexchange.id%22%3A%221031514%22%7D&vto=3000&bpv=7.5.0&rtp=%7B%7D&tpi=&sa=1704649570374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:4c00:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:13 GMT
via
1.1 8c6af47a034eacd38f7f934dfc1eaa40.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
AMS58-P2
x-amz-cf-id
xo-s-goBfm2Yf-Ztzdjv-z6nZQcHrcxrcZk6cl5hjTUAo5GCcEwpSw==
x-cache
Miss from cloudfront
ping.gif
prd.jwpltx.com/v1/clienta/ 		0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/clienta/ping.gif?h=1004099557&e=abr&n=8352232686490193&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=tiuFp3AB&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=1n8aksf3h2of&i=0&id=ATeFDMnl&lid=1ktr2fsm790e&lsa=read&mt=0&pbd=1&pbr=1&pgi=1gnqzu1rjcei&ph=1&pid=dchHpZtp&pii=0&pl=282&plc=20&pli=1uy2ki718e14&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&pu=https%3A%2F%2Ftorontosun.com%2F&pv=8.30.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=On%20Tour%20with%20Jon%20McCarthy%3A%20Golf%20predictions%20for%202024&tv=3.43.2&vb=1&vi=1&vl=90&wd=501&ab=1&abid=p86rl71rhqwp&apid=p86rl71rhqwp&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=0&flpy=USD&vpb=%7B%22pubmatic.id%22%3A%225353002%22%2C%22pubmatic.pubid%22%3A%22160305%22%2C%22pubmatic.result%22%3A0%2C%22pubmatic.code%22%3A0%2C%22pubmatic.timeForBidResponse%22%3A81%2C%22rubicon.pubid%22%3A%2214648%22%2C%22rubicon.siteId%22%3A%22505096%22%2C%22rubicon.result%22%3A0%2C%22rubicon.code%22%3A0%2C%22rubicon.timeForBidResponse%22%3A194%2C%22rubicon.zoneId%22%3A%223013902%22%2C%22indexexchange.id%22%3A%221031514%22%2C%22indexexchange.result%22%3A0%2C%22indexexchange.code%22%3A0%2C%22indexexchange.timeForBidResponse%22%3A141%7D&vto=3000&sa=1704649570575
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:4c00:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:13 GMT
via
1.1 8c6af47a034eacd38f7f934dfc1eaa40.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
AMS58-P2
x-amz-cf-id
4uxLjEHiwsnD1APFlDj4dRJY0-orXTyy0R0k7Aqzu5i0LSDUJjhTCw==
x-cache
Miss from cloudfront
syncframe
gum.criteo.com/ Frame A82D 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=torontosun.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 17:46:12 GMT
server
Kestrel
server-processing-duration-in-ticks
334014
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
ingest.php
events.newsroom.bi/ 		2 B
778 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.30.128 Domont, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy08.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 07 Jan 2024 17:46:12 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
ribn.min.js
assets.ribn.com/production/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/production/ribn.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:13 GMT
content-encoding
gzip
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA50-C1
age
5364
x-cache
Hit from cloudfront
last-modified
Wed, 28 Oct 2020 14:49:59 GMT
server
cloudflare
etag
W/"6b213f30955b664fd78dc9e388b17e54"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
841e04d878541987-FRA
x-amz-cf-id
DDWcU7UdS76X-gqbLN6LIBYRZSGbdFbqxkxvlCWLGLBGMCnkmI8pvw==
expires
Sun, 07 Jan 2024 21:46:13 GMT
ribn-postmedia.min.js
assets.ribn.com/v2/production/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: torontosun.com
URL: https://torontosun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:13 GMT
content-encoding
gzip
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA50-C1
age
4404
x-cache
Hit from cloudfront
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
server
cloudflare
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
841e04d868531987-FRA
x-amz-cf-id
jU6lqN799vbP4SUA_UvmGotXfeggyx8kkwQLB710YekeKrlgt3aLJQ==
expires
Sun, 07 Jan 2024 21:46:13 GMT
sid
mug.criteo.com/ Frame A82D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=torontosun.com&sn=ChromeSyncframe&so=0&topUrl=torontosun.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=JJzirXx4dHJyb2EyZ2ZWM3lDUVJiR3gxcy95NUhRY2IzQU9iUnlzSEcvRzZmS2pBWTVWMCtDamxJcXFLRzR5WU9lOXV1VW9zZUsyRFY0eEJCNVZ2LzJ3SXJUV0NhZnVLK0N6M1lnNTc2SXRhV01MdDVVQmh4Q1NuempzK3...
441 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=JJzirXx4dHJyb2EyZ2ZWM3lDUVJiR3gxcy95NUhRY2IzQU9iUnlzSEcvRzZmS2pBWTVWMCtDamxJcXFLRzR5WU9lOXV1VW9zZUsyRFY0eEJCNVZ2LzJ3SXJUV0NhZnVLK0N6M1lnNTc2SXRhV01MdDVVQmh4Q1NuempzK3lucFFLMytKRnlEb28wbnIrUU13WjJuZlgvUFdaQkxiV3o1azZiMjJmeGVxeUM2NExNOWcrM3BWV2k3cEdYUWg0dDM2NlBqdVR6TTNBNm5uRm9MeFp3Q2RHNEUwMU9FN2gzc05BdFBUYkgycUlMUTF3eW5ZbTlINVZnL1orbGlNMG5zSGFHeS91U3hHRU5zL2xJUzAwajhBTXduLytiT3hkYWIwZWxYVGptbm9QRDVhZXdoTT18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b3335b51206e298f31aa46b7f4c0128bd9ad77e69c36edfdecc5b67a8ad4a488
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:13 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1179373
expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:12 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=JJzirXx4dHJyb2EyZ2ZWM3lDUVJiR3gxcy95NUhRY2IzQU9iUnlzSEcvRzZmS2pBWTVWMCtDamxJcXFLRzR5WU9lOXV1VW9zZUsyRFY0eEJCNVZ2LzJ3SXJUV0NhZnVLK0N6M1lnNTc2SXRhV01MdDVVQmh4Q1NuempzK3lucFFLMytKRnlEb28wbnIrUU13WjJuZlgvUFdaQkxiV3o1azZiMjJmeGVxeUM2NExNOWcrM3BWV2k3cEdYUWg0dDM2NlBqdVR6TTNBNm5uRm9MeFp3Q2RHNEUwMU9FN2gzc05BdFBUYkgycUlMUTF3eW5ZbTlINVZnL1orbGlNMG5zSGFHeS91U3hHRU5zL2xJUzAwajhBTXduLytiT3hkYWIwZWxYVGptbm9QRDVhZXdoTT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
315330
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 07 Jan 2024 17:46:13 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 86E9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssn_HtceFzE4DrwGpB1IzrQ5-rs-mvsWxn9s6rT46Id1U5S2Rkgv8isZJn_fLRAx7lluQOJ_DgUeaFJRzVx6Brxw6UA9J_33PWBJ4JKDTuT07eTYdDGiQ&sig=Cg0ArKJSzMg8B8jKFYQKEAE&id=lidar2&mcvt=1006&p=109,315,199,1285&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=913967088&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704649571109&rpt=964&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 86E9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssV9yil1_lJDuGzzABUqu436ZN6Kmx2QP60ZE66aM653hbnjRCKz-M6g-p3HTC7WuES2_Bwt_i5hie_ou_E6YWz8zWYhAB_bOZIyfpYuPbr3e8Ze0n7YSRQwQsA&sig=Cg0ArKJSzKgo4aEaoBH8EAE&id=lidar2&mcvt=1009&p=0,0,90,970&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704649571109&rpt=968&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 72C4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11973
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 14:26:40 GMT
expires
Mon, 06 Jan 2025 14:26:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BA11 		829 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
af5456556e2afc99d0300b8ea5617742c6afe012127ee80115aa24edb6092d6b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ocoRiH8FHr7bYeW3eex3Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ocoRiH8FHr7bYeW3eex3Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 17:46:13 GMT
expires
Sun, 07 Jan 2024 17:46:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame BA11 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=480068266870360&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 72C4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 15:59:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
6381
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 Jan 2025 15:59:52 GMT
generate_204
tpc.googlesyndication.com/ Frame 72C4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?JYIXLg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
i
adrta.com/ Frame 86E9 		15 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adrta.com/i?cb=27320819&__aasv=23.001&__aaii=2141252765329764783&__aait=1704649571835&__aasi=7058005162755445459&__aast=1704649571587&__aavi=10023777668853151896&__aavt=1704649571587&__aavz=-60&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=7&__aahd=%7B%22chrome%22%3A%22na%22%7D&__aarf=2&__aart=9&__aacd=1&__aaax=0&__aaay=0&__aasz=970x90&__aapf=1&__aaec=4&__aaup=2&__aaat=0&__aaae=0&__aaav=1&__aaas=1113&__aaah=0&__aapc=0&__aaph=0&__aapw=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=1795176146_1704649570_366942&__aaxf=80.255.7.106%2C%2010.1.1.118&__aas21=2a01%3A4a0%3A1338%3A92%3A%3A11&__aas23=2a01%3A4a0%3A1338%3A92%3A%3A11%2C%2010.2.1.203&__aaci=pbm&paid=pbm&kv24=1&avid=1482&plid=6847895749854214219&lineItemId=&caid=22987&publisherId=157784&pricePaid=0.379747&kv12=1938045&siteId=399146&kv3=&kv15=167&kv11=E49FBBF9-8B17-4F3A-917E-1020873610C4&kv18=&kv19=&kv5=80&kv6=47052&kv13=torontosun.com&kv8=torontosun.com&kv2=torontosun.com&__aapu=https%3A%2F%2Feba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&__aapr=https%3A%2F%2Ftorontosun.com&__aatu=https%3A%2F%2Ftorontosun.com
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.93.133.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-133-145.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/javascript;charset=ISO-8859-1
pragma
no-cache
date
Sun, 07 Jan 2024 17:46:13 GMT
cache-control
no-cache
server
nginx
content-length
15
expires
