urlscan.io logo urlscan.io
SecurityTrails logo

sai.thetorontopost.net Open in urlscan Pro
2a00:1450:4001:803::2013  Public Scan

Go To Rescan Add Verdict Report
URL: https://sai.thetorontopost.net/
Submission: On July 22 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 32 HTTP transactions. The main IP is 2a00:1450:4001:803::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is sai.thetorontopost.net.
TLS certificate: Issued by WR3 on July 20th 2024. Valid for: 3 months.
This is the only time sai.thetorontopost.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2a00:1450:4001:803::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
sai.thetorontopost.net
8    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pagead2.googlesyndication.com
5    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
4    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net
lh3.googleusercontent.com
Apex Domain
Subdomains		 Transfer
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
215 KB
9 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 7953
lh3.googleusercontent.com — Cisco Umbrella Rank: 129
380 KB
5 gstatic.com
fonts.gstatic.com
765 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
3 thetorontopost.net
sai.thetorontopost.net
66 KB
32 5
Domain Requested by
8 pagead2.googlesyndication.com sai.thetorontopost.net
pagead2.googlesyndication.com
5 lh3.googleusercontent.com
5 fonts.gstatic.com sai.thetorontopost.net
fonts.googleapis.com
4 fonts.googleapis.com pagead2.googlesyndication.com
4 blogger.googleusercontent.com sai.thetorontopost.net
3 sai.thetorontopost.net
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
32 7

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
finestap-design.blogspot.com
policies.google.com
Subject Issuer Validity Valid
sai.thetorontopost.net
WR3		 2024-07-20 -
2024-10-18		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://sai.thetorontopost.net/
Frame ID: 7B35F52628C3072567283CA14532E4A9
Requests: 32 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240717/r20110914/zrt_lookup_fy2021.html
Frame ID: E8423FFD54358A4BCBA9B8F6BD120E92
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?npa=1&ltd_cs=1&client=ca-pub-4348102288873114&output=html&adk=3953984709&adf=2873229911&abgtt=6&lmt=1721532565&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsai.thetorontopost.net%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=29_18~32_18~30_19&aiixl=29_5~32_9~30_6&aslmct=0.7&asamct=0.7&aipaq=1&itsi=-1&aiapm=0.41421&aiapmi=0.44357&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721661614449&bpp=4&bdt=339&idt=337&shv=r20240717&mjsv=m202407160101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7221569479744&frm=20&pv=2&ga_vid=881669780.1721661615&ga_sid=1721661615&ga_hid=1976069708&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31084128%2C44795921%2C95334524%2C95334829%2C95337869%2C95338228%2C95338243%2C95338257%2C95335246%2C95337092%2C31078663%2C31078668%2C31078670&oid=2&pvsid=381947411038943&tmod=10011131&uas=0&nvt=1&fsapi=1&fc=1920&brdim=760%2C760%2C760%2C760%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=362
Frame ID: B52636859314AE4E0BEF2A968C1F02EE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?npa=1&ltd_cs=1&client=ca-pub-4348102288873114&output=html&h=280&slotname=7990436313&adk=1245487318&adf=1518534828&pi=t.ma~as.7990436313&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1721532565&rafmt=1&format=1200x280&url=https%3A%2F%2Fsai.thetorontopost.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721661614453&bpp=2&bdt=343&idt=375&shv=r20240717&mjsv=m202407160101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7221569479744&frm=20&pv=1&ga_vid=881669780.1721661615&ga_sid=1721661615&ga_hid=1976069708&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=223&ady=164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31084128%2C44795921%2C95334524%2C95334829%2C95337869%2C95338228%2C95338243%2C95338257%2C95335246%2C95337092%2C31078663%2C31078668%2C31078670&oid=2&pvsid=381947411038943&tmod=10011131&uas=0&nvt=1&fc=1920&brdim=760%2C760%2C760%2C760%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=382
Frame ID: 03E8346AB0A6C6FDC1F6DB298BEF309C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8DC8337443684FDF66FF0029571DC7CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Toronto Insurance

