torontosun.com Open in urlscan Pro
34.117.147.204 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://torontosun.com/news/local-news/levy-state-of
Submission: On September 09 via api (September 9th 2024, 2:13:52 pm UTC) from CA — Scanned from CA

Summary HTTP 166 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 75 IPs in 4 countries across 52 domains to perform 166 HTTP transactions. The main IP is 34.117.147.204, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is torontosun.com. The Cisco Umbrella rank of the primary domain is 591668.
TLS certificate: Issued by WR3 on August 10th 2024. Valid for: 3 months.

This is the only time torontosun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	34.117.147.204 34.117.147.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
2	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
3	108.138.115.149 108.138.115.149	16509 (AMAZON-02) (AMAZON-02)
1	23.205.2.235 23.205.2.235	16625 (AKAMAI-AS) (AKAMAI-AS)
28	34.117.54.29 34.117.54.29	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.225.63.110 13.225.63.110	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:3e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.22.191 172.67.22.191	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.139.29.52 108.139.29.52	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6812:4eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.107.6.158 13.107.6.158	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.67.155.215 172.67.155.215	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	108.139.47.50 108.139.47.50	16509 (AMAZON-02) (AMAZON-02)
6	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
4	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:98f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.106.56 108.138.106.56	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::681a:13e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.203.179.38 23.203.179.38	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.138.128.46 108.138.128.46	16509 (AMAZON-02) (AMAZON-02)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.40.225 172.67.40.225	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.238.55.52 18.238.55.52	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
4	44.208.57.122 44.208.57.122	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
1 2	35.244.193.51 35.244.193.51	15169 (GOOGLE) (GOOGLE)
1	143.244.213.152 143.244.213.152	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	35.241.9.51 35.241.9.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	68.67.160.114 68.67.160.114	29990 (ASN-APPNEX) (ASN-APPNEX)
3	104.18.176.126 104.18.176.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:21d... 2600:9000:21dd:a400:8:2ae1:d740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.205.166.168 18.205.166.168	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
5	34.149.157.221 34.149.157.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
1	108.138.106.83 108.138.106.83	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::645	54113 (FASTLY) (FASTLY)
2 2	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
4	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
2	2600:1f18:44f... 2600:1f18:44f0:4850:7963:2d32:88db:3d63	14618 (AMAZON-AES) (AMAZON-AES)
5	2a04:4e42::645 2a04:4e42::645	54113 (FASTLY) (FASTLY)
1	2600:9000:23c... 2600:9000:23cb:5000:1c:2afd:fb00:93a1	16509 (AMAZON-02) (AMAZON-02)
5	142.250.72.104 142.250.72.104	15169 (GOOGLE) (GOOGLE)
3	2600:141b:1c0... 2600:141b:1c00:2482::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.16.143.111 104.16.143.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.236.187.249 54.236.187.249	14618 (AMAZON-AES) (AMAZON-AES)
1	44.206.181.253 44.206.181.253	14618 (AMAZON-AES) (AMAZON-AES)
2	54.175.18.20 54.175.18.20	14618 (AMAZON-AES) (AMAZON-AES)
2	172.67.159.162 172.67.159.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.241.1 157.240.241.1	32934 (FACEBOOK) (FACEBOOK)
1	18.164.101.60 18.164.101.60	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b120:3639:11da:2268:5ca3	14618 (AMAZON-AES) (AMAZON-AES)
1	52.21.135.234 52.21.135.234	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
1	13.226.34.86 13.226.34.86	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.176.195 142.250.176.195	15169 (GOOGLE) (GOOGLE)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
3	57.128.96.202 57.128.96.202	16276 (OVH) (OVH)
2	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	145.40.89.32 145.40.89.32	54825 (PACKET) (PACKET)
2	2606:4700:440... 2606:4700:4400::ac40:91b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.72.135 172.67.72.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.80.36 142.250.80.36	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2003	15169 (GOOGLE) (GOOGLE)
2	216.239.38.181 216.239.38.181	15169 (GOOGLE) (GOOGLE)
166	75

3 34.117.147.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.147.117.34.bc.googleusercontent.com

torontosun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.115.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-115-149.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.2.235 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-2-235.deploy.static.akamaitechnologies.com

micro.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com

dcs-static.gprod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fem.gprod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-110.ewr53.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:3e (United States)

ASN13335 (CLOUDFLARENET, US)

tags.qortex.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.22.191 (United States)

ASN13335 (CLOUDFLARENET, US)

go.automatad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-52.jfk50.r.cloudfront.net

cdn-gateflipp.flippback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:4eb (United States)

ASN13335 (CLOUDFLARENET, US)

auth.lrcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
config.lrcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.6.158 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: bingforbusiness.com

edge-auth.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.155.215 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.139.47.50 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-50.jfk50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidanalytics.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:98f3 (United States)

ASN13335 (CLOUDFLARENET, US)

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-56.jfk50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:13e (United States)

ASN13335 (CLOUDFLARENET, US)

events.qortex.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.179.38 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-179-38.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.40.225 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.atmtd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
floors.atmtd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.55.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-52.jfk52.r.cloudfront.net

p.flipp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.208.57.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-57-122.compute-1.amazonaws.com

postmedia.hub.loginradius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.193.51 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.244.213.152 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e01.atmtd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.9.241.35.bc.googleusercontent.com

23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.160.114 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.176.126 (None, )

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21dd:a400:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.205.166.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-166-168.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.149.157.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.157.149.34.bc.googleusercontent.com

smartcdn.gprod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-83.jfk50.r.cloudfront.net

tags.fullcontact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.98 (Queens, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

googlesync.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:44f0:4850:7963:2d32:88db:3d63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)

identity.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jssdks.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23cb:5000:1c:2afd:fb00:93a1 (United States)

ASN16509 (AMAZON-02, US)

d-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.72.104 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:141b:1c00:2482::268b (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.143.111 (None, )

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f8cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.187.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-187-249.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.206.181.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-181-253.compute-1.amazonaws.com

i.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.175.18.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-18-20.compute-1.amazonaws.com

api.fullcontact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.159.162 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.101.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-101-60.jfk50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:3639:11da:2268:5ca3 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.135.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-135-234.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-86.ewr53.r.cloudfront.net

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.176.195 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 57.128.96.202 (France)

ASN16276 (OVH, FR)
PTR: haproxy08.cl11.ovh.mrf.io

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.89.32 (Ashburn, United States)

ASN54825 (PACKET, US)

id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:91b1 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.ribn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.72.135 (United States)