Thu, 01 Jan 1970 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-H792QCFZPV&v=3&t=t&pid=818928023&cv=5&rv=4130&tc=17&es=1&e=gtm.load&eid=39&u=AgAAAAAIIAAAACAg&ut=AiA&h=Ag&tdc=G-H792QCFZPV*G-H792QCFZPV&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:13 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=G-H792QCFZPV&v=3&t=t&pid=818928023&cv=5&rv=4130&tc=17&es=1&e=gtm.load&eid=39&u=AgAAAAAIIAAAACAg&ut=AiA&h=Ag&tdc=G-H792QCFZPV*G-H792QCFZPV&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:13 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 86E9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4080970156587&version=m202309260101&ct=76&x=6&cor=10347908810826754000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=480068266870360&bg=!DQ6lDkHNAAY3kmNgF5I7ADQBe5WfOMPkXTQDIvnpWFpn7ODqlagB8RJ9BmUdiKjSLmLDNnnjYCRmVX9ziO0PxaUVQKQVAgAAAHxSAAAAAmgBBwoARxtMij7gkStsObi6dgIjUL4LRJUj7CMhmnFTq5pw0n7CnU6m3pXI_NxtrvYmxPf8qjK4kYUyPYAKGso0udGL-zl7BzX6a1-mmQK6G2BGXEZl1T4mI_z_Gz0_bE89iEZGSTRGtKpavpAQfFihqCBkQwJjASYcNu0I57QwRY6narLzk8leCTb2IdzpNFDpltTo0_yl7M1S4CLdlchJdxlLB_Dn36fGmL3uY0U2TU54Gj2nweBlCYo8rNIPCw_gmf091CXfwMtuOEjQ1oBrwz8j6olWgw9-QuZtMQPfMclSuPatlaPPuFb3oky1IGgF_TqTk1Ccs03QggJ8IAAU4xSd1cZDsoJ9dnjatbEpVIHvea3kDow0_sLVtdyN9HOEYskFlZdGcdMHQpcVNWi9Ruhhs2o3Uju6Ta6pUn0vc7jJ41NkCcjqdptrQZuOHxnqc_45CqGJDWeD6WTz5L0tIXAXAzI6NqMDFw8_BPHErmV6-PYY8msBjRK9XmbbGRnfB95WtFygj5qPWmZ1RtIJ1tjAy_idEkfsopBBRhUjTm5cRjdwEZZjfSloMjbNKwaQe4vFe--8C4CD24SLLnkKr6rJXe255MbLR85Ye54fxOw13892EyPoHscoWtLKHb-QoRZ2s-uZLEhx2u_EB-CfKxIyt_-_V4lCH-ar3EtihtkCa2YA-XEtBxizz1i4Hu41nQeUn1j_WjjYvb7nxksurWTu8u7D6aN5k5aWazXU2qTdihNgftJMcko9x_HNW_pJcMAfPJ_kiyntuYVdorTz5_AE0IJp3yRCtS1zd348TO8-rR4xo7njVqQqJBWt0EIUG1xhGYoBqxi3LXwOB1ZdQ9nkehi7JV6CbqlL_TgyAR0rZ1zdNMyGQikWq-mI8Mb1R_vuS-1WvGgv03_94APod9jONdorYacEdu1D7_Sw1WJaAL434Vn3Qsf6Omd9v1_6z44XeEggIcaTyJJfxQQEml3CkEy2e-AyOCdQMpDPKgSkCy-2iwJd_47DB0CL_wc0sDusAqEUx9c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
events
api.permutive.com/v2.0/batch/ 		101 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
3d44b01942293d172a5bb0d41eca2b7aa7e69d3f8a60b9aec7342c3f9e30dc1e

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 17:46:14 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
sdk-runtime-config.js
buy.tinypass.com/api/v3/anon/assets/ 		266 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=KlFb8Hg2nS
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2e7bf563339b38d951e1d0b887d65f8f596c805e5255a61646a4bf236d0b55c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:14 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
5292
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
M2yfw6sD1LM
wn
prod-dash-10-0-137-179
last-modified
Sun, 07 Jan 2024 16:18:02 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.003
cache-control
public, max-age=14400
cf-ray
841e04e139e38ff5-FRA
expires
Sun, 07 Jan 2024 21:46:14 GMT
p
sb.scorecardresearch.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=19&c2=10276888&ns_ap_an=unknown&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1704649574936&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20120.0.6099.129&ns_ap_ver=unknown&ns_ap_sv=7.7.0%2B211006&ns_ap_bv=7.7.0%2B211006&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1704649569934&ns_ts=1704649569934&ns_ap_cfg=1110101-110-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&ns_ap_install=1704649569934&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=1600x1200&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Ftorontosun.com%2F&c8=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:14 GMT
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
l6pmWOf6SArej7dPBqRR2nxWmxGsNyywQC_UMgax6DKkvqcYk52Gjg==
envelope
lexicon.33across.com/v1/ 		49 B
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&gdpr=0&src=pbjs&ver=8.23.0&coppa=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 17:46:14 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://torontosun.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
async_usersync.html
acdn.adnxs.com/dmp/ Frame 27AD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
44402
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 07 Jan 2024 17:46:15 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 05 Jan 2024 05:26:09 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
281, 269981
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220113-FRA
X-Timer
S1704649575.156132,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 24FB 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Jan 2024 17:46:15 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
postmedia-d.openx.net/w/1.0/ Frame D836 		199 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://postmedia-d.openx.net/w/1.0/pd
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Sun, 07 Jan 2024 17:46:15 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 167A 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
641
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
841e04e42dfd453a-TXL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 07 Jan 2024 17:46:15 GMT
expires
Sun, 07 Jan 2024 21:46:15 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C794 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=75340
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 07 Jan 2024 17:46:15 GMT
expires
Mon, 08 Jan 2024 14:41:55 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 8A5D 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2012%2C2034%2C2033%2C2055%2C172%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C237%2C459%2C70%2C97%2C55%2C77%2C2023%2C2022%2C3012%2C262%2C461%2C244%2C201%2C2039%2C246%2C4%2C203%2C326%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0f7afe8a3a99c33052ff8f87b816b50e01acbd0d1c18d079457168bc8da4ef4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://torontosun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
8365
content-type
text/html; charset=UTF-8
date
Sun, 07 Jan 2024 17:46:15 GMT
expires
Tue, 09 Jan 2024 17:46:15 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.js
eus.rubiconproject.com/ Frame 24FB 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
094400fb43c70285180192f21c9f677821824153b56f4d886169102c35ecb443

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 17:46:15 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Jan 2024 22:07:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15663
Connection
keep-alive
Content-Length
13174
Expires
Sun, 07 Jan 2024 22:07:18 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4119 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9470632d5be4c77f66994160bb25587fea42b13aa75f7f32f2182e0c9a454226

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
841e04e47a9c2675-TXL
content-encoding
br
content-type
text/html
date
Sun, 07 Jan 2024 17:46:15 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkxAVnUuKis788wjnpCshEGOv0uP6hyR48DXXJ2MZeCUlHViDi8NwjfIESSapba14PUemaqwoSxTioulIvMqZV1p4BQxeQLA5jgJ5cRyrKONeXo5ILJYevJv86xMjzXCk0oewpl%2BYKRWTA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame C794 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4804655&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:13 GMT
content-length
0
khaos.json
token.rubiconproject.com/ Frame 24FB 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e06182bf224d96e6550f4595601cdb0b
Expires
0
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.73.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-73-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 07 Jan 2024 17:46:15 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.73.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-73-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 17:46:15 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
31327
i6.liadm.com/s/ Frame 4119
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZrjY28SiV5HO8ECgTsU7wAA%261164&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZrjY28SiV5HO8ECgTsU7wAA%261164&gpp_sid=&us_privacy=&gpdr=
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZrjY28SiV5HO8ECgTsU7wAA%261164&gpp_sid=&us_privacy=&gpdr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:f339:4051:d8d6:6b16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 17:46:15 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZrjY28SiV5HO8ECgTsU7wAA%261164&gpp_sid=&us_privacy=&gpdr=
Date
Sun, 07 Jan 2024 17:46:15 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
4
ZZrjY28SiV5HO8ECgTsU7wAABIwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4119 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZZrjY28SiV5HO8ECgTsU7wAABIwAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:4577:47d8:bc2a:f25c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 4119
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6650209596989467607
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6650209596989467607
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8pvohyZi6YapwzmeazuJhTVKPPZBGV1zah3VYpt35%2BemS7AZfOJ%2F%2Fs9G5fk6rYoYoBBJ4qhTwnit1RbOV0zb36GDyAevUjiXsMQVFy%2FGQWFWBYJLdlBtU7271AZfKxjLqbugtzFYT9dIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841e04e53c612675-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:15 GMT
an-x-request-uuid
69dd5cdc-18dd-4aae-ad14-70146520c1d8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6650209596989467607
x-proxy-origin
80.255.7.106; 80.255.7.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 4119 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.42.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-42-196.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 07 Jan 2024 17:46:15 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4119