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

32
Requests

97 %
HTTPS

71 %
IPv6

5
Domains

7
Subdomains

8
IPs

2
Countries

1429 kB
Transfer

2057 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sai.thetorontopost.net/ 		261 KB
66 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sai.thetorontopost.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1b4f4ff96740ff8deb05d97c8776edf24487e553ed4e9cb917420548085c026e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
66768
content-type
text/html; charset=UTF-8
date
Mon, 22 Jul 2024 15:20:14 GMT
etag
W/"1400811c63762a8acb13f9ddafc9d4a48ecbaa7571446d3329e9029bf1e6eb18"
expires
Mon, 22 Jul 2024 15:20:14 GMT
last-modified
Sun, 21 Jul 2024 03:29:25 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		162 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4348102288873114
Requested by
Host: sai.thetorontopost.net
URL: https://sai.thetorontopost.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
d661f5f0a7a466fdf9864ff2f2a11c8a775fdbb6558eb617cd90dd0257150dd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
Origin
https://sai.thetorontopost.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 15:20:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53693
x-xss-protection
0
server
cafe
etag
16914484100024291124
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 22 Jul 2024 15:20:14 GMT
truncated
/ 		26 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
fonts.gstatic.com/s/googlesanstext/v16/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesanstext/v16/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
Requested by
Host: sai.thetorontopost.net
URL: https://sai.thetorontopost.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bad1c5850c2453996c8dc11934799affb96c43eae953ca75fe9c15a9df07fe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
Origin
https://sai.thetorontopost.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 16:23:50 GMT
x-content-type-options
nosniff
age
600984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14856
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:54:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Jul 2025 16:23:50 GMT
truncated
/ 		289 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d42d50419a11e8aa5cf8f3519ba132b77186c6e26759aa939fdd080c21d24e04

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		447 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24785ba53c0ac2b29a5a5aa140fcbce1054a40af05c45d02094c52c9a5290f46

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6611677c5391ceb6488b98028510d9d2398907292efff0cef7ab4d07e9cf5b69