ASN13335 (CLOUDFLARENET, US)

static.trueanthem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.36 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.38.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	postmedia.digital dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 211912 fem.gprod.postmedia.digital — Cisco Umbrella Rank: 228912 smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 144971	284 KB
9	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1198 pm-widget.taboola.com — Cisco Umbrella Rank: 4404 vidanalytics.taboola.com — Cisco Umbrella Rank: 3613	459 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	756 KB
8	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280 cm.g.doubleclick.net — Cisco Umbrella Rank: 363 stats.g.doubleclick.net — Cisco Umbrella Rank: 252 td.doubleclick.net — Cisco Umbrella Rank: 481	182 KB
6	mparticle.com jssdkcdns.mparticle.com — Cisco Umbrella Rank: 7913 identity.mparticle.com — Cisco Umbrella Rank: 3311 jssdks.mparticle.com — Cisco Umbrella Rank: 7083	123 KB
5	google.com analytics.google.com — Cisco Umbrella Rank: 238 www.google.com — Cisco Umbrella Rank: 10	971 B
5	gstatic.com fonts.gstatic.com www.gstatic.com	280 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 278	6 KB
4	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 7090 id.cxense.com — Cisco Umbrella Rank: 14693	44 KB
4	liadm.com 1 redirects d-code.liadm.com — Cisco Umbrella Rank: 5362 idx.liadm.com — Cisco Umbrella Rank: 2445 rp.liadm.com — Cisco Umbrella Rank: 1645 rp4.liadm.com — Cisco Umbrella Rank: 4911	44 KB
4	permutive.com googlesync.permutive.com — Cisco Umbrella Rank: 13933 api.permutive.com — Cisco Umbrella Rank: 3370	469 B
4	viafoura.net cdn.viafoura.net — Cisco Umbrella Rank: 16033	180 KB
4	loginradius.com postmedia.hub.loginradius.com — Cisco Umbrella Rank: 228528	1 KB
4	lrcontent.com auth.lrcontent.com — Cisco Umbrella Rank: 119842 config.lrcontent.com — Cisco Umbrella Rank: 34150	112 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 394 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 999	86 KB
3	newsroom.bi events.newsroom.bi — Cisco Umbrella Rank: 7639	2 KB
3	viafoura.co api.viafoura.co — Cisco Umbrella Rank: 16270 i.viafoura.co — Cisco Umbrella Rank: 16452	3 KB
3	fullcontact.com tags.fullcontact.com — Cisco Umbrella Rank: 23665 api.fullcontact.com — Cisco Umbrella Rank: 24824	48 KB
3	tinypass.com experience.tinypass.com — Cisco Umbrella Rank: 14208 cdn.tinypass.com — Cisco Umbrella Rank: 7771 buy.tinypass.com — Cisco Umbrella Rank: 8867	123 KB
3	atmtd.com scripts.atmtd.com — Cisco Umbrella Rank: 98200 floors.atmtd.com — Cisco Umbrella Rank: 200925 e01.atmtd.com — Cisco Umbrella Rank: 137961	145 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1233 id5-sync.com — Cisco Umbrella Rank: 645	29 KB
3	33across.com 1 redirects cdn-ima.33across.com — Cisco Umbrella Rank: 1594 lexicon.33across.com — Cisco Umbrella Rank: 2352	7 KB
3	qortex.ai tags.qortex.ai — Cisco Umbrella Rank: 54252 events.qortex.ai — Cisco Umbrella Rank: 38676	15 KB
3	torontosun.com torontosun.com — Cisco Umbrella Rank: 591668	56 KB
2	trueanthem.com static.trueanthem.com — Cisco Umbrella Rank: 33813	12 KB
2	ribn.com assets.ribn.com — Cisco Umbrella Rank: 176082	8 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	4 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 9677	126 B
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 4801 p1.parsely.com — Cisco Umbrella Rank: 3692	23 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	73 KB
2	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 10021	61 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1314	5 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 689	840 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1256 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296	13 KB
2	microsoft.com edge-auth.microsoft.com — Cisco Umbrella Rank: 32969	281 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104
1	piano.io c2.piano.io — Cisco Umbrella Rank: 7249	2 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1187	286 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 383	703 B
1	prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 338976	383 B
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 553	431 B
1	pippio.com pippio.com — Cisco Umbrella Rank: 1285	572 B
1	flipp.com p.flipp.com — Cisco Umbrella Rank: 17888
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1622	17 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	1 KB
1	permutive.app 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 232811	141 KB
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 12713	3 KB
1	flippback.com cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 17244	30 KB
1	automatad.com go.automatad.com — Cisco Umbrella Rank: 98499	2 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 5527	34 KB
1	rubiconproject.com micro.rubiconproject.com — Cisco Umbrella Rank: 4157	190 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
166	52

	Domain	Requested by
25	dcs-static.gprod.postmedia.digital	torontosun.com dcs-static.gprod.postmedia.digital
8	www.googletagmanager.com	fem.gprod.postmedia.digital jssdkcdns.mparticle.com www.googletagmanager.com
5	smartcdn.gprod.postmedia.digital	torontosun.com
5	cdn.taboola.com	torontosun.com cdn.taboola.com
5	sb.scorecardresearch.com	2 redirects torontosun.com fem.gprod.postmedia.digital
4	analytics.google.com	www.googletagmanager.com
4	cdn.viafoura.net	fem.gprod.postmedia.digital cdn.viafoura.net
4	postmedia.hub.loginradius.com	fem.gprod.postmedia.digital auth.lrcontent.com
4	fonts.gstatic.com	fonts.googleapis.com
3	events.newsroom.bi	sdk.mrf.io
3	cdn.cxense.com	cdn.tinypass.com cdn.cxense.com
3	identity.mparticle.com	jssdkcdns.mparticle.com
3	api.permutive.com	23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
3	fem.gprod.postmedia.digital	torontosun.com fem.gprod.postmedia.digital
3	c.amazon-adsystem.com	torontosun.com c.amazon-adsystem.com
3	torontosun.com	dcs-static.gprod.postmedia.digital
2	static.trueanthem.com	www.googletagmanager.com static.trueanthem.com
2	assets.ribn.com	www.googletagmanager.com torontosun.com
2	www.facebook.com	torontosun.com
2	config.lrcontent.com	auth.lrcontent.com
2	www.google.ca	torontosun.com
2	td.doubleclick.net	www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	connect.facebook.net	torontosun.com connect.facebook.net
2	sdk.mrf.io	torontosun.com sdk.mrf.io
2	api.fullcontact.com	tags.fullcontact.com
2	vidanalytics.taboola.com	cdn.taboola.com
2	unpkg.com	1 redirects torontosun.com
2	jssdks.mparticle.com	jssdkcdns.mparticle.com
2	api.viafoura.co	cdn.viafoura.net
2	id5-sync.com	cdn.id5-sync.com
2	cm.g.doubleclick.net	2 redirects torontosun.com
2	lexicon.33across.com	1 redirects torontosun.com
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	idsync.rlcdn.com	2 redirects
2	edge-auth.microsoft.com	torontosun.com edge-auth.microsoft.com
2	auth.lrcontent.com	torontosun.com cdn.viafoura.net
2	tags.qortex.ai	torontosun.com tags.qortex.ai
2	securepubads.g.doubleclick.net	torontosun.com securepubads.g.doubleclick.net
1	www.gstatic.com	www.google.com
1	www.google.com	auth.lrcontent.com
1	buy.tinypass.com	cdn.tinypass.com
1	id.cxense.com	cdn.cxense.com
1	p1.parsely.com	torontosun.com
1	www.google-analytics.com	www.googletagmanager.com
1	rp4.liadm.com	torontosun.com
1	rp.liadm.com	1 redirects
1	cdn.parsely.com	www.googletagmanager.com
1	i.viafoura.co	cdn.viafoura.net
1	idx.liadm.com	d-code.liadm.com
1	c2.piano.io	cdn.tinypass.com
1	d-code.liadm.com	tags.fullcontact.com
1	cdn.tinypass.com	experience.tinypass.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	googlesync.permutive.com	torontosun.com
1	jssdkcdns.mparticle.com	fem.gprod.postmedia.digital
1	tags.fullcontact.com	fem.gprod.postmedia.digital
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	experience.tinypass.com	fem.gprod.postmedia.digital
1	ib.adnxs.com	23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1	23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co	23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1	e01.atmtd.com	scripts.atmtd.com
1	gum.criteo.com	cdn.taboola.com
1	pippio.com	torontosun.com
1	p.flipp.com	cdn-gateflipp.flippback.com
1	floors.atmtd.com	micro.rubiconproject.com
1	scripts.atmtd.com	go.automatad.com
1	cdn.id5-sync.com	torontosun.com
1	cdn-ima.33across.com	torontosun.com
1	tags.crwdcntrl.net	torontosun.com
1	secure.cdn.fastclick.net	torontosun.com
1	events.qortex.ai	tags.qortex.ai
1	cdn.jsdelivr.net	micro.rubiconproject.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app	fem.gprod.postmedia.digital
1	www.npttech.com	torontosun.com
1	cdn-gateflipp.flippback.com	torontosun.com
1	go.automatad.com	torontosun.com
1	ak.sail-horizon.com	torontosun.com
1	micro.rubiconproject.com	torontosun.com
1	fonts.googleapis.com	torontosun.com
166	81