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=lgVBMEa01RmxdZ5
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=lgVBMEa01RmxdZ5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOv7vjagqzHkuu3RnI6lMhg4O9kvbDkrX%2BRZa0EgopNQKy4D2q3xFAeq2ppkpPINRalShLFxbYxgl7NSj%2F7FzxMlnyL9Xuy%2BR8dATgz2oPOPw7CdV2J3xxWAbOti2SROu3MCpAiLATka%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841e04e66eaf2675-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 07 Jan 2024 17:46:15 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=lgVBMEa01RmxdZ5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4119
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ixDaez5AVdZF4DNCFeqHeFD_B2o
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ixDaez5AVdZF4DNCFeqHeFD_B2o
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYXB1oC6T7SLoQBUo%2FIPbC3cBknNVme2LMKT14qStbWpGQLGpMTho%2FXcpwZ7r5mIDI16NO992L4G22AzBbFNE2s8CFw3rHWnOzsjABWZFVmcQZa82UVl69VBnJ8Brts0QcL7tS7A1yOUuw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841e04e7f9c82675-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ixDaez5AVdZF4DNCFeqHeFD_B2o
Date
Sun, 07 Jan 2024 17:46:15 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 4119
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZZrjZwAMzDIWHABH
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZrjZwAMzDIWHABH&_test=ZZrjZwAMzDIWHABH
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZrjZwAMzDIWHABH&_test=ZZrjZwAMzDIWHABH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpWOjgz5BrTclNnvpmnakLwbxDoWqs0Z2vOoT6PUPqDeV97iisWXeBY%2Fm7TQHJcqflnagoxkJzJAryMsYI72Y87Q8M0XEieCyNNYSs3LRpkBbltIRJXSSHmip291TrlGHeSjU2vx4yyn4g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841e04e6af0c2675-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-fra-etou8220055-FRA
pragma
no-cache
date
Sun, 07 Jan 2024 17:46:15 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704649575.428004,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZrjZwAMzDIWHABH&_test=ZZrjZwAMzDIWHABH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 4119
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322330559743413
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322330559743413
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ITQnnqQ7TF5EGNMbvj9TzR0hgCygzm4isJPHnZf3aJx%2FGShPNxTwRnVEBDmYnksIoLiiJ6Jno%2BbYlReoLC7tE014B9Nal0JchPd8AYkEw846Obj5v%2BkH7JVDx3FV56SvIKNaoXGUFCPmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841e04e62e482675-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322330559743413
Date
Sun, 07 Jan 2024 17:46:15 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
htw-pixel.gif
cdn.indexww.com/ht/ Frame 4119 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZZrjY28SiV5HO8ECgTsU7wAA%261164
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftorontosun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:46:15 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
36184
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
841e04e4e818453a-TXL
content-length
43
expires
Mon, 08 Jan 2024 17:46:15 GMT
async_usersync
ib.adnxs.com/ Frame 27AD 		0
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:15 GMT
an-x-request-uuid
2f0ef19e-c96d-4833-91f8-49612efbd676
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.106; 80.255.7.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://torontosun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
841e04ea1d4c37f1-FRA
date
Sun, 07 Jan 2024 17:46:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKr2IGSjqO6r%2F3nGqCxel4qfWtg0kKqYTIOzlgCmVcTYy2n9fC0P88tyMAy7FNRWQUhwTiusTXUS3rLddn46gVoIq31ZGCS9f1whnH9Jn6mjF8xOHt40s5H%2B8QSUi%2Bsd9144zgr8SKPR0HFm%2BAU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 17:46:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryGSXwZTyJr3%2FXamk7Td%2Fqf9vbRXdVI2B9iDEeKiUJoncLw3u6MWKz4VWxXMRXBsiLie9fm%2F7zOasE74S%2FT9aOn9KlcKKq%2FkwJ1j4L6I8nF4O6P%2B6WowK2n0L3eH%2FiRcQVc6o%2FKPaMK0G9LX9OA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
841e04eafe3937f1-FRA
content-length
0
async_usersync
ib.adnxs.com/ Frame 27AD 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:16 GMT
an-x-request-uuid
e4ff6fd3-beee-4431-9cb2-6051fef4c639
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.106; 80.255.7.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H792QCFZPV&gtm=45je4130v880952819z8854753396&_p=1704649570808&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1389705724.1704649570&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&dl=https%3A%2F%2Ftorontosun.com%2F&sid=1704649571&sct=1&seg=1&dt=Home%20%7C%20Toronto%20Sun%20Home%20Page%20%7C%20Toronto%20Sun&en=page_view&ep.debug_mode=false&ep.gtm_version=55&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=15.1.1&ep.fem_version=v93.0&ep.brand=Toronto%20Sun&ep.timestamp=2024-01-07T18%3A46%3A11.639%2B01%3A00&ep.ga_client_id=1389705724.1704649570&ep.main_category=index&ep.metered_content=false&_et=24&up.client_id=1389705724.1704649570&tfd=8339
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://torontosun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:46:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://torontosun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multimedia.php
events.newsroom.bi/ 		12 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/multimedia.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/e0a4db8779dc244a772e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.30.128 Domont, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy08.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://torontosun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Jan 2024 17:46:17 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://torontosun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| documentPictureInPicture function| setNptTechAdblockerCookie object| script object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| jwpServices object| jwplacements object| _comscore object| _taboola object| webpackJsonpFrontEndModules object| tp object| __iasPET object| FrontEndModules object| googletag object| permutive object| apstag object| pbjs object| diagPixSentCodes object| __iasAdRefreshConfig object| ggeac object| google_tag_data object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apscustom object| pbjsChunk object| _pbjsGlobals object| mnet object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| BlockAdBlock object| blockAdBlock function| _typeof object| TRC object| _tblConsole undefined| msg function| handleLiveTapResponse object| webpackChunkdjango_content_services object| htmx undefined| google_measure_js_timing object| COMSCORE object| ns_p object| ms function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id function| __spreadArray function| CXBootstrapLoader function| identifyRootURL function| generateDebugLog object| __permutive object| PublisherCommonId object| Criteo object| Sailthru function| CXBootstrapper object| _33across object| jwDefaults object| webpackChunkjwplayer function| jwplayer string| nam object| placementData object| ns_ number| timeoutId number| google_unique_id object| gaGlobal string| iasScores object| cmTag object| jwpb object| _cm_wfCounters function| WebVTT object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_508866 object| closure_lm_665513 object| System object| cast object| vf object| vfQ boolean| femCePnIdReadyTriggered object| dataLayer object| mParticle object| gtm_data_layer function| __extends function| __awaiter function| __generator function| __sc_import_cx_overlay object| gsapVersions object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| viafoura object| google_tag_manager function| postscribe object| google_tag_manager_external boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp function| onYouTubeIframeAPIReady object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle boolean| cxsyncadded-202197 object| cX function| cxCCE_callQueueExecute object| cxTest object| mpartical string| GoogleAnalyticsObject function| ga function| e function| t object| marfeel function| fbq function| _fbq object| PARSELY function| autotrack function| gtag object| PianoESPConfig object| ari object| gaplugins object| gaData function| _ga_originalSendHitTask object| __connect object| owpbjsChunk object| owpbjs object| PWT object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 undefined| cXJsonpCB1 object| Ribn object| GoogleGcLKhOms object| google_image_requests

90 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARD1FgoJCP____8HEP8W
i6.liadm.com/s Name: _li_ss
Value: CgA
.torontosun.com/ Name: pbjs_sharedId
Value: c6e0884e-1e61-459f-ab81-8bf2d7bdaac6
.torontosun.com/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
.torontosun.com/ Name: permutive-id
Value: 482680f6-8665-4539-9ffd-29d0651b15a9
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/ Name: pxid
Value: befd25a2-e25e-4f62-8660-cb592cf5052e
torontosun.com/ Name: __adblocker
Value: false
torontosun.com/ Name: sailthru_pageviews
Value: 1
torontosun.com/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1704649569671,"mac":-1329300338}
.adnxs.com/ Name: icu
Value: ChgI5PFMEAoYASABKAEw4cbrrAY4AUABSAEQ4cbrrAYYAA..