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmhjtg.woff2
fonts.gstatic.com/s/googlesanstext/v16/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesanstext/v16/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmhjtg.woff2
Requested by
Host: sai.thetorontopost.net
URL: https://sai.thetorontopost.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a1286273726bff8e1d79da7039788b34f34d8f439a9dff6492541bebfe23acf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
Origin
https://sai.thetorontopost.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 01:45:21 GMT
x-content-type-options
nosniff
age
567293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14836
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:54:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 01:45:21 GMT
button.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiv5GM8TQzTjBo8NNG5fo_HIleOtPANuMNeFF1fAWmVrLE_X1bcO0bGCoix8HOy7Ga5vmtWDseHEvpTQ8DFAThQo-6CXasZAqvKCK2hZGNtQsqB6g5zlCMSNBr-CXkf61VJ_uGaJgExwWz8wzdE... 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiv5GM8TQzTjBo8NNG5fo_HIleOtPANuMNeFF1fAWmVrLE_X1bcO0bGCoix8HOy7Ga5vmtWDseHEvpTQ8DFAThQo-6CXasZAqvKCK2hZGNtQsqB6g5zlCMSNBr-CXkf61VJ_uGaJgExwWz8wzdEyacRpG__b4qeFyeIAFRkdImg5lCdGn4-SjKJNFqD9XY/s1600/button.png
Requested by
Host: sai.thetorontopost.net
URL: https://sai.thetorontopost.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8ebb9209ea0d58ef3f03bc115b115edaad72356c66ab68bb898fce3c6ad331c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 15:20:14 GMT
x-content-type-options
nosniff
server
fife
etag
"v24"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="button.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3153
x-xss-protection
0
expires
Tue, 23 Jul 2024 15:20:14 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407160101/ 		424 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4348102288873114&plah=sai.thetorontopost.net&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4348102288873114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e606c72f32e1597defed92944760e1d61261c182acf2891eaa081539b08a24c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 15:20:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146697
x-xss-protection
0
server
cafe
etag
15730628291793501859
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 Jul 2024 15:20:14 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240717/r20110914/ Frame E842 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240717/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4348102288873114&plah=sai.thetorontopost.net&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
64510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jul 2024 21:25:04 GMT
etag
2738592464165616
expires
Sun, 04 Aug 2024 21:25:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame B526 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?npa=1&ltd_cs=1&client=ca-pub-4348102288873114&output=html&adk=3953984709&adf=2873229911&abgtt=6&lmt=1721532565&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsai.thetorontopost.net%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=29_18~32_18~30_19&aiixl=29_5~32_9~30_6&aslmct=0.7&asamct=0.7&aipaq=1&itsi=-1&aiapm=0.41421&aiapmi=0.44357&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721661614449&bpp=4&bdt=339&idt=337&shv=r20240717&mjsv=m202407160101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7221569479744&frm=20&pv=2&ga_vid=881669780.1721661615&ga_sid=1721661615&ga_hid=1976069708&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31084128%2C44795921%2C95334524%2C95334829%2C95337869%2C95338228%2C95338243%2C95338257%2C95335246%2C95337092%2C31078663%2C31078668%2C31078670&oid=2&pvsid=381947411038943&tmod=10011131&uas=0&nvt=1&fsapi=1&fc=1920&brdim=760%2C760%2C760%2C760%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=362
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4348102288873114&plah=sai.thetorontopost.net&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
6244
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 15:20:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 03E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?npa=1&ltd_cs=1&client=ca-pub-4348102288873114&output=html&h=280&slotname=7990436313&adk=1245487318&adf=1518534828&pi=t.ma~as.7990436313&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1721532565&rafmt=1&format=1200x280&url=https%3A%2F%2Fsai.thetorontopost.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721661614453&bpp=2&bdt=343&idt=375&shv=r20240717&mjsv=m202407160101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7221569479744&frm=20&pv=1&ga_vid=881669780.1721661615&ga_sid=1721661615&ga_hid=1976069708&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=223&ady=164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31084128%2C44795921%2C95334524%2C95334829%2C95337869%2C95338228%2C95338243%2C95338257%2C95335246%2C95337092%2C31078663%2C31078668%2C31078670&oid=2&pvsid=381947411038943&tmod=10011131&uas=0&nvt=1&fc=1920&brdim=760%2C760%2C760%2C760%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=382
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4348102288873114&plah=sai.thetorontopost.net&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
302