This site contains links to these domains. Also see Links.

Domain
driving.ca
torontosun.remembering.ca
classifieds.torontosun.com
torontosun.adperfect.com
working.torontosun.com
shopping.torontosun.com
www.flyercity.ca
epaper.torontosun.com
www.puzzmo.com
chatterboxnorth.ca
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
www.postmediasolutions.com
adregistry.postmedia.com
www.postmedia.com

Subject Issuer	Validity	Valid
torontosun.com WR3	`2024-08-10` - `2024-11-08`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
gprod.postmedia.digital WR3	`2024-08-28` - `2024-11-26`	3 months	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M02	`2023-12-04` - `2024-12-30`	a year	crt.sh
qortex.ai WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
go.automatad.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
flippback.com Amazon RSA 2048 M02	`2024-08-18` - `2025-09-16`	a year	crt.sh
lrcontent.com WE1	`2024-07-25` - `2024-10-23`	3 months	crt.sh
edge-auth.microsoft.com Microsoft Azure RSA TLS Issuing CA 04	`2024-08-16` - `2025-08-11`	a year	crt.sh
npttech.com WE1	`2024-08-20` - `2024-11-18`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2024-03-05` - `2024-12-31`	10 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2024-08-07` - `2025-08-07`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
id5-sync.com WE1	`2024-08-02` - `2024-10-31`	3 months	crt.sh
atmtd.com Cloudflare Inc ECC CA-3	`2024-07-28` - `2024-12-31`	5 months	crt.sh
flipp.com Amazon RSA 2048 M02	`2024-06-30` - `2025-07-28`	a year	crt.sh
*.loginradius.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-12` - `2024-11-11`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-26` - `2024-11-20`	3 months	crt.sh
e01.atmtd.com R10	`2024-07-27` - `2024-10-25`	3 months	crt.sh
*.prmutv.co E6	`2024-08-19` - `2024-11-17`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
tinypass.com WE1	`2024-07-12` - `2024-10-10`	3 months	crt.sh
viafoura.com Amazon RSA 2048 M03	`2024-07-09` - `2025-08-07`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.fullcontact.com Amazon RSA 2048 M02	`2023-12-06` - `2025-01-02`	a year	crt.sh
jssdkcdns.mparticle.com Go Daddy Secure Certificate Authority - G2	`2024-05-02` - `2025-06-03`	a year	crt.sh
api.permutive.com R11	`2024-08-19` - `2024-11-17`	3 months	crt.sh
*.id5-sync.com E5	`2024-09-01` - `2024-11-30`	3 months	crt.sh
*.eu-1-id5-sync.com R10	`2024-09-01` - `2024-11-30`	3 months	crt.sh
identity.mparticle.com Go Daddy Secure Certificate Authority - G2	`2024-05-08` - `2025-06-09`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-14` - `2025-02-14`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2024-02-25` - `2024-12-31`	10 months	crt.sh
jssdks.mparticle.com Go Daddy Secure Certificate Authority - G2	`2023-09-16` - `2024-10-17`	a year	crt.sh
api.fullcontact.com Amazon RSA 2048 M03	`2023-10-12` - `2024-11-09`	a year	crt.sh
sdk.mrf.io WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-18` - `2024-09-16`	3 months	crt.sh
*.parsely.com Amazon RSA 2048 M03	`2024-04-05` - `2025-05-04`	a year	crt.sh
*.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.ca WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
ssl03.cert.cl11.k8s.mrf.io E6	`2024-08-05` - `2024-11-03`	3 months	crt.sh
ribn.com WE1	`2024-08-14` - `2024-11-12`	3 months	crt.sh
trueanthem.com WE1	`2024-07-15` - `2024-10-13`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://torontosun.com/news/local-news/levy-state-of
Frame ID: 4FB45EE2FEE165E0A35E0ECCDBBC2F23
Requests: 152 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v110.1/xd.html
Frame ID: F2D03401E79C219AEF442B22BA45AB33
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 204271E73E1995FCBC512E712F001E7D
Requests: 1 HTTP requests in this frame

Frame: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=09152a38-299b-49fe-81c5-3e4fe41e79fd&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Frame ID: DFD6A0B6327BC9B7C4D152EACE49EE77
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 32745CE79DB45A035A59B92D1A8FC459
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-H792QCFZPV&gacid=1374569483.1725891220&gtm=45je4940v880952819z8854753396za200zb854753396&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1833511609
Frame ID: A63B275FAED0FDA992E889CDA7C1DF04
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-72QH41ZTMR&gacid=1374569483.1725891220&gtm=45je4940v880952817z879194588za200zb79194588&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=546516006
Frame ID: 7CE96124E8935A554E4BD1FE0F6013F0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 6527444D6CCFAEBA1159DF76350DF6A4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Toronto Sun

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

166
Requests

95 %
HTTPS

32 %
IPv6

52
Domains

81
Subdomains

75
IPs

4
Countries

3889 kB
Transfer

12338 kB
Size

80
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://driving.ca/find-compare/
Title: Vehicle Research

Search URL Search Domain Scan URL

URL: http://driving.ca/category/reviews/
Title: Reviews

Search URL Search Domain Scan URL

URL: http://driving.ca/category/auto-news/
Title: News

Search URL Search Domain Scan URL

URL: https://driving.ca/category/features/gear-guide/
Title: Gear Guide

Search URL Search Domain Scan URL

URL: https://torontosun.remembering.ca/
Title: Remembering

Search URL Search Domain Scan URL

URL: https://torontosun.remembering.ca/select-notice-type/
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://classifieds.torontosun.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://torontosun.adperfect.com/
Title: Place an Ad