torontosun.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D0a624e20-2526-4739-810d-8903a40a64e3-tuctc9468e1
.adnxs.com/ Name: uuid2
Value: 6650209596989467607
.rubiconproject.com/ Name: khaos
Value: LR3SC9YI-1F-BPYZ
.rubiconproject.com/ Name: audit
Value: 1|yQuirGeEF6DlnaIHuyjpVQNb0fGVcfL/XWaA1sYWTLHiXIXbtn90wwPdj8Q3Jki6Do2K011bXXdE/84BBg91bSYbB5SW5XQ3bEZ4ejAm8TEijy0RC4Zd8Ri5j99IjSR+
torontosun.com/ Name: sailthru_content
Value: 2daf89bab868e9ce42ab0131ed955a5b
torontosun.com/ Name: sailthru_visitor
Value: a1ea0e77-87e0-462b-86a8-d1192c7cae1c
torontosun.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
torontosun.com/ Name: x-id
Value: {"data":{"adLight":false,"adLightDisabled":true,"id":"c3wg4woyyi5k7suod9ocycf5xj8whwbr","updated":1704649570801,"printSubscriber":false},"exp":604800000,"ts":1704649570801,"mac":-1037942898}
fem.gprod.postmedia.digital/ Name: x-id
Value: {"data":{"adLight":false,"adLightDisabled":true,"id":"c3wg4woyyi5k7suod9ocycf5xj8whwbr","updated":1704649570801,"printSubscriber":false},"exp":604800000,"ts":1704649570817,"mac":-1037941751}
.torontosun.com/ Name: __gads
Value: ID=5f868743753663b7:T=1704649570:RT=1704649570:S=ALNI_MaGkcd_G_2kRDjr0AuFrVMwnECZ9A
.torontosun.com/ Name: __gpi
Value: UID=00000d3c1c53084f:T=1704649570:RT=1704649570:S=ALNI_MZsHyKuwIx-xtD59VprmXi-TPdVxA
.torontosun.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOBmADgFYAnADYALIP69uonh34B2YSAC%2BQA
.torontosun.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lr3scb6crlzb0e5h%22%7D
.torontosun.com/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
torontosun.com/ Name: __pnahc
Value: 0
.torontosun.com/ Name: _ga_72QH41ZTMR
Value: GS1.1.1704649571.1.0.1704649571.60.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUkTTtoRtcT28uE-_Wp2lFQNu6KYN93I4mMets_g9C_vikqUfaZFNBnmZlrB
.piano.io/ Name: __cf_bm
Value: Rj5lzy77clSZUs3nEq8LnU1fjuObnqfw3IUuizPc6kw-1704649571-1-AX9wyr0Odbli0sFd7L9V2gKu3sp3EOlkbRKGP5qE5BCiHR63CzppJMjnA7IH7Pdsp6NfzV0QGRMjuoPFlN8ODqc=
.torontosun.com/ Name: __tbc
Value: %7Bkpex%7DnuZkdmAPPUaV7nGF3L6esnKoLORISYgvSlHWn10MmHgyusT-iX7iRgMPWy9VtxX7
.torontosun.com/ Name: __pat
Value: -18000000
.torontosun.com/ Name: __pvi
Value: eyJpZCI6InYtbHIzc2NiNmo3ZGJoZnlxcyIsImRvbWFpbiI6Ii50b3JvbnRvc3VuLmNvbSIsInRpbWUiOjE3MDQ2NDk1NzE0OTJ9
.torontosun.com/ Name: xbc
Value: %7Bkpex%7D7NMm5YcmwS36K7BA8H63A04nc1ZAh6s-dDmMZQoYFpzcX2u0npHHG0lNmcVwxUDYSRMDDEWxC2kbCzUmsUy7-fR-O3SP1eHmUOmngSIP-AY
.casalemedia.com/ Name: CMID
Value: ZZrjY28SiV5HO8ECgTsU7wAA
.casalemedia.com/ Name: CMPS
Value: 1164
.casalemedia.com/ Name: CMPRO
Value: 1164
.torontosun.com/ Name: _gcl_au
Value: 1.1.845255463.1704649572
.torontosun.com/ Name: cX_P
Value: lr3scb6crlzb0e5h
.doubleclick.net/ Name: APC
Value: AfxxVi7fGUiB-5IziFBnoVAyt_Jjc6I1WllZ5XYw5cTjcZTUfuDuWQ
.torontosun.com/ Name: _ga_H792QCFZPV
Value: GS1.1.1704649571.1.1.1704649571.60.0.0
.adrta.com/ Name: __aavi
Value: 10023777668853151896
.adrta.com/ Name: __aavt
Value: 1704649571587
.adrta.com/ Name: __aasi
Value: 7058005162755445459
.adrta.com/ Name: __aast
Value: 1704649571587
.torontosun.com/ Name: _ga
Value: GA1.2.1389705724.1704649570
.torontosun.com/ Name: _gid
Value: GA1.2.92137773.1704649572
.torontosun.com/ Name: _gat_UA-213173459-5
Value: 1
.torontosun.com/ Name: _gat_UA-114648105-14
Value: 1
.torontosun.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://torontosun.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1704649571719%2C%22slts%22:0}
.torontosun.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=9d53c084-9526-4826-afa7-e111a43d9dd7%22%2C%22session_count%22:1%2C%22last_session_ts%22:1704649571719}
.torontosun.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1704649571%2C%22currentVisitStarted%22%3A1704649571%2C%22sessionId%22%3A%22a78b1232-e783-4e81-ae0e-83e2fe8ae661%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//torontosun.com/%22%2C%22referrer%22%3A%22%22%7D
.torontosun.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1704649571%2C%22userId%22%3A%22deaa696e-4f97-43d1-8cca-f2ac0fa3b3b1%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1704649571%2C%22timesVisited%22%3A1%7D
.torontosun.com/ Name: compass_uid
Value: deaa696e-4f97-43d1-8cca-f2ac0fa3b3b1
.viafoura.co/ Name: VfSess
Value: 4tabu1p26hahhm3tceur2a5ktf
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
.torontosun.com/ Name: _fbp
Value: fb.1.1704649571926.961098404
.torontosun.com/ Name: _ga_QZZLREHFVM
Value: GS1.2.1704649571.1.0.1704649571.0.0.0
events.newsroom.bi/ Name: 1528_u
Value: deaa696e-4f97-43d1-8cca-f2ac0fa3b3b1
events.newsroom.bi/ Name: 1528_s
Value: a78b1232-e783-4e81-ae0e-83e2fe8ae661
events.newsroom.bi/ Name: 1528_lv
Value: null
events.newsroom.bi/ Name: 1528_ut
Value: 0
.torontosun.com/ Name: mprtcl-v4_4662F03F
Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'a801083b-bb47-4ce4-f4a0-0d503b456e17'|'das':'749f3622-fe87-4732-b5cb-943e3c802eb0'|'csm':'WyItMzI4MjgxNTk0NzY1NzM0NTM3MCJd'|'sid':'E2C4F6D7-D3A9-4A33-0440-F72A88C04ADC'|'les':1704649572139|'ssd':1704649571278}|'l':1|'-3282815947657345370':{'fst':1704649571765|'ui':'eyIwIjoiYzN3ZzR3b3l5aTVrN3N1b2Q5b2N5Y2Y1eGo4d2h3YnIifQ=='}|'cu':'-3282815947657345370'}
torontosun.com/ Name: _vfz
Value: torontosun%2Ecom.00000000-0000-4000-8000-d11b93482c8b.1704649572.1.medium=direct|source=|sharer_uuid=|terms=
.torontosun.com/ Name: _vfa
Value: torontosun%2Ecom.00000000-0000-4000-8000-d11b93482c8b.10c03c01-3e56-4355-aa76-0f8145a2a8d9.1704649572.1704649572.1704649572.1
.torontosun.com/ Name: _vfb
Value: torontosun%2Ecom.00000000-0000-4000-8000-d11b93482c8b.2..1704649572....