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 15:20:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ 		1 KB
527 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4348102288873114&plah=sai.thetorontopost.net&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
71f4b69c121b8a9928ca889430114ee584ba6b3c792577550c9d2715f4ca95f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jul 2024 15:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jul 2024 15:20:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jul 2024 15:20:15 GMT
css
fonts.googleapis.com/ 		5 KB
754 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500%2C700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4348102288873114&plah=sai.thetorontopost.net&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db02d25f24b2b72ec96e6540ef451ccb8bfbdf9782937cc79547428578f63b98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jul 2024 15:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jul 2024 14:58:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jul 2024 15:20:15 GMT
css2
fonts.googleapis.com/ 		656 B
486 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Google+Symbols:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4348102288873114&plah=sai.thetorontopost.net&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c886904fdbc4794decfac39d0cc873be1ddb6f7c9de2f7249cda54009c41b3db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jul 2024 15:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jul 2024 15:20:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jul 2024 15:20:15 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans+Text:400,500,700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4348102288873114&plah=sai.thetorontopost.net&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db02d25f24b2b72ec96e6540ef451ccb8bfbdf9782937cc79547428578f63b98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jul 2024 15:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jul 2024 14:55:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jul 2024 15:20:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=42532561&hl=en&pvc=381947411038943
Requested by
Host: sai.thetorontopost.net
URL: https://sai.thetorontopost.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jul 2024 15:20:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4348102288873114&plah=sai.thetorontopost.net&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
HhzZU5Ak9u-oMExPeInvcuEmPosC9zyteYEFU68cPrjdKM1XLPTxlGmzczpgWvF1d8Yp7AudBnt3CPar1JFWjoLAUv3G-tSXmA.woff2
fonts.gstatic.com/s/googlesymbols/v280/ 		706 KB
707 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesymbols/v280/HhzZU5Ak9u-oMExPeInvcuEmPosC9zyteYEFU68cPrjdKM1XLPTxlGmzczpgWvF1d8Yp7AudBnt3CPar1JFWjoLAUv3G-tSXmA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bed72e1f3ad8dcdfcaae411a6e26eeb3def7266429ae569b83f168d93f71b06d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sai.thetorontopost.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 19:22:41 GMT
x-content-type-options
nosniff
age
590254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
723072
x-xss-protection
0
last-modified
Wed, 10 Jul 2024 14:21:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Jul 2025 19:22:41 GMT
5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
fonts.gstatic.com/s/googlesanstext/v21/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesanstext/v21/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8300ba70904617a47a80e9098fe00b3f7aefd328519318c420289b0bbdfb5e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sai.thetorontopost.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 22:41:06 GMT
x-content-type-options
nosniff
age
578349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14796
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:47:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Jul 2025 22:41:06 GMT
5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmhjtg.woff2
fonts.gstatic.com/s/googlesanstext/v21/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesanstext/v21/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmhjtg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
483f202789ed694c70f16e9ca008533be41fc8f9ddc44d832f5818cef0ac85f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sai.thetorontopost.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 02:05:03 GMT
x-content-type-options
nosniff
age
566112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14796
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 02:05:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240717&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4348102288873114&plah=sai.thetorontopost.net&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
5206434133165de7f59c54bc15ad75ec04673ee338797e69c89476f497eb913e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 15:20:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12958
x-xss-protection
0
favicon.ico
sai.thetorontopost.net/ 		9 KB
340 B 		Other
General
Check archive.org
Download Go to
Full URL
https://sai.thetorontopost.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2e0eec5ba7cb5834daf17eeba7e767b9fcb68739968bb1686ad22608769e3b3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 15:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 21 Jul 2024 03:29:25 GMT