Search URL Search Domain Scan URL

URL: https://classifieds.torontosun.com/toronto/business-card-directory/search/
Title: Business Card Directory

Search URL Search Domain Scan URL

URL: https://classifieds.torontosun.com/toronto/celebrations/search/
Title: Celebrations

Search URL Search Domain Scan URL

URL: https://working.torontosun.com/
Title: Working

Search URL Search Domain Scan URL

URL: https://shopping.torontosun.com/
Title: Business Ads

Search URL Search Domain Scan URL

URL: https://www.flyercity.ca/
Title: This Week's Flyers

Search URL Search Domain Scan URL

URL: https://epaper.torontosun.com/
Title: ePaper

Search URL Search Domain Scan URL

URL: https://www.puzzmo.com/+/torontosun/
Title: Puzzmo

Search URL Search Domain Scan URL

URL: https://chatterboxnorth.ca/torontosun/
Title: Manage Print Subscription

Search URL Search Domain Scan URL

URL: https://www.facebook.com/torontosun/

Search URL Search Domain Scan URL

URL: https://twitter.com/TheTorontoSun

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCkjNuLzfw5Ep7EJuMdeFylw

Search URL Search Domain Scan URL

URL: https://www.instagram.com/torontosunonline/

Search URL Search Domain Scan URL

URL: https://www.postmediasolutions.com/contact-us/
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://adregistry.postmedia.com/
Title: Digital Ad Registry

Search URL Search Domain Scan URL

URL: https://www.postmedia.com/brands

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://sb.scorecardresearch.com/cs/10276888/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 55

https://sb.scorecardresearch.com/b?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1725891212727&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&c8=Toronto%20Sun&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1725891212727&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&c8=Toronto%20Sun&c9=

Request Chain 56

https://idsync.rlcdn.com/712559.gif?partner_uid=be42331f-a1ab-49a4-b4f8-bd87cbfe9ac9 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJGJlNDIzMzFmLWExYWItNDlhNC1iNGY4LWJkODdjYmZlOWFjORAAGg0IjYX8tgYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=03ade173be227470eae661e62c30772e8c6b6bed341d9e2cd706a2f324e5503b791426b5417dce21&_=2

Request Chain 65

https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=aps&ver=1.13.1 HTTP 307
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=aps&ver=1.13.1&b=1&tp=Y5h2i%2BQRytV53JPaiIBGoLJ6YrQWUsf46QZ0ty4VPqk%3D

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=0562e3d9-4609-4933-b5ca-2b86de34ce71&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=0562e3d9-4609-4933-b5ca-2b86de34ce71&gdpr=0&google_tc= HTTP 302
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESECtlLTdlqqgq_RheE6bDhfA&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=0562e3d9-4609-4933-b5ca-2b86de34ce71&gdpr=0&google_cver=1

Request Chain 112

https://unpkg.com/web-vitals@3/dist/web-vitals.attribution.iife.js HTTP 302
https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.attribution.iife.js

Request Chain 113

https://id5-sync.com/i/1674/8.gif?o=api&id5id=ID5*keH5AnTQ0sIQ53AvqEdxzglhF9mrAO-ZeRABt1yPuuXDBVFz4IL1rgkXCHsRQDgU&gdpr_consent=undefined&gdpr=false HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F429%2F7%2F2.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F429%2F7%2F2.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0&rdf=1 HTTP 302
https://id5-sync.com/c/1674/429/7/2.gif?puid=5D45139A-373C-4286-9DEA-2FA0129AEC7C&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=14719fe3-2571-417b-bda3-a04b436cc302&ttl=%%TTL%% HTTP 302
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F434%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
https://id5-sync.com/c/1674/434/5/4.gif?puid=563c63e1-ee95-4e9f-9a2b-e69f50b2b843&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F441%2F4%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/1674/441/4/5.gif?puid=u_190329fe-1877-4191-a16c-19bbb2b3607f&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/1674/2/3/6.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F2%2F3%2F6.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/1674/2/3/6.gif?puid=9079213231228108371&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F112%2F2%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F112%2F2%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/1674/112/2/7.gif?puid=F6564ED135BB5A0E&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F108%2F1%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F108%2F1%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/1674/108/1/8.gif?puid=3f3fe8e2-1e41-43ad-84e5-20b45d8a19f2&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RjY1NjRFRDEzNUJCNUEwRQ%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-e88bgAkTouQ-sU9cnrCu_bjWuV_ZLvmNycDXqFZ7hQ

Request Chain 129

https://rp.liadm.com/j?dtstmp=1725891219530&did=did-004q&se=e30&duid=fd9804c9473c--01j7bj42vr6vsenvgfrvdnrzak&tv=v3.0.10&pu=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&ext__pubcid=045ca156-1228-4a90-945b-f35d218db23b&wpn=lc-bundle&wpv=v3.0.10&cd=.torontosun.com&c=PHRpdGxlPlRvcm9udG8gU3VuPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly90b3JvbnRvc3VuLmNvbS9uZXdzL2xvY2FsLW5ld3MvbGV2eS1zdGF0ZS1vZiI-PHRpdGxlIGlkPSJ0c3VuTG9nbyI-VG9yb250byBTdW48L3RpdGxlPjx0aXRsZT5Vc2VyPC90aXRsZT48aDEgY2xhc3M9InRoZTQwNF9faGVhZGluZyI-NDA0PGJyPk1pc3NpbmcgcGFnZTwvaDE- HTTP 302
https://rp4.liadm.com/j?dtstmp=1725891219530&did=did-004q&se=e30&duid=fd9804c9473c--01j7bj42vr6vsenvgfrvdnrzak&tv=v3.0.10&pu=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&ext__pubcid=045ca156-1228-4a90-945b-f35d218db23b&wpn=lc-bundle&wpv=v3.0.10&cd=.torontosun.com&c=PHRpdGxlPlRvcm9udG8gU3VuPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly90b3JvbnRvc3VuLmNvbS9uZXdzL2xvY2FsLW5ld3MvbGV2eS1zdGF0ZS1vZiI-PHRpdGxlIGlkPSJ0c3VuTG9nbyI-VG9yb250byBTdW48L3RpdGxlPjx0aXRsZT5Vc2VyPC90aXRsZT48aDEgY2xhc3M9InRoZTQwNF9faGVhZGluZyI-NDA0PGJyPk1pc3NpbmcgcGFnZTwvaDE-&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjEw

166 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request levy-state-of Show response
torontosun.com/news/local-news/ 239 KB
32 KB 540ms
87ms Document
text/html 34.117.147.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://torontosun.com/news/local-news/levy-state-of

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.147.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

204.147.117.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

8890f286a1c30ce3fc996087571af716ac09b2f69b678854675710a530ffb666

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-language: en
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type: text/html; charset=utf-8
date: Mon, 09 Sep 2024 14:13:29 GMT
permissions-policy: autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
vary: Accept-Encoding,Accept-Language
via: 1.1 google
x-content-type-options: nosniff
x-envoy-decorator-operation: pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
x-envoy-upstream-service-time: 59
x-frame-options: SAMEORIGIN
x-pmd-backend: pmd-nginx-proxy-864d96d8c4-2t9rt