.brand-display.com/ Name: _knxq_
Value: a0c919ee-7e61-0682-16b4236d.1704649572.0.1704649572.1704649572
.cxense.com/ Name: gckp
Value: 29jpccu5hvy4e1p08w0njcg6op
.torontosun.com/ Name: cX_G
Value: cx%3A29rdc04x1w2vh1qa4nlr2z5rhs%3Aqio02vd3mh72
.mediago.io/ Name: __mguid_
Value: 746ded226e243b2f2l5i0y00lr3scc1n
.amazon-adsystem.com/ Name: ad-id
Value: A5mUhUE4uEamiRZJkD175Uk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.viafoura.co/ Name: vfDeviceId
Value: c2f612ef-5296-47d4-a5d9-0a8b3db0f3bc
.liadm.com/ Name: lidid
Value: 6a8d2fef-5842-43dd-8e57-f5cbff3f8c01
.criteo.com/ Name: uid
Value: 3643f735-dd72-42dd-bbea-42729705fff0
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.torontosun.com/ Name: cto_bundle
Value: MFCmeV9uN2NENDdFZHo3Um0lMkZPcHc4ZHgxV0c3TlpmQWU0RHA1eCUyQkhBSzE0dGdSUGslMkIlMkJmUXBTNkVSVDZhUHhIWVFDUFZTUzZKWFBqdWR2TUlqMzhmNW9nenF1MXZVZkpvTzNEaDlOWTZiR3gxdktGUkJBJTJCNkNSQ21SdlBYaTUwMDJ6dDNHVm0lMkZ4SlAxU3hlQ0ElMkJJWE51SDBoUSUzRCUzRA
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adnxs.com/ Name: XANDR_PANID
Value: UiGIwEVvS6x_WALCcS3me6BcFzGnoxoNV8FdxwgbohZlBRTBJ5hw5zZOk3CS4MY0K43eKPOoFnBEuIbrHqPvv6bwvtuGJeZlTPISbyTtrek.
.yahoo.com/ Name: A3
Value: d=AQABBGfjmmUCELrYF0EqwEmHCeaslp9qU7IFEgEBAQE0nGWkZQAAAAAA_eMAAA&S=AQAAArPEqzn9ZjQDS0bD4HOOF8A
.w55c.net/ Name: wfivefivec
Value: lgVBMEa01RmxdZ5
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtobmBiZmJpam5qbGoAAM7RbyUQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2NjA1tTQ3MTYxNBbiM9QNdE_2cKsqsvAxTQwCAFKOt68lAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2NjA1tTQ3MTYxNBbiM9QNdE_2cKsqsvAxTQwCAFKOt68lAAAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZZrjZwAMzDIWHABH
.w55c.net/ Name: matchcasale
Value: 5
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8b10da7b-3e40-55d6-45e0-334215ea8778.NrFVdA%2FNaZ4%2FprvyJPqinKSMtufiyR6E%2BpueMO%2BP6d4
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8b10da7b-3e40-55d6-45e0-334215ea8778.NrFVdA%2FNaZ4%2FprvyJPqinKSMtufiyR6E%2BpueMO%2BP6d4
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AixDaez5AVdZF4DNCFeqHeFD_B2o.jvvh9MlaI297iaYlxK4PPt90bMHJhJcDBuGI3et2UqI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AixDaez5AVdZF4DNCFeqHeFD_B2o.jvvh9MlaI297iaYlxK4PPt90bMHJhJcDBuGI3et2UqI
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGcZMhrjYYmEOCk2RSYKnfrz_PEwls0VDOa1ocI1WZd4EHwYBCDnxuusBjABOgT90vuTQgRKHw27.482qsxBk2r04a3H1hxIG0kOLFwWDqsF8FA4pvCcreI0
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGcZMhrjYYmEOCk2RSYKnfrz_PEwls0VDOa1ocI1WZd4EHwYBCDnxuusBjABOgT90vuTQgRKHw27.482qsxBk2r04a3H1hxIG0kOLFwWDqsF8FA4pvCcreI0

3 Console Messages

Source Level URL
Text
rendering warning URL: https://cdn.jwplayer.com/libraries/dchHpZtp.js(Line 9)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 503)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
aax.amazon-adsystem.com
acdn.adnxs.com
ad.yieldlab.net
ad4m.at
adrta.com
ads.pubmatic.com
ads.rubiconproject.com
ak.sail-horizon.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ap.lijit.com
api.fouanalytics.com
api.permutive.com
api.sail-personalize.com
api.viafoura.co
assets-jpcust.jwpsrv.com
assets.ribn.com
auth.lrcontent.com
bidder.criteo.com
btlr.sharethrough.com
buy.tinypass.com
c.amazon-adsystem.com
c2.piano.io
c2shb.pubgw.yahoo.com
cdn-ima.33across.com
cdn.adsafeprotected.com
cdn.cxense.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.parsely.com
cdn.permutive.com
cdn.taboola.com
cdn.tinypass.com
cdn.viafoura.net
cdnjs.cloudflare.com
cds.taboola.com
cm.g.doubleclick.net
comcluster.cxense.com
compassdata.mrf.io
config.aps.amazon-adsystem.com
config.lrcontent.com
connect.facebook.net
contextual.media.net
dcs-static.gprod.postmedia.digital
demand.qortex.ai
dis.criteo.com
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eba10c048bb1fe3efde6397d0fa831a9.safeframe.googlesyndication.com
edge-auth.microsoft.com
entitlements.jwplayer.com
eus.rubiconproject.com
events.newsroom.bi
events.qortex.ai
experience.tinypass.com
experiences.mrf.io
fastlane.rubiconproject.com
fem.gprod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i.viafoura.co
i6.liadm.com
ib.adnxs.com
id.cxense.com
identity.mparticle.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
ipv6.adrta.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
lexicon.33across.com
match.adsrvr.org
match.prod.bidr.io
micro.rubiconproject.com
mug.criteo.com
onetag-geo.s-onetag.com
p.rfihub.com
p1.parsely.com
p1cluster.cxense.com
pagead2.googlesyndication.com
ping-meta-prd.jwpltx.com
pips.taboola.com
pix.adrta.com
pixel.adsafeprotected.com
placement-prd.jwpltx.com
pm.w55c.net
postmedia-d.openx.net
postmedia.hub.loginradius.com
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
prebid.media.net
q.adrta.com
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
sdk.mrf.io
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
smartcdn.gprod.postmedia.digital
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.adkernel.com
sync.srv.stackadapt.com
tags.catapultx.com
token.rubiconproject.com
torontosun.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
ups.analytics.yahoo.com
videos-cloudfront-usp.jwpsrv.com
vidstat.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.npttech.com
x.bidswitch.net
104.18.35.167
104.18.36.155
13.107.6.158
13.227.219.71
13.32.27.98
13.32.99.105
141.226.224.32
141.226.228.48
142.250.186.162
142.250.186.66
143.204.98.87
151.101.129.108
151.101.129.44
151.101.130.49
151.101.65.44
152.199.22.243
162.19.30.128
167.235.124.59
172.64.149.180
178.250.1.9
18.165.201.79
18.185.12.185
18.196.198.248
18.239.69.131
18.66.96.174
184.30.20.22
184.30.22.30
185.64.189.112
185.64.190.78
193.0.160.130
2.19.244.232
2.23.78.67
2001:4860:4802:34::36
2001:4860:4802:38::178
23.197.120.249
23.35.237.75
2600:1f14:b4f:4b01:e956:729a:ad86:b3cb
2600:1f18:44f0:4848:9168:e8ca:4c02:4000
2600:1f18:ed:550e:f339:4051:d8d6:6b16
2600:9000:20a0:3000:8:2ae1:d740:93a1
2600:9000:20a0:4c00:1b:6b7c:c940:93a1
2600:9000:211e:f000:0:723d:9040:93a1
2600:9000:2250:9c00:15:2b26:f200:93a1
2600:9000:238d:9000:1:a3fa:7cc0:93a1
2600:9000:2491:2c00:2:cecb:23c0:93a1
2602:803:c003:200::45
2606:4700:20::681a:13e
2606:4700:20::681a:bd1
2606:4700:20::681a:fe4
2606:4700:3033::6815:325a
2606:4700:3033::ac43:9fa2
2606:4700:4400::6812:29aa
2606:4700:4400::6812:2a4f
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700::6811:7611
2606:4700::6811:c276
2606:4700::6812:4eb
2606:4700::6812:a07e
2606:4700::6812:eff8
2606:4700:e0::ac40:6003
2606:4700:e6::ac40:c926
2a00:1450:4001:800::2003
2a00:1450:4001:806::2004
2a00:1450:4001:806::201b
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2006
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:400c:c02::9c
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3500:28b::268b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:200::626
2a04:4e42:200::645
2a04:4e42:600::626
2a04:4e42:600::645