server
GSE
etag
W/"1400811c63762a8acb13f9ddafc9d4a48ecbaa7571446d3329e9029bf1e6eb18"
content-type
image/x-icon; charset=UTF-8
cache-control
private, max-age=86400
content-length
213
x-xss-protection
1; mode=block
expires
Mon, 22 Jul 2024 15:20:15 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4348102288873114&plah=sai.thetorontopost.net&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 15:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Jul 2024 15:20:15 GMT
AEn0k_uN4T1u5pdZl2cSQUOyo4tn-IgdRdNKuFN9lsHXuN2IBqsJN5X9W0WdJ6H271JOSNRC33t5ZXsOUyg1_50Mgo7BteV3EzjL4Fqkni6BElrn74L3k_Z5XNJcFAOiAusZBePGb_p7ptdHDMcqti1ybjfbh6oYJj_3DnqY5OQrphIhH_lq1TO2-6Mv9iK9Y3_RZ...
lh3.googleusercontent.com/blogger_img_proxy/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uN4T1u5pdZl2cSQUOyo4tn-IgdRdNKuFN9lsHXuN2IBqsJN5X9W0WdJ6H271JOSNRC33t5ZXsOUyg1_50Mgo7BteV3EzjL4Fqkni6BElrn74L3k_Z5XNJcFAOiAusZBePGb_p7ptdHDMcqti1ybjfbh6oYJj_3DnqY5OQrphIhH_lq1TO2-6Mv9iK9Y3_RZcZs-0qF1Z_On-I8c4A-iHZniMKUI_EqrEMt1_o2KI2Kqb9jle4CPAl2Vs66RXG5oeIkEdNWMedRJYbvQ9QwpUcx39gs1EyFpcpD_-O3ZoXvA0PG42xKZXQWd4nQ1p_QCR9cbb6mW6jNvIrvd-5En9DkLvsLik8PMKKMskmqXouDaT3VRoA=w600-h300-p-k-no-nu-rw-e30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
bf714f7473f6467f23fdc01f165ff579f9d92178187714b787758ed01c90da57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 15:20:15 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=2592000, no-transform
content-disposition
inline;filename="unnamed.webp"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38782
x-xss-protection
0
expires
Wed, 21 Aug 2024 15:20:15 GMT
Small-Business-Insurance-101.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPA0rXAZLjUhlnRcQr_VlQ9C7_rqc_b4ZfQLMwt_8RlaiYFUfjgdyoLeZlGqhsFfbZeYYtrTUd_eAlXtDrY_V_gLYuUqEREDcvhojruzXlEXO8i2t8hS25HcJILmZDN0AgvMu1UuM4lgL3eMuq... 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPA0rXAZLjUhlnRcQr_VlQ9C7_rqc_b4ZfQLMwt_8RlaiYFUfjgdyoLeZlGqhsFfbZeYYtrTUd_eAlXtDrY_V_gLYuUqEREDcvhojruzXlEXO8i2t8hS25HcJILmZDN0AgvMu1UuM4lgL3eMuq3_4Pr_QeE37W-DmqLkJo5tJrjFgKDmPxckHm7ofcis0/w600-h300-p-k-no-nu-rw-e30/Small-Business-Insurance-101.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
45c28b228a875eb2c47ee68862ec5f27a87424af85154c323c4b97f0ab2cf16e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 15:20:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v15"
vary
Origin
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=2592000, no-transform
content-disposition
inline;filename="Small-Business-Insurance-101.webp"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35612
x-xss-protection
0
expires
Wed, 21 Aug 2024 15:20:16 GMT
AVvXsEgtp3U8KJaZ6fYm8N6T6u3EumU5scTXqCnHqZjWXTTSo5bVkxRvKYWmQE_ngGF246E2aSmGmYHDp3SJwBzhopA56UCv3XOQdf2LmhlQpMqycemDTd6WVUS0RufY9lPFCngCwpMjK9Hl_9p8EaF3Q6D2KWg4ki8DAH-ED67ZiN-f9eUsaEYnE2UhpL6xFei0=...
blogger.googleusercontent.com/img/a/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEgtp3U8KJaZ6fYm8N6T6u3EumU5scTXqCnHqZjWXTTSo5bVkxRvKYWmQE_ngGF246E2aSmGmYHDp3SJwBzhopA56UCv3XOQdf2LmhlQpMqycemDTd6WVUS0RufY9lPFCngCwpMjK9Hl_9p8EaF3Q6D2KWg4ki8DAH-ED67ZiN-f9eUsaEYnE2UhpL6xFei0=w600-h300-p-k-no-nu-rw-e30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8766ed16f7b72f5cfbf4b2395532d4b2913f10bd04c919b5304032d6a94e3799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 15:20:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v27"
vary
Origin
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=2592000, no-transform
content-disposition
inline;filename="image.webp"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109288
x-xss-protection
0
expires
Wed, 21 Aug 2024 15:20:16 GMT
AEn0k_uKl9vgo_48DSdi26z3Qg1STc769VsDl8lb0bQkKOJNDxeWo6eWkI4Gj178KroqdPfRpJZdbpV7-tbomJdAviEvi_Li2ArpgYQ__hXxKHKLt4fNB9lw7PqI3w5QPbjPOVUNHx5fBurNrvkr5HAwOR4QSHSVtcJ0LIqsKfTgd5EvcyhA_wrm8Y4w6CJVhDyBR...
lh3.googleusercontent.com/blogger_img_proxy/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uKl9vgo_48DSdi26z3Qg1STc769VsDl8lb0bQkKOJNDxeWo6eWkI4Gj178KroqdPfRpJZdbpV7-tbomJdAviEvi_Li2ArpgYQ__hXxKHKLt4fNB9lw7PqI3w5QPbjPOVUNHx5fBurNrvkr5HAwOR4QSHSVtcJ0LIqsKfTgd5EvcyhA_wrm8Y4w6CJVhDyBREt6KvBPx3jfPEwt_Uoa-iuaay3N0a_lcDCZCU2YlTiF4MhFexOfZfRuvLFb-ptGMxmMzzrDC8oRwxhVlEi-zoRQGvEZSg_hDxbIF0X7pE8ueZTKXkLJEwQUBG9jrXQsxpiEKvQQSh7wjw=w600-h300-p-k-no-nu-rw-e30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
f817bb3807a354204b9f3d074b5c89f849408ff090ccd55f7805117faf22d20c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 15:20:15 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=2592000, no-transform
content-disposition
inline;filename="unnamed.webp"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16062
x-xss-protection
0
expires
Wed, 21 Aug 2024 15:20:15 GMT
4276755_640.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLAhibs6Ep5lxHbUnYuBG0xg-NkAZFu1dCBm1dOeJ6pGOVVQfKzYLW167WPLNaSLPJL-BPK7VdDB9zXL-rb-KO_djYBSxDpjQa06JZ6zGjRZ1pNl0sU2hyyUYnIDxnK-lxEnfgIyUz9FKfpGxo... 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLAhibs6Ep5lxHbUnYuBG0xg-NkAZFu1dCBm1dOeJ6pGOVVQfKzYLW167WPLNaSLPJL-BPK7VdDB9zXL-rb-KO_djYBSxDpjQa06JZ6zGjRZ1pNl0sU2hyyUYnIDxnK-lxEnfgIyUz9FKfpGxoU2WHndQmZYCuUlaewRCLYUDPvQcje0xNgwXQl4E0umsO/w600-h300-p-k-no-nu-rw-e30/4276755_640.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fea2b3b99a33b7a6216b599c6444af683ca842cece1002da952fb02d99736949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 15:20:16 GMT