GET
H2 200 css
fonts.googleapis.com/ 11 KB
2 KB 870ms
69ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap

Requested by

Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12efbe2db232da135bb9a26a79d1a172bf48319f6e6dbbf60320c6f16e1a48cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Sep 2024 14:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Sep 2024 13:55:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Sep 2024 14:13:30 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 102 KB
32 KB 699ms
59ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

134c97ce633bf82631dc50bcc98d548fa8951003aba01bd426b3dcb61067819d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32418
x-xss-protection: 0
server: cafe
etag: 513 / 19975 / 31086851 / config-hash: 10756983035877724982
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 Sep 2024 14:13:30 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 324 KB
80 KB 825ms
26ms Script
application/javascript 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fdb7c12792ebd6e785128456249178e9b508c9677a300df8fbc6e7520147baa

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 13:31:01 GMT
content-encoding: gzip
via: 1.1 613faec4b883bfe2ebdd8a74d5006f4c.cloudfront.net (CloudFront), 1.1 410372c9ac35ccad4a4fd5dbf80c9f38.cloudfront.net (CloudFront)
last-modified: Wed, 28 Aug 2024 22:46:41 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK50-P3
age: 2550
x-amz-server-side-encryption: AES256
etag: W/"907cbdd883935369790d45cc9bd9e8b7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: cO74vAUl715eJHlk6zt_51QrafKg9V78ZwO-mAidnx851no9uSMdWw==

GET
H2 200 14648.js Show response
micro.rubiconproject.com/prebid/dynamic/ 626 KB
190 KB 834ms
36ms Script
text/javascript 23.205.2.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.2.235 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-2-235.deploy.static.akamaitechnologies.com
Software: Apache/2.4.59 (Debian) PHP/8.3.8 OpenSSL/3.0.11 /
Resource Hash: 3c6dca214089cd4df1f188267d6f42e917ea662a14332d0a2e8627a56431207b

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:30 GMT
content-encoding: gzip
server: Apache/2.4.59 (Debian) PHP/8.3.8 OpenSSL/3.0.11
vary: accept-encoding, referer
edge-cache-tag: prod-prebid-14648_The_Toronto_Sun.js
content-type: text/javascript;charset=UTF-8
cache-control: public, must-revalidate, max-age=14400
content-length: 194241
expires: Tue, 10 Sep 2024 05:25:42 GMT

GET
H2 200 output.6e1442a4ed58.css
dcs-static.gprod.postmedia.digital/16.9.2/CACHE/css/ 29 KB
3 KB 853ms
55ms Stylesheet
text/css 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/css/output.6e1442a4ed58.css
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6e1442a4ed58986cc47bc718ab9b6b434c367cf0e8f900309318b0bb78412076

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 17:27:31 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1725025540
age: 420359
x-guploader-uploadid: AD-8ljvOKgelSf_t8NhbGSzwgJ_pEYFCeDEPDdHspA_uvTPPy_RrXV-Sse_c1D1D5wl9TwpyxX8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2525
last-modified: Wed, 04 Sep 2024 17:06:45 GMT
server: UploadServer
etag: W/"b7a647d33a942f66aa1ac13992367407"
vary: Accept-Encoding
x-goog-generation: 1725469605317039
x-goog-hash: crc32c=0StZFg==, md5=t6ZH0zqUL2aqGsE5kjZ0Bw==
access-control-allow-origin: *
content-type: text/css
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 29822
accept-ranges: none

GET
H2 200 output.edf320e54478.css
dcs-static.gprod.postmedia.digital/16.9.2/CACHE/css/ 96 KB
16 KB 821ms
24ms Stylesheet
text/css 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/css/output.edf320e54478.css
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7c716d0f2f83a533361dcae7162065f1acebb02f1354686bf4374238c751e5de

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:42:46 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1725025540
age: 322244
x-guploader-uploadid: AD-8ljum9roSVk_wgizozxjIFjC48BcX1OG0OMNGyUIatZtOOB5QROxfJkjkO6SAwIMnurE92xo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15810
last-modified: Wed, 04 Sep 2024 17:06:47 GMT
server: UploadServer
etag: W/"7b7f67bf48b00e22227c027fc1e24665"
vary: Accept-Encoding
x-goog-generation: 1725469607075771
x-goog-hash: crc32c=PbdqJg==, md5=e39nv0iwDiIifAJ/weJGZQ==
access-control-allow-origin: *
content-type: text/css
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 98651
accept-ranges: none

GET
H2 200 output.d6b61bbe44e6.css
dcs-static.gprod.postmedia.digital/16.9.2/CACHE/css/ 73 KB
8 KB 821ms
24ms Stylesheet
text/css 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/css/output.d6b61bbe44e6.css
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 63b90661a7fa25d46eaf0dd3d0d80afc5be6d8c6bf1bc3d8de939df43c3ddc2c

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 17:28:09 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1725025540
age: 420321
x-guploader-uploadid: AD-8ljuCbXBqppActbPdPE9ilbHlq7NzO9xwIEydl27WzmJDOj1AoKzHlJhjb1hrDlAbDzzUT4y8LTq4Dw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
last-modified: Wed, 04 Sep 2024 17:06:46 GMT
server: UploadServer
etag: W/"e3a03f9e4a4ee25a754beed76826ef60"
vary: Accept-Encoding
x-goog-generation: 1725469606631743
x-goog-hash: crc32c=zr6G+g==, md5=46A/nkpO4lp1S+7XaCbvYA==
access-control-allow-origin: *
content-type: text/css
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 75046
accept-ranges: none

GET
H2 200 output.d824cd9adec0.css
dcs-static.gprod.postmedia.digital/16.9.2/CACHE/css/ 2 KB
793 B 848ms
51ms Stylesheet
text/css 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/css/output.d824cd9adec0.css
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d824cd9adec02120ce914792a4f8df10dc72e68bbcdf158c5e49fea2464fd99a

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 08 Sep 2024 23:27:40 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1725025540
age: 53150
x-guploader-uploadid: AD-8ljsYgBX1-2iTLmYJmRMHyp9q8NFkBYeCCsL13946M_p1CVXaTnC_KTbAQ14pgVX94ZUYcVU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 571
last-modified: Wed, 04 Sep 2024 17:06:46 GMT
server: UploadServer
etag: W/"5ac9a8e6c4872078245dbeebd2c4eacb"
vary: Accept-Encoding
x-goog-generation: 1725469606726306
x-goog-hash: crc32c=bp+T8A==, md5=Wsmo5sSHIHgkXb7r0sTqyw==
access-control-allow-origin: *
content-type: text/css
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 1601
accept-ranges: none

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 103 KB
34 KB 851ms
55ms Script
application/javascript 13.225.63.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-110.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 304a596bb9715360b71c3002d94553e04943f56dffbbefcf5c3ce3efc60db4a5

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:08:33 GMT
content-encoding: gzip
via: 1.1 c9fc8eca0b2b3a083a77fd1cf662c1a8.cloudfront.net (CloudFront)
last-modified: Thu, 06 Jun 2024 16:53:02 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 298
x-amz-server-side-encryption: AES256
etag: W/"0a63286546fdaeb63f5762369bd1c4ff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: erkxaKgx7mosnYzUI-tTBTkhcxIJf7ewAzlRQq3rAzRnxt_2ct6myw==