2a04:4e42::645
2a05:d018:d29:3602:4577:47d8:bc2a:f25c
3.121.73.54
3.65.234.7
3.75.62.37
3.93.133.145
34.107.254.252
34.111.249.109
34.117.54.29
34.120.63.153
34.149.157.221
34.160.19.107
34.225.109.145
34.239.37.162
34.98.64.218
35.168.44.110
35.186.253.211
35.208.249.213
35.241.9.51
35.244.193.51
37.252.173.215
52.18.42.196
52.213.254.91
52.222.139.21
52.223.40.198
52.28.203.152
52.46.130.91
52.57.164.72
54.210.107.216
54.70.81.85
57.128.96.92
63.34.81.234
65.9.61.60
65.9.66.74
69.173.144.137
69.173.144.165
77.245.57.72
99.83.154.140
99.86.4.128
014666951f946bebacac117b840e817dfbf9cb4ae226f850e69178b552c6e36a
02c2db77239e7bc88a52af57a32e192fc743c607bda7f66f21279b8e40feca1e
03365fde75666d418b76da2bdc668f9a070c2f764d3a96bb56e6a678d3a6beb0
0468c4e3b016f8411ce8a2ace79d1451fba8918ff880c845d9285b195f3a3a16
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
077671f0bc5400b5f2b45189bc7a26e1a99e27105a0c853d1317a4ace960d354
07e6168cc4f12c66e03b1c278e8edba4e031a0ce6577aaee54e3cfbe73f2b3b9
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0
0876b1b660da79fad9471d3e15816803e4c8f066cba866063bca01f316f7ec93
094400fb43c70285180192f21c9f677821824153b56f4d886169102c35ecb443
0a633cd18a8ef38d694ec323dfd22731854e161f2ebee27b2eb9870a7df78980
0ae114fd6e3f195baf18bb3aee13ec73a4cf45c5e563158e321e572336ed6505
0b3b527853be89c6cf58ed3010f4a3eef43e61bc98ce229a842c8977d2072590
0ba9741829fcef2b1659404ffdc6889b47ef4f434de5ccbd67aa7172b03d7071
0bc0805d442ae7ead864b82381c168035e8d70535e6f6acea31f4f1caf65ae58
0e07d64cdaa5627d11a6975e136f404a272aad9ced873cfcc90d2f78b6dc6bf7
0e4675008392d09e068b58232da6c30eb2640768fd24d48a77d8d4ec42145b17
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0ee9d3d1e26fe536ae500fb2e92c456951195abc7b4e0ef6a4d3917d7431c324
0f50ec24e42af5b70fb903e28d3965f55ccce70a94aa1070d42fb5614d14e335
0f7afe8a3a99c33052ff8f87b816b50e01acbd0d1c18d079457168bc8da4ef4b
102879bcdf1bb8d7079cbf09cd33581139013f7a0b109c64fd2a8f9511f3cbf7
10bab8fa8b44619c030dfc898a90c7fecd3cfff62ae2a38088f8251fa2d8ae00
10e7079b404c6321d8c9549dbd28736f3ca875ea3ffe282294ffd95f6b2b75e0
11006991c45fb65b530c1945894d4797e0b957a575895c27ae8e4326238ffeb6
1185218883cb5ec765c3292aaaccf15869b99c089b1c938266134666608a6ba1
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
15c6cc98266d6c47464af2861b51e17b34f69a0b319b1b33a765c47e3fd7edc0
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5
185113239a6613ca82207e73bb41dcc84ce2274da2732f6ece828c207f2f060c
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
198972eba33cc7147a2bbe5ad68e947a17961a4bb43b8f418e0dc4fb2a642950
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1e11545f37f9b79411db316051568e9232e4306b7b86a1fc28195596d21a8839
1e38b34f5e554ecc517a3683ee9069abd73cd1ffa79d307ee12782802ae2a18a
1e6494c24a33dbdd3877c44a0aeabfc32e356a8752a7877a1a4af8c08407652c
1f2c6777102f64e5b95adee1024dd12d32f64582ac7e8de739900d5fb5ac5387
218fca1af5e690dc4bd3701e2b705944315d2c6c95f83eb5eaee6d4a8306ea53
2196688d207f9a82188db611ae912978d9c8216c2b4315784871bce6d42846d8
2264a47c142662847172ff157d15c920fd0896e2fbd7b9b10b341f3641d2afb4
22f2060365e34c12dd716fcfb19b771866ad57259178c974deebb5fa30f31095
236212c07aab919dcda0385dfb06993371f1b85a7f813787d9c5366052a8fb99
240a94e8963ff253faa42480af807282fa3e24041c4e5b498ceb92af8aa224b3
243fd6a3524758d0723c4287271fd1b787c09bb0fffba8112d2bd21515aed220
2480aebf0a0768478196d3e12e9c5c7677346c2e932294ebd0a24c58b03cdbe8
261acc88c18ab354c282b379daa39e3365044f94c6f26223faa7bb040c59673a
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
279293cff4cfc93f69817f35816edd31da345660af3f03926d6fd640e091bba4
283bf04348401745cba12948dff099e3af8498c5c0dac84c005a2b5e95767fe9
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2aa7779577c8f4ff268d5bbd5b13b7d577930c1824b43b4b5442d4c92a695154
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2c6f340c73c5d38b09aec58e548f9c8a81612304ce4ff6c5d328d5cae7971001
2cda89c4ad79baf57e87a1560fc098d546f8cbeff5de45de242458748a77db52
2d192d18d813d82f9b04220a9b66f8494c8599fa496aa75ac822493218adc34f
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
3033192f9c27d05fe285869ad1d098c16099ac8630742f72ff000a3570f36817
30f25e81c256d0985a5bf21776bfae5456e07f49c400790a58b51cc29bc559e3
3110eaa86beb20727aa97ee97ce3de0cf5d2da465ad31a28cf69cfbd797dd009
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316d9a3b20eecd0d75bb9c4598d6086d2aa453d1cd42a5b7d4abed7d8c6ae545
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5
3453badf9d7b19aeb5d5f8c9c99b712316e6e5ed4396936a63c3a6bf3e66701e
35c68793d2f580c3750d841110c173df70c6e85d3339b42edad4cf0854392700
37dbff3585ffc11e82ba63e5cc80c788c0f81d8fd4b80df9870c19cc5279951d
384b0dd2e187bb8889133a0d349a46604b5f53319c939b57436d8870812f5894
385a051b07e00b731b5ee93df0ada3f76eec9420130d044174fd47f8a7541110
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39576b50491c1d4466297fb53cac1d3825020f8cfc147346f83e49f236513c4e
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a96f498b6c3e6b3d6434149ebffc12c9431b32654bdc070c05ba8955aed7692
3ab4fe56d9606eb6a9ac28512fcc7949671c49f18b06f935f3a07033a5ee3150
3bdd66f75a3e158453a1841639637ab7385e2a39ff16d356925d1c6b3e52f6b9
3c5b584817a547de78b1d37a6c7e65fc36cb2f74abb5e7fb01e1d91579c59f05
3d44b01942293d172a5bb0d41eca2b7aa7e69d3f8a60b9aec7342c3f9e30dc1e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3de639f2f0ebcd89f4a882c98be04e22bbba56324d5ebe2c510fdfdb2e669840
3e72ffa59a0684c988173f4ea0d75435f8ff50995c92974aa316288efe96a539
3f7da1199c6a289b6a2ebd119a089e02760f568d0320e461b26cf731a1178d61
3fdab3da391ae1e43d38ff3be5356721fb06390f89a2a7d979441dee9a342175
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
409eb6fa5259239312d230eb977f4517ab437e60dc4597af28c7d4a71669ac2e
40ed3b89fade638800c03f78ff73bfea631b35464612ed1797cf0e4100d44f47
40f32e66aa62e3c8204720cae7628b70f2df9ae39ee466f9583446827bd9aa75
4111435306c15144fcdffc5299d1eed1fae96cbdf46d97addeda362cfa610651
41fa01c782917e3f2c7ec4c60602f471ee628280908b71da13d4b127626ac85b
42716b1e53a7779105575276cedc2e75677bc64e77b0a712bc0d48e2479abd98
4275e975b10c0442204670600fdca7dd0f50134a1de11d67755befad7f4ea118
42ae702fc0851e21873dedaddeff9d2677cf5f70abd940bcf55cbec8d49320b6
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43a42702c59bc37d11cb776ffd904de25fe945c6028ef290dabfd0e977a88366
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
4406ec0b1c3096c47cc81ccd957221894a1b848a562b1715993e7a61da1d8b97
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4504c79d93d43db47ebb5f33d451787d9e6f4bd0318d8e0973a0f0b27c74d19e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476f23c3ccf2937fcafe45c3b5c80c950d48a6d080132131a0bf0a5e35d77ebf
4828921796abd897af9afdbe28c87173093baea0fa58c5013f31ef013aa6f1c5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2
49a7373ef1641cbe63566afca96c9a0f0219c7924ab2281219054aa7846dbbfc
49b39ce728ca217287ac45adf49820563a226d2b7190b68e82ac8c19ebdbf8a0