x-content-type-options
nosniff
server
fife
etag
"v1a"
vary
Origin
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=2592000, no-transform
content-disposition
inline;filename="4276755_640.webp"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43632
x-xss-protection
0
expires
Wed, 21 Aug 2024 15:20:16 GMT
favicon.ico
sai.thetorontopost.net/ 		9 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://sai.thetorontopost.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2e0eec5ba7cb5834daf17eeba7e767b9fcb68739968bb1686ad22608769e3b3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 15:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 21 Jul 2024 03:29:25 GMT
server
GSE
etag
W/"1400811c63762a8acb13f9ddafc9d4a48ecbaa7571446d3329e9029bf1e6eb18"
content-type
image/x-icon; charset=UTF-8
cache-control
private, max-age=86400
content-length
213
x-xss-protection
1; mode=block
expires
Mon, 22 Jul 2024 15:20:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8DC8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
19574
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 09:54:02 GMT
expires
Tue, 22 Jul 2025 09:54:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AEn0k_t_kpzREh7ehaLo1GbA-gnt9JTn6wkvu_fkQXV--fnQru5zEnv12RkvQ2YOmb37FXWmRSq6dxmPXv_dXfDvxAGAbPbBACSbxzqEr8g5g_tidBawvNDsokTQezuW7U7Q3WNUnOTaqN8_wK40tJaxSuCn2Ky9x_4lNTEW=w600-h300-p-k-no-nu-rw-e30
lh3.googleusercontent.com/blogger_img_proxy/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_t_kpzREh7ehaLo1GbA-gnt9JTn6wkvu_fkQXV--fnQru5zEnv12RkvQ2YOmb37FXWmRSq6dxmPXv_dXfDvxAGAbPbBACSbxzqEr8g5g_tidBawvNDsokTQezuW7U7Q3WNUnOTaqN8_wK40tJaxSuCn2Ky9x_4lNTEW=w600-h300-p-k-no-nu-rw-e30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
8af94a071afd60e3cf46cdd5c60c7bcf0ab3a77d7dc0e074577866bd7929b629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 15:20:16 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=2592000, no-transform
content-disposition
inline;filename="unnamed.webp"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45432
x-xss-protection
0
expires
Wed, 21 Aug 2024 15:20:16 GMT
AEn0k_tE4yzTa42pma8_nE9swbM0QvDxwsvIvypFDXXM-i2EzjfHoJv0rw12rt8E5Fz-qiUraSD-Um8F5F52a2XQpbPHUAzpBKIZ0dbsE43Sy2E9dY4m89RQ2TRQSsASwntvt34Qq8D6Wf104woX5rkgD5g2igjcKiCfzpJp=w600-h300-p-k-no-nu-rw-e30
lh3.googleusercontent.com/blogger_img_proxy/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tE4yzTa42pma8_nE9swbM0QvDxwsvIvypFDXXM-i2EzjfHoJv0rw12rt8E5Fz-qiUraSD-Um8F5F52a2XQpbPHUAzpBKIZ0dbsE43Sy2E9dY4m89RQ2TRQSsASwntvt34Qq8D6Wf104woX5rkgD5g2igjcKiCfzpJp=w600-h300-p-k-no-nu-rw-e30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
5e0c6580fc553ba8d70d1131cbd7933520792283564ca74a661cb52941fcb06a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 15:20:16 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=2592000, no-transform
content-disposition
inline;filename="unnamed.webp"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51460
x-xss-protection
0
expires
Wed, 21 Aug 2024 15:20:16 GMT
AEn0k_tUBQXEWMJ23258IXahmvyLIPjkrGogxLnGUQ11Hf4LqTi-rXl-yNAqKk6MpbvO0KpYQBhtSXxxo-o29AY_Zw5uXYULHZb5O4kg5NKnYgYORNl9m23-cJ_3DG_AZ_x1y69iWl3VllPwH-Y4otZWVM5Cxd0vBF9xE4YT=w600-h300-p-k-no-nu-rw-e30
lh3.googleusercontent.com/blogger_img_proxy/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tUBQXEWMJ23258IXahmvyLIPjkrGogxLnGUQ11Hf4LqTi-rXl-yNAqKk6MpbvO0KpYQBhtSXxxo-o29AY_Zw5uXYULHZb5O4kg5NKnYgYORNl9m23-cJ_3DG_AZ_x1y69iWl3VllPwH-Y4otZWVM5Cxd0vBF9xE4YT=w600-h300-p-k-no-nu-rw-e30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
564a84601de84ab1320265d08e8dc3b9b4bb597152e0c024a3633a61898d9c2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sai.thetorontopost.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 15:20:16 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=2592000, no-transform
content-disposition
inline;filename="unnamed.webp"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44544
x-xss-protection
0
expires
Wed, 21 Aug 2024 15:20:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240717&jk=381947411038943&bg=!MTKlMn3NAAakBOpbhAQ7ADQBe5WfOAojDPWtckFBNfMAI-si7Ol82cWr116iwuIaF13IdgAXPf5V1tzmQypCA-0aQx4LAgAAAFJSAAAAA2gBB34ANqcmk-lakdT4Kq2PLu8sZ5swsFXQp1O86yLyWdBpYmLSRgMJ7vBA6gdIyrSj32XGK0_8sz7MMZkCv0ujicyXp_BPk00uncnLH8t5-IwvfyUFEm_yL2dTB5uVIOolaAmobaioihYxqcE51ne3O5czmIfUizrYIC4arSgD79uaitHSlJdEe1J1vdX-908WcpqfDpFIqnMowxv19_c7cy817C4BsvJ0rPuaEP4EUrJFc1j_dUkOx-_hL-0lLiCyRRgI13xjBCKqdKvGIP6xgpJSYw4f3DfzKm8YRbdPc1ffwRNvrJGMEY3xs1kweQPKjLo7DBcpkpupgrzVwH0A2gRc1aPYbrdA-SCZSj8A_IqgmY2373e6wm2mrOaUT91cKlPcNVtxqT-Fv5UeVvjRHS4pVd9HrdH8796rVp4bDaO-qp6nXgdbVq8e7EstiKmF0nnxIF6rMp_37TN1UYu04GSXoY0wjiJUsWTix9Xq9sB8dwPwScf25CPmXmRFsuC8DPYam6V1eqB2aY4Hx0SfyzMi0_W00JGgWEOe4txHosG1NcymaxMojgKAk1Ros4Z83uduQlCjEkSL4FMEp5eB67Fx_kYUFqHV5HQowFo53yaK7cQrTu9UnhQLalm-JPL3xtUI4rEfcbgN-xG-v_ku0ayQLduD3kpisANdf-ERrFyfuqXoudb20Jl_r-QCJW2fv7bmsazIY-HhUlVrvEr_bfLwODko7UcGXsL5sVG6OTttoqec75QroScRgHu38QSbXf5gulG_Dda2WUsMVWJmAaolQVKUHJiOInFoD_V1QD1AzDXkezulZGVYD36uGO5ykOShYvAQCEt1WMjFWw1Ak4oRkkjDBd462AU_c5BpY5mGcfidIbyHZd8Hrt-_k3VaOCi_fKtnW2zcGhNSC3wbEzLWwka-bgMPb-YKcUu4NbC_KJ-xzaYeNZJmAXnQKW-kCyhK5VGgByaNHk6zOp-lACPOkyQvk3pm4UF8NcfglKoLn3Ff1J3wYWhhJqc