GET
H2 200 fem.js Show response
fem.gprod.postmedia.digital/v110.1/ 342 KB
81 KB 807ms
15ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fem.gprod.postmedia.digital/v110.1/fem.js
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 789f444ec23aaaa66971b7e515b952030812f9ee80bb4d40f229e14819a252b0

Request headers

Referer: https://torontosun.com/
Origin: https://torontosun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 05:06:26 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1723834602
age: 205624
x-guploader-uploadid: AD-8ljtB5lf_nrSbQB64K9s86WQo7JZjf1aUCL01-PcYG-sZXasCXP1FGOrtgsDZqxAbhQIVxLdxgNo0ggiRaFY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82290
last-modified: Fri, 16 Aug 2024 18:57:03 GMT
server: UploadServer
etag: W/"238b2365fa2208486daa7e7ca44a9c69"
vary: Accept-Encoding
x-goog-generation: 1723834623768074
x-goog-hash: crc32c=ss/Z/Q==, md5=I4sjZfoiCEhtqn58pEqcaQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 349709
accept-ranges: none
content-type: application/javascript

GET
H2 200 bootstrapper Show response
tags.qortex.ai/ 26 KB
5 KB 618ms
62ms Script
application/javascript 2606:4700:20::681a:3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.qortex.ai/bootstrapper?group-id=QiUOkGRFYUWNdgFd8CThQ&video-container=.jw-wrapper&continuous-load=true
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 02c5ffc45100bfa72a88b1cf8ca400026c683c45b00e1f41504557c3ab7b710a

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Aug 2024 12:47:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 93
etag: W/"137"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gLEulDJxaK2bdOLGY22Bmu5fQpe54%2FQyt9t0DhaPJxoU1s7OJ37jXQ8hu%2BzRSZ5T%2F%2FdbX8pJuSM7KFvKpPWgcB5hWwujiWNOP4j6liC9EY9iUzx61byQBorYL37NRlS9vx5s0NCAiB4zywN9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8c07c7862934a250-YYZ

GET
H3 200 afihbs.js Show response
go.automatad.com/geo/BQuheW/ 5 KB
2 KB 734ms
234ms Script
application/javascript 172.67.22.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.automatad.com/geo/BQuheW/afihbs.js
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.22.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe0305a892613f25ab92b692f00ecef1b2b00d4e408b12ab14c75b66586bfdb7

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:31 GMT
x-amz-version-id: q2kZ4ifZRfB5HbAjQmJg4oq2GmOoTswL
content-encoding: br
cf-cache-status: HIT
age: 873
x-amz-request-id: Q2V06MY49QQTY8S8
x-amz-server-side-encryption: AES256
x-automatad-hbs-version: v2
alt-svc: h3=":443"; ma=86400
x-amz-id-2: EOLoK5cVeTgKysaKuSFuMdVPgEF1Kax10zZrsjCmjcc0xrDnQfhPvpxMQ9kou0/6wHJGyqq+xOo=
last-modified: Tue, 13 Aug 2024 08:44:20 GMT
server: cloudflare
etag: W/"9d52120cc71743a1dbd8668f53b19c03"
vary: Accept-Encoding
content-type: application/javascript
x-automatad-country: CA
cache-control: max-age=120
cf-ray: 8c07c7860a30544f-YYZ
x-automatad-device: W

GET
H2 200 flipptag.js Show response
cdn-gateflipp.flippback.com/tag/js/ 84 KB
30 KB 582ms
64ms Script
application/javascript 108.139.29.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201179443
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-52.jfk50.r.cloudfront.net
Software: envoy /
Resource Hash: 6a8a53bd115acd2b119a42b0943d57667498975cc19009011d780da5d5edd4be

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:31 GMT
content-encoding: gzip
via: 1.1 e42e8491a089e2183879e26e61dae708.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: JFK50-P2
vary: Origin,Origin, Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-store
x-envoy-upstream-service-time: 4
x-amz-cf-id: aG3InmAkBqK-JVPWAg4fLhXtXy1IoLgZkPQ2tc79naIQg068v3Zr0Q==

GET
H2 200 icon-close-black.svg
dcs-static.gprod.postmedia.digital/16.9.2/websites/images/common-icon/ 378 B
650 B 57ms
17ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/images/common-icon/icon-close-black.svg
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 15b54a90686829d59ef0c2bc6a9e2e82b6a11536be56acf2b4ff414b081c891d

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 17:27:23 GMT
x-goog-meta-goog-reserved-file-mtime: 1725025539
age: 420367
x-guploader-uploadid: AD-8lju_2zd2P6vdxjXHNcts8jKZmGQptf4o7cx_dlQJmLLrlVAHGYEn6FLDl2530BW5HKexCCsMi4tNBA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 378
last-modified: Wed, 04 Sep 2024 17:07:06 GMT
server: UploadServer
etag: "6b517647b75beac7cede4e634ea51094"
x-goog-generation: 1725469626509979
x-goog-hash: crc32c=wbQwCg==, md5=a1F2R7db6sfO3k5jTqUQlA==
access-control-allow-origin: *
content-type: image/svg+xml
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 378
accept-ranges: bytes

GET
H2 200 LoginRadiusV2.js Show response
auth.lrcontent.com/v2/js/ 237 KB
55 KB 844ms
55ms Script
text/javascript 2606:4700::6812:4eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.lrcontent.com/v2/js/LoginRadiusV2.js

Requested by

Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c1cd912006884427e5b206fc39d264ff7c80ffb5fbb0935b68eb4b403f8d4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:30 GMT
strict-transport-security: max-age= 63072000; includeSubdomains; preload
via: 1.1 05515d3ee39ade93c9eed3120029b212.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: gzip
x-amz-cf-pop: YUL62-P1
age: 934
cf-polished: origSize=1487410
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Mon, 02 Sep 2024 05:54:20 GMT
server: cloudflare
etag: W/"e85ad246d3435e0a8bfdf64227a02401"
vary: Origin, Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-ray: 8c07c780ed90a29a-YUL
x-amz-cf-id: Pl52zSWkXCZOJWiEqjs-qDpHA0YUGD6LMH9aq50DIU1MKMUKVis2aQ==
expires: Mon, 09 Sep 2024 18:13:30 GMT

GET
H2 200 ms_auth_client.min.js Show response
edge-auth.microsoft.com/js/ 280 KB
281 KB 585ms
67ms Script
text/javascript 13.107.6.158
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-auth.microsoft.com/js/ms_auth_client.min.js