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692
4da325f33603cea1c0fb888724333710a30f485bd6bacd5bb5c3cf094c1048f2
4dcf78b31f69c1674cb5a75cd5fd5744538b50eaf34076396d9cf54acebee6e4
4de084d8fca9ea129b962bb08ca954168391abd13473a0eb6f60a0cd4145a2be
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e66a39def7fdc2eeb21ff917fe7a85c18235df3900133631839b194bddcdabe
5122fe576162260e3acac3a1c858f95ed8f08c86652914ec338eb0cf15188550
531dd530899d5c89c1c766c0ca463c5e319a84044ebde699ec95b633807025a5
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d720d925a6be95af1a58233289cf84f06618a7fc9c70fe8e91fe06af0f5a4a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5786d4d31f54ab94531f4c551ce00a85f3286c6dc564c9634789e2b59405644e
597b605a9e5f97b7dc453fa0a6a593b25e6d6b39d603a8735c7b5fad32ec5e3f
5b2235f368177459bb062c822eee7926fd1133945771090dfd1493b66c223399
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5b8e90150baf5a2af5b6cd13b3e0cbef7533fcc1bc0534d8a1acbd55307e9ff6
5c517ea7fc2e8e584f8a7e41a884ecdb298e19132cca965c86f203b1d497fef6
5d09cb7ee7ca0b5197e35281a401882b36f2be6a08dc219adcad051d3111b1fe
5d410b4aea9f38a035bdc4323315891f9e798d297e3e3db8d000f6e63f54cb51
5db1f04209d2d64905b19f31ae793b2feb6e633807f20763ee1410ac1f3837b6
5ded3ce8adb51d45f7c9d3031d23fa9e5677a315ce349985e590c6204615c255
5e0911dfebdee9d252a2ed4c2c0c4cf5d0fb63aab40b3a1d416306cd65bf0618
5f00f549ea25494b6bfffa7f331418482ca9c670760399328e9dabb40483fcef
5f8bd782654b41d086ecd1d4fd95efce3183a630d3b200cfcc5a9fce2a3d86a0
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61aafdd69b28536e6d5376e8b7b9044da15bb4934410c00591bd18d23f283284
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
64bd62679fbefcfd46fb16c93bccda65b4716fdb1714a7d0912f14601dc082e2
68141a1ebb552cbf8e2a8f333192331f70b0e7451e866c6d7b828049f5756fca
6be53e044a8e84e3c66d8eb5d2f359feba5b32c072ef3456830f32acedb163a0
6bff84e7d1f5c524b06d6b572ca20870ec894706e6f2b96f60e4cd18f238bfb7
6c7a97d4d28ef3df02367d346062cfc9a2b5fc22d1de543ede462d44674211af
6f733263ba0d482063be46904102884233d3e14ebc2818968db52579a7bdaf83
70bf3d5b5f237c256e6b83d5f3dd5937c270ed5350f428daf753c704a7691af9
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
71611e65aa09201d91933a7b4ed3d14d910bbf9060ac7fcd1858a373c47c5b40
7450c5a53a867ee31c22ea245627880c2c05549ea1780a2f3a6783c1e7dd5d78
74fbbbf2aa385ab6d6cc1229c7e1d152591415ef1ee2eea6e6dc39bbbe19cb2c
7770d3a7097cdb1298dcd91c8bc61cf64e414a1d9b14c0c68e9198380c88a78b
77a249f9ef7a5c4e6b3343eb145628fc1a6d90514a0086bf626e5d06a20227d4
77f014b24f1d51b9e8feb12df701a957c14c0be286d6c914975afd019d15a79a
783f11a48510281cda3f5e7e06921371f7934e946d09ee4cd221e97bef5aed01
7841b2f7a0b84802bdeadeaff558c9b0422294280923dd5d7938144b4ffd1da8
797ff45d3aa1cc7ed301909e2676262abf508bc17809bc07ac74060ef68d5414
79856efd88e20be51b8c2d3e8458488d1025cb7f37aec110c821bdbce0a1bb84
79dee0042597950493e8956e9090ddc47c3decbfd1df6331349296d96ea51c0d
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7b9aba0c01a3e4c4a12e43c46de34a659292379b00467f31989e0348943f5b48
7b9e79806c0fcc60d8b82651e31edd8525cf8b61e6dfba353ba6e4df2e4d8c6f
7c8f24757683d5fece3f8af5853e19b1432c3d9110c3f6307b1ea434807eb4c7
7cabb3c0f17d1e7cf705d1809c736c7e7a856b10e6870ac81a628b3bc67bf9b3
7dbd0801af33c777e8154fd40dc58f3b22f0da738c83fae8bb9b0aa6fbdd7d6d
7dbd490a87f35e448cf285f6c7da7e8328d07049f8d08b6a050d97e34e5d8de5
7e8d7dbbafe0d30f98627cd2eb07fb4aca065446f8d1ff29e4c05ce2ba549a90
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce
80c9671594b35dca109b7ecf4d7ca12db35663ba90b6e591fee421a3d3a6816a
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
81d37f2841ffcf1356c3309e1472dab8f57ebcbc702cee7cb6944a28af23d360
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8307383dd24408367e9444fc721e8a56e215b6b1743e2d27983a8f52a21fc8f4
8323d187f54d5e1d3d35691182add7e32fa93c56ce397b0881645cdbd13191a6
8338f4704a3f9873ecc9d7898b30e3938b191b95a1c27de9d6f25b47f6371399
847469f6a44981722b134a771a4b5d115e9731457bb1d3d3f471ee2815770155
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
8574bbfc921d83dd34999c182e5485613fc7d8bc39c417cddaa71dac6bdfb179
879b365e2f6dfecf6cd414de319c88b1c8431dfbc77722771634f61de899cacd
87b85c256b170188318d0d8c695f43153651f18ee7a4788101b65da65ae0b85d
8923b4f2bb98765736f23c71a08a37e09f44734e5ebff0bd587f4db5ab1c9c8a
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
8a4c9502d0943cc6fa52530ec0a36dce3895779e0fd02ee5505d03469f871703
8c8bcf7cbc78bda4fd07428c5047d99bb1fd5b6a962315a4c490df1f6a3cb3b9
8d2ab81ae1f79d2906962a55f5ed982ac440dca9f4d5962b74266ce455cea056
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e2772ae7e6a9b4178e20a772e489c536fdbbc5c7673facbe2aea97d45219b31
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e7efb6ae6f9571dd815db7eee285ce5288648414d2ce024f97135625180c6af
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e
8efe1e083d7c5a03888a13c044d8778686f1c0f813b8a56b8d3f67393266d977
93c45b6c4d23d6de935cc95285dbd06307bb024640cb4c186ddb7cdbc091aac1
943030a2bb4a69de7b031fefa25844e7cfd27154a2ba1f4b05d180a55273ab21
9470632d5be4c77f66994160bb25587fea42b13aa75f7f32f2182e0c9a454226
94c6e6fc97b8a5e270109ce718d50c112e1bc4513aca71b4db432f9f9b47b999
95702f2a23f96dd13a0d81ef2ddf4dd5ca80cc9fa1a190ef80ceacdb9578ea3c
959d0d916d267c94ec1d1bfb179a81166bbb5cb22d6a2e90ea35c4b57941cb8a
960e93d018c45bcf3ec1f8c6094433afdaa268edfd4a1aaf90f4da83a86224d0
9649a2e9a64cddaff27b118c45b2882ba93f77ff516751edd9af61e4846a3c63
98e525abdb0c8037e35411124ae9db53125613dec23bd5f055b89268d9bc3ac8
9a09ba8fc535e7475bb4f72b1772f3332673d3e325ea45c476ba75807733595c
9bcf03daaa21e1555ef79dbea38bab94a013fb8bd54a106895cfcc43ab4281fe
9c90c314a4e75074841d26f214ad56952ed08106bd743438b5c918c98276c8f1
9cf52d15c1e0ff57d8cdac6c233cb3f054ac863245d5e333f68f8995f7c5886c
9d64590c81d441ae84b43e6259d50fa5b1441da3e78316930a503f31afeaf3a6
9d799961163bc310e9b528b76ced3dd459085488c92a0713ce48f2ee67c4a06b
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9e280b188b9ae732c582e6693011c6bf9217713f0cecf086d2b7572114065be4
9edd5080ba31477d99e1ea20b721b25107635f954e55b74d6519d37e9f939f29
9f85a8964e063aa66ae22e30e1e86722714e1fcca4a00ee718a34123620e98a1
9fba1b0797e04bb4e94dffcf9068f89e75b4fa5569dc9efcb5aa72275435457b
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607
a075f92744836d04b6d6baea13c646a1376afa236c13827f37e52420050b3a64
a0bcbbacf9c3059ac66eefef4f4c16cc0c2af179bb419b7b5ed495db23dd92fa
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a30e7f501df585cbaa72873bde803d922372e99a76afd443dea3adaedafb197e
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a
a3d8b3026509debf9bbe5672d4b53c52460763892b0dd7dc4dd50267ad43fcbe
a47944586aae7d0f36bb4f7c3deb4784dbe65914fd21ee04b5dc4e8f45465b61
a4a283ea9379e0b91db39e34e38ad24ced3b72177c060224d5e2c56177c1c09b
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6a936bf89e1100e04af426880bbbbcdf995f6501eb58a5e7ca3382b0ce74ac3
a7db6c9bf419d63f605c08c1b084c0e3b31f41fed5985f1c5c7eb352661a7880