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| remPar function| _0x476a function| _0x50d0 object| Pu function| _0x51f4a5 function| getid function| getclass function| qSel function| qSell function| _0x55e1 function| addCt function| remCt function| stS function| stC function| _0x5949b4 function| stE function| _0x178b function| ldJs function| ldCss function| pushAds function| insertAfter function| middleAds function| recurAds object| cookieChoices function| Defer function| defer function| deferscript function| deferstyle function| deferiframe function| deferimg object| adsbygoogle function| _0x5bbe function| _0x4b2a59 function| _0x5a8f2f function| themeColor function| _0xce6d function| toastNotif function| fixedNotif function| neonLight function| vibRate function| ctgryPst object| d number| n function| checkCntry object| infinite_scroll function| puImgPs function| InfiniteScroll function| darkMode function| headScroll function| lazyCustomJs function| scrollCustomJs number| c3 function| _3 function| googleTranslateElementInit function| puViews function| _0 function| blogAdmin function| _1 object| aryLzJs function| loadLzJs object| aryLzJsM function| loadLzJsM function| _2 function| showLucky function| fetchLuck function| readLucky function| feelingLucky object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googFloatingToolbarManager object| google_pso_loaded_fonts boolean| google_plmetrics object| google_image_requests object| googTempStyleOverrideInfo object| googNavStack object| GoogleGcLKhOms