Requested by

Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

bingforbusiness.com

Software

Resource Hash

33cc6e61cbb1addafa75cc8ed40216823ee7e50631bb8d2b71eda77ca81a77f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'strict-dynamic' 'nonce-N9GUmoQ/v3VctW+bZXijFvyFr5jqBQMP2n8Z2uyRRTs2urBvkYkQXEoSB/KhfEEF+jUYI/gFIvHxoqXPpsA6lO9rfvVbXCVV+J/tg9pAShbPlzJpdySOLjrbYZqWL7jX2JfjYxkpyTDk8IZIAPYBXYBoyOVKbEaYdEMMPNrHVCo=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: script-src 'strict-dynamic' 'nonce-N9GUmoQ/v3VctW+bZXijFvyFr5jqBQMP2n8Z2uyRRTs2urBvkYkQXEoSB/KhfEEF+jUYI/gFIvHxoqXPpsA6lO9rfvVbXCVV+J/tg9pAShbPlzJpdySOLjrbYZqWL7jX2JfjYxkpyTDk8IZIAPYBXYBoyOVKbEaYdEMMPNrHVCo=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
date: Mon, 09 Sep 2024 14:13:30 GMT
last-modified: Wed, 14 Aug 2024 11:32:28 GMT
x-msedge-ref: Ref A: 743AD2E8F53D4E39BC4E30FD7300063B Ref B: EWR311000108049 Ref C: 2024-09-09T14:13:31Z
etag: "1daee3da46ab1c4"
x-cache: CONFIG_NOCACHE
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 286660

GET
H2 200 main.9848e8b2a5a2.js Show response
dcs-static.gprod.postmedia.digital/16.9.2/CACHE/js/ 81 KB
28 KB 804ms
17ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/js/main.9848e8b2a5a2.js
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4f4143f7f86c1d683680ac81953e5f23b0008f05e6ff5a3661a92341f17e95f4

Request headers

Referer: https://torontosun.com/
Origin: https://torontosun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 17:27:31 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1725025539
age: 420359
x-guploader-uploadid: AD-8ljvPE8VFY4SUCqyJASNyy2dIvsAtNJ1EHDydlidC1XnJH44w4lFb3ioVBFO1Ejbky15zt6Y
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27714
last-modified: Wed, 04 Sep 2024 17:06:47 GMT
server: UploadServer
etag: W/"c13456e6c0020564bc0a32c141270931"
vary: Accept-Encoding
x-goog-generation: 1725469607349479
x-goog-hash: crc32c=n0DQ/g==, md5=wTRW5sACBWS8CjLBQScJMQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 83282
accept-ranges: none
content-type: application/javascript

GET
H3 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 462ms
84ms Script
application/javascript 172.67.155.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:31 GMT
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 58ZRTSSD5B9HZBEA
age: 782
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ZcKFqyv0knUhRC9d3TvRpMqdVCia/y/cDbnp7kKYMf5WcSTEhEDEVDWj8zdgzZGBzP3w0NhAoag=
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
server: cloudflare
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hl65nWfQ2GB5JT7gs2wju7UwJucUcoPH3SbFyH%2F4vvEJW1XV2y8cjAQtmOfSHiawjlp6MPzLtLZb35MsoOscqNxeHx5hOd4XJY8lttQP%2Fk8MgSEfBusNMYUkj4Z2TNOwno4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
cf-ray: 8c07c7856e59a24c-YYZ

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/10276888/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

149ms
71ms

Script
application/javascript

108.139.47.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Server: 108.139.47.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-50.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 08 Sep 2024 23:08:29 GMT
content-encoding: gzip
via: 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:02:23 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 54303
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: bMgiB5DI44D4J8abjXT4YaPWqyOsYzkRmZ0PQymsY93XiUaVq28Tzw==

Redirect headers

date: Mon, 09 Sep 2024 14:13:31 GMT
via: 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: hCRr5BJ7KngTg3r6uGP6TiJ04LTyct-BByChywS3fYh0McN0MGvEPQ==

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/postmedia1-network/ 905 KB
247 KB 566ms
63ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbb6de1e8b6b7b98e612945463c49aa8939e106d209dc5b7b5a21342fd6e2902

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: IZIbbhzHROI1rwjfC_80kukWUE4SkLkO
content-encoding: gzip
via: 1.1 varnish
date: Mon, 09 Sep 2024 14:13:31 GMT
x-amz-request-id: Z509K3AVFPKZ1DFW
age: 1624
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 251996
x-amz-id-2: nmYv4kB1OfjbUCbRqvUooZFNbhH2wkbrnntCLj6fQ5qkq20qC68xUSOI4Hdc2+DbiBvLW4iXMjk=
x-served-by: cache-yul1970043-YUL
last-modified: Mon, 09 Sep 2024 13:46:23 GMT
server: AmazonS3
x-timer: S1725891211.222985,VS0,VE0
etag: "71fc64314cde048f7a153264dbd007e6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 94
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 108

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 452ms
145ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://torontosun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:46:30 GMT
x-content-type-options: nosniff
age: 322021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Sep 2025 20:46:30 GMT

GET
H2 200 NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
fonts.gstatic.com/s/heebo/v26/ 12 KB
12 KB 450ms
145ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/heebo/v26/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b740b764c32da039868fb07780caa7d55401fb92c17adfff3e07e31f74e9464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://torontosun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 08:56:59 GMT
x-content-type-options: nosniff
age: 278192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12228
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Sep 2025 08:56:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 359ms
56ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://torontosun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:46:33 GMT
x-content-type-options: nosniff
age: 322018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Sep 2025 20:46:33 GMT

GET
H3 200 postmedia-image-fallback.webp
dcs-static.gprod.postmedia.digital/16.9.2/websites/images/ 3 KB
3 KB 243ms
205ms Image
application/octet-stream 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/images/postmedia-image-fallback.webp
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 16:01:00 GMT
x-goog-meta-goog-reserved-file-mtime: 1725025537
age: 339151
x-guploader-uploadid: AD-8ljsLvP_6xhuhmykNVuAN3VLLgmxssKsQRp-aOXne0byQm6j3tL3-sDyAAkqbzjSKqiwvV-H-CCVCrg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2934
last-modified: Wed, 04 Sep 2024 17:07:14 GMT
server: UploadServer
etag: "496f3aa3adffbf2280dd5f74fb6eef8f"
x-goog-generation: 1725469634922410
x-goog-hash: crc32c=Qpf2ww==, md5=SW86o63/vyKA3V90+27vjw==
access-control-allow-origin: *
content-type: application/octet-stream
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 2934
accept-ranges: bytes

GET
H3 200 icon-soc-fb.svg
dcs-static.gprod.postmedia.digital/16.9.2/websites/images/share-icons/ 775 B
804 B 255ms
218ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/images/share-icons/icon-soc-fb.svg
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 05:17:23 GMT
x-goog-meta-goog-reserved-file-mtime: 1725025538
age: 377768
x-guploader-uploadid: AD-8ljtaREvvEyEW2L7CETamsRoFyTL3wOdvF4xW1iR3TSNjdSbA18Wp7FTs0WnHaXjYTxHW5pY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 775
last-modified: Wed, 04 Sep 2024 17:07:15 GMT
server: UploadServer
etag: "993353c51244defcc16154eac23ff88d"
x-goog-generation: 1725469635419974
x-goog-hash: crc32c=Z/aKUg==, md5=mTNTxRJE3vzBYVTqwj/4jQ==
access-control-allow-origin: *
content-type: image/svg+xml
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 775
accept-ranges: bytes