a87dab54792ca3697212f10ca3a1504a38c2c6d609612d0e3954824d2726a172
a9bf7f2723e18afc4138339a53911e904db2134acd2ff30248a602b34075f9be
ab99d7a44d071f53f736eff7b688d9b70338537bcb7d60eb013845a47bb3c703
ab9c81354f2fc61fc082bbd15b0c46841de6b0029267514307333bdbd80b7177
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af5456556e2afc99d0300b8ea5617742c6afe012127ee80115aa24edb6092d6b
af979786c73f4c25357e6528bb264f3dffae203ec6ff1adced8b57c3532f6d4b
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7
b1631a16b9a272828ad99cdb2ff9beb5ca3f1bcfe33741fc51fb9fb1e764e227
b1efc12e119a8efc0a560bc4c19ff3af02ba61806e2c61397d9b3ceb977d48be
b2d2f5d052658ef5589fe450a8654dbeb88d97511ce36f21f1c3bb3b38fa3c24
b2e7bf563339b38d951e1d0b887d65f8f596c805e5255a61646a4bf236d0b55c
b302fdbffe8372e45c7f86a5135f5c337fee18cab823c7b07d413bd16eca3f54
b3335b51206e298f31aa46b7f4c0128bd9ad77e69c36edfdecc5b67a8ad4a488
b3587ccc786d72c7d352e3cd589f1c34a6d5f99944560a6c2e7f6f69f0a69b9a
b37c636901648d8313b4c544e3ac49dd082363a2ba3b5054e17827cb3a42bf82
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b57052b064a6778aa693bda164f8fe253440d6dc9fe6a513218ab5ef3774e051
b762acd0cc3802c938c9a920b0b35b4a9a0ae2fbb9c1e36c91502ef7e528b140
b7f6e2585f4bb89f9d5c4bf0bfdf2d8637fd97a0818ca76fe281eb7229e8fbf6
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
b8b2b3828d723bf17a1b4616c18a4912932c3cea19c3df5662b1b22602b50347
ba7e0e72735ea304bac8a43e87c2da1b7ee2d6705e8548a2fde134beb08d7b48
baa1e321fd815ef7c8bec6e9daa2ef002aadb656cc27cfdf6661dfdac33e0cda
bb6e1029a6e6deb39619e842f08b6bf0c8b55a0d03eb120c5200905b09a2da59
bc1da87af274cca4735280517227acaad88d5e3b47b28c88c074425a7877bf23
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd12cc8b75c3517537cfd15861d827c1d5471b0541f8fd330ee2f59d5fa6cd9b
bd39593f9afc1ab0ca328b598749ac07519f1149bc927aa11fdbab74642aa385
bf7f2838237afa7f02b6f11e1e54a5b5152716a98774e943827c9f471d02fce1
c024a500b6884e87cb923bdfab0b6303d5130c87bd4e00612ea410613e765faf
c09d5884ab7f379abf61034414c2d2d11505d0e1b9c6b9375823bc154f347773
c0e52100b50525d54d36c97532e449c33d9de1500bbef4f3fe4d689e0d583cf3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2a7c80301032f20f90d00a75cef91a4af5a7fa04651eaac3281f66466c8e8dd
c3a1e19ae447c458c806cec0f399a8b654602801a1b68e7c0341562c22b90f7e
c45ddb38cf1a41aae12456548436afacbe8963b3fdb2e12cc8ef5dcfa7ce9e38
c4c372f5831ede09fa80c662c9bd065187b1dc2dc6a6607c430e6e2a85c3fa6f
c4ed9c2591e47bb6e22ecb0d9c7cd3d3e0b4107732eb8b5f68e20a105926041e
c5985d1c7a973596a4b44ca8e582a26d3c9fd0373890991715f399bd7e9b9659
c615104d3516e49abe78a9102737c6aa04056c6a8090e5746a38921d3b3811ab
c6b39190993e85b1795a44137f4b4bd8ecc562296a6856436a493804b2c4510a
c6ca1199ae49c8f7e3c4e0096ef1575f25457cf067355c483fe744de092ef20b
c6d6e1b5a8106e8624cd94dfb25383a222f722bb8fa8817780d91405bccd991b
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c7433c4eafae019bff16f2f127b9ce6a65022f7d4d96c593128cd5d0249a9ad5
c776785ca0fe4e535bfae4db0061d650f91d088714c0e81c0cb6a8ff0ead7679
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
ca8e011c30e88f7508e3aa362170192447703c3054a19d3df50335a6d9576640
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cae693444d5c4b70988da3ee41b0c3809de3f7701f474183ed8a446be6c970a5
cba806a539356b2e893a8ff5ebeaeff4564eb99646c88d9c680f6373f221bb2a
cda05a6f8a818c3c3a3d67c87e462c6ac982645f149aa755035ae1ea33c5655a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d20ad0d0e363419eec45e55142397c8746b7d01ef9bc3415d83bb29ed4fb97c5
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d4217be0e3ca7ff2f7377988d57a39a56cd1ae384ec7b71f1ecfb16c07ec8c9f
d5a908e09ec5fa5996a55a61459c2762a9e13157d72888a42f8b52f0e0841cf4
d66c26faa046cff3733995b1a3646e6ed936248ef52a9e9a819fb747c75dc7f6
d74de7afa55050f7ccedbfdfa60a37600d3488f41ca87e321d868a12c0b3382d
d888ae142a1fca03048d564a5a25bc6dfa3c476a3e8eb3881c2cad30b0d0d47b
dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f
dc825c58101432949042d8b90ad119dbca174367c86e014987b8bd12ee52fd86
dc8f07d0d7d589f25b15ba0fde69522ac179c805e13ea2ebe667a08583d8df99
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd5e1a468aa89dac498d285b2d12db4b2aa64118d6d0fa709b0785d9250f42fb
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de60ce74dc51181fe850f249ae75cc015cbf18c96b9e44f5a40e9cc56b0ba85b
e0c245db8e7a2815bdf93856eba409e399429dd1d80e9a0876f2cffb03d82a45
e13822da2ca587d1d53b050cb267bbfea098e785e496dfb833bf4ae38555a087
e3054414e976c11e50add9beb539f96c98dc453b124997cc00a18377e7e49044
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c5ff38a6b645121ae055d1bb18885c2f185331f58f6229443c2f031684216f
e3d3512911d3364bf8ce2ca9f8dacc342bc7f3d8cc9c9e300a862a57bd9583eb
e3f16a99683ec813507fab742f11167db01a3c2ced3fdaa6f1ea859d2f9f4fe2
e55be80f24ce1dd7737d5871d5df358295b88be19088083e4b4f2b7ac6aa618e
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28
e5d5f4ac0c4a9d8bdd2ff5b241cb7d6f3ef6beb7b7431ea4bafef56315eba2f8
e6214b2559f67192d41d07d928357497936f068d2953d63646bbfe104b1d68c5
e645b21aa398bbd85fa5c93541ed773b6dd0a96e61c62c6ede8c62e553dd1d48
e7906e8c3743a3fa8785c59d8f87aa4201b702757ce9f8c1e962c80efcd29968
e7bd96688cbb98c39cc3c0dc22f09cbfd22d353d77b651ebc255cfaedfecdbc5
e7cc2e6386a64849765c5d395c47005c4dafa57d43797429aaf48bb50add717e
e7d3c18772620716a3d8ecb1f3b56eee78de7069979167daa1715c9f46c219d3
e81a27b0ffa5bfd7c2479297efa262f8e2bea76aabf94437eb8a2a36a65419fa
e8557b92190103c1e04bcea71e88a8e4dbf8ac3a7eee24603a50b81ff2f380ab
e9587556fe64fa6b605e8878778f52e98abd622c47524fc5b446fe66c0d0398a
eaa1fe6daa6d6efa271e07a942dd6cd521cf367b0f2a1470512f43dc315ad50c
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec18ebaedb655fd8c94eb9c8160e218920dbe41c7059171f06c03d0dedd5010a
ed0c23d1b4027efe598d9005db97bc8760e5b37b44aa447154432f71a0d24cd4
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
f09cd15104f52c2c2f69e135a4128c75a6ad1f82ae3474e71ed606031b5d1747
f1a41e5636a3d813eeec5a8f75d62b18a761d253f4907fcf5486cc653562ed53
f1ea662ff8a17468145fce678c229ab39c807837b071625ce1030808aff915d2
f29b0ba37084a0d95eaf3b72f07eb69195ec70f1b43b5367df51bb51e83a3583
f30d47f9cdcdd6cd0347c9b418cd1d7013db02af6416161ec98a610c8f82b66c
f3626395a3596984e23ef3c2e882eee1fe93e4830f6c6b90ba9aad5028d2b6c5
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f79d1837a7fcc0b57562cf230275f5e5d8668ae84de517af75d181af4fd419af
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
f8859622b014c35916f294efc76fdb684a5681149809636416851b765d4eaf39
f8f172ac46ed6c7e780e94b793b329888c592468c20046bb48ed2b11d259a631
f955bad4911e135ef8894618754dbed63059322adf7404c619734960cce6adc0
f9d9f5036d0bd2be56f58b96153837812b097932175127c8b0261eb0ba7b58de
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc75f6b3b1c7bebdbc002a0311db53346e7f677a0afced1c3ec38373333f5e6b
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
fde521b2a0c55580b3b983f97264e62b2083a73c8446dfefca83918df9d9eccb
feb2160dccd8b0345096a272f9753c529fa2f32b843400805851dc714372d9d5