1 Cookies

Domain/Path Name / Value
.thetorontopost.net/ Name: __eoi
Value: ID=6d492fa125e2e463:T=1721661614:RT=1721661614:S=AA-AfjZtSu8NCTBZVVMjBV9CGeX2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
sai.thetorontopost.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
142.250.185.130
142.250.185.225
2a00:1450:4001:800::2001
2a00:1450:4001:803::2013
2a00:1450:4001:810::200a
2a00:1450:4001:812::2001
2a00:1450:4001:813::2003
1b4f4ff96740ff8deb05d97c8776edf24487e553ed4e9cb917420548085c026e
24785ba53c0ac2b29a5a5aa140fcbce1054a40af05c45d02094c52c9a5290f46
2e0eec5ba7cb5834daf17eeba7e767b9fcb68739968bb1686ad22608769e3b3a
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bad1c5850c2453996c8dc11934799affb96c43eae953ca75fe9c15a9df07fe6
45c28b228a875eb2c47ee68862ec5f27a87424af85154c323c4b97f0ab2cf16e
483f202789ed694c70f16e9ca008533be41fc8f9ddc44d832f5818cef0ac85f2
5206434133165de7f59c54bc15ad75ec04673ee338797e69c89476f497eb913e
564a84601de84ab1320265d08e8dc3b9b4bb597152e0c024a3633a61898d9c2f
5e0c6580fc553ba8d70d1131cbd7933520792283564ca74a661cb52941fcb06a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6611677c5391ceb6488b98028510d9d2398907292efff0cef7ab4d07e9cf5b69
71f4b69c121b8a9928ca889430114ee584ba6b3c792577550c9d2715f4ca95f4
8300ba70904617a47a80e9098fe00b3f7aefd328519318c420289b0bbdfb5e2c
8766ed16f7b72f5cfbf4b2395532d4b2913f10bd04c919b5304032d6a94e3799
8a1286273726bff8e1d79da7039788b34f34d8f439a9dff6492541bebfe23acf
8af94a071afd60e3cf46cdd5c60c7bcf0ab3a77d7dc0e074577866bd7929b629
8ebb9209ea0d58ef3f03bc115b115edaad72356c66ab68bb898fce3c6ad331c7
bed72e1f3ad8dcdfcaae411a6e26eeb3def7266429ae569b83f168d93f71b06d
bf714f7473f6467f23fdc01f165ff579f9d92178187714b787758ed01c90da57
c886904fdbc4794decfac39d0cc873be1ddb6f7c9de2f7249cda54009c41b3db
d42d50419a11e8aa5cf8f3519ba132b77186c6e26759aa939fdd080c21d24e04
d661f5f0a7a466fdf9864ff2f2a11c8a775fdbb6558eb617cd90dd0257150dd2
db02d25f24b2b72ec96e6540ef451ccb8bfbdf9782937cc79547428578f63b98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e606c72f32e1597defed92944760e1d61261c182acf2891eaa081539b08a24c0
f817bb3807a354204b9f3d074b5c89f849408ff090ccd55f7805117faf22d20c
fea2b3b99a33b7a6216b599c6444af683ca842cece1002da952fb02d99736949