GET
H3 200 icon-soc-tw-white.svg
dcs-static.gprod.postmedia.digital/16.9.2/websites/images/share-icons/ 575 B
607 B 253ms
217ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/images/share-icons/icon-soc-tw-white.svg
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9e163e69a01d2ce1e0c682f1a658dfcda7ea0ce2fd370d697a4a9285c86ef6eb

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 17:27:19 GMT
x-goog-meta-goog-reserved-file-mtime: 1725025538
age: 420372
x-guploader-uploadid: AD-8ljs5Q_2J0mC9MmnR3kUBru8t0uOwNNbLMGgSrDo8fVmfMwsmGvfYAyCuZzbMCrvGy-iPoPzulXhRjA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 575
last-modified: Wed, 04 Sep 2024 17:07:15 GMT
server: UploadServer
etag: "962f9e913be056fe4b2f24db6048e72f"
x-goog-generation: 1725469635543828
x-goog-hash: crc32c=Lzt2WA==, md5=li+ekTvgVv5LLyTbYEjnLw==
access-control-allow-origin: *
content-type: image/svg+xml
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 575
accept-ranges: bytes

GET
H3 200 icon-soc-yt.svg
dcs-static.gprod.postmedia.digital/16.9.2/websites/images/share-icons/ 744 B
774 B 240ms
204ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/images/share-icons/icon-soc-yt.svg
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 13:57:32 GMT
x-goog-meta-goog-reserved-file-mtime: 1725025538
age: 346559
x-guploader-uploadid: AD-8ljuUcXWTddG6rhB7i04KKF3a4db8CmY5n1mhR0yC59k_wlm_kqdAnSqrO8PTBsZKXBSKVVf5DVqNWg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 744
last-modified: Wed, 04 Sep 2024 17:07:15 GMT
server: UploadServer
etag: "c7b3b346ada043e6e241bca3e7f698d0"
x-goog-generation: 1725469635568031
x-goog-hash: crc32c=8iXYKg==, md5=x7OzRq2gQ+biQbyj5/aY0A==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 744
accept-ranges: bytes
content-type: image/svg+xml

GET
H3 200 icon-soc-ig.svg
dcs-static.gprod.postmedia.digital/16.9.2/websites/images/share-icons/ 2 KB
751 B 252ms
216ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/images/share-icons/icon-soc-ig.svg
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:39:45 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1725025538
age: 275626
x-guploader-uploadid: AD-8ljtdyGhC1kqsU6nJ7Jhd_kkAe30WrftcV-gi4ApwP8mRXkpVLROsYwLPOzifI9g34OANUFqN2jDKCg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 720
last-modified: Wed, 04 Sep 2024 17:07:15 GMT
server: UploadServer
etag: W/"cf38c08bd0b7e49f4550f048b7c4e2cf"
vary: Accept-Encoding
x-goog-generation: 1725469635435804
x-goog-hash: crc32c=bCiZ9w==, md5=zzjAi9C35J9FUPBIt8Tizw==
access-control-allow-origin: *
content-type: image/svg+xml
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 1898
accept-ranges: none

GET
H3 200 logo-postmedia.svg
dcs-static.gprod.postmedia.digital/16.9.2/websites/images/ 2 KB
964 B 251ms
215ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/images/logo-postmedia.svg
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5fdf5757206da468353cbfe267bc6648d1c9bf49096cc6650e013f1414c0348f

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 09:59:23 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1725025538
age: 360848
x-guploader-uploadid: AD-8lju2Rd8O-O2AgEH2m1YHRlMB6GWmfKLZRQBo5uJXeW1_TvIq0LrbGAEWwFHAPi4ELRenRPlhOaFWWw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 933
last-modified: Wed, 04 Sep 2024 17:07:12 GMT
server: UploadServer
etag: W/"5528d37793c7e59928ecd37534c2364a"
vary: Accept-Encoding
x-goog-generation: 1725469632491899
x-goog-hash: crc32c=zqWBVw==, md5=VSjTd5PH5Zko7NN1NMI2Sg==
access-control-allow-origin: *
content-type: image/svg+xml
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 2251
accept-ranges: none

GET
H3 200 21cc9d2117bae576c81b3.js Show response
dcs-static.gprod.postmedia.digital/16.9.2/websites/js/ 16 KB
5 KB 153ms
78ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/js/21cc9d2117bae576c81b3.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/js/main.9848e8b2a5a2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 96da850789d5b230a3bd4a2a124bcb719716d46186f32a0c8ee09297e435254e

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 05:06:26 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1725025534
age: 205625
x-guploader-uploadid: AD-8ljt35-2XZks1PeKsXiOKxpb3_hHsQ7cVN-HsZgsiB02SGku-WyAGw7Qzho6jcQLLjnQFNRI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4728
last-modified: Wed, 04 Sep 2024 17:07:16 GMT
server: UploadServer
etag: W/"a85d161f8e533ab32bdd7c82417e3434"
vary: Accept-Encoding
x-goog-generation: 1725469636560754
x-goog-hash: crc32c=vwedow==, md5=qF0WH45TOrMr3XyCQX40NA==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 16095
accept-ranges: none

GET
H3 200 6110554f2898a871fc7951.js Show response
dcs-static.gprod.postmedia.digital/16.9.2/websites/js/ 26 KB
8 KB 153ms
79ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/js/6110554f2898a871fc7951.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/js/main.9848e8b2a5a2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b2ed21935f0861241c0d0483b604205ee065122d120bde02e1bffd2d2346744

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 08 Sep 2024 22:08:07 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1725025534
age: 57924
x-guploader-uploadid: AD-8ljuSyuPJRJefBDgkCHAkJj0mgBNk3wwxcN7z5ezC3orfYGf4TRf4bTTVj2IekwqnFDfQiHMybdZelEppGZA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7787
last-modified: Wed, 04 Sep 2024 17:07:16 GMT
server: UploadServer
etag: W/"86320d22de0c2c1ce921fe42d8cb7de2"
vary: Accept-Encoding
x-goog-generation: 1725469636925294
x-goog-hash: crc32c=eskL8A==, md5=hjINIt4MLBzpIf5C2Mt94g==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 26639
accept-ranges: none

GET
H3 200 dbc77849162159d63b0118.js Show response
dcs-static.gprod.postmedia.digital/16.9.2/websites/js/ 2 KB
752 B 141ms
82ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/js/dbc77849162159d63b0118.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/js/main.9848e8b2a5a2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 33d90fb972cd60019e9611c5682c2f4fc79fa109a76a236e8894121c6de8a452

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 05:06:26 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1725025534
age: 205625
x-guploader-uploadid: AD-8lju-7CjbU-YooW_jO7iHOCEDoCWX0i6cDduKzS9HOX2TWMISWPwnGkWdcsc5RahR9QVJdsdQoe9Dwg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 713
last-modified: Wed, 04 Sep 2024 17:07:17 GMT
server: UploadServer
etag: W/"34f62e4e09a9a9519e79c51fefde4fab"
vary: Accept-Encoding
x-goog-generation: 1725469637479522
x-goog-hash: crc32c=oKhaZw==, md5=NPYuTgmpqVGeecUf795Pqw==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 1598
accept-ranges: none

GET
H3 200 1ed11f59d12656f834d140.js Show response
dcs-static.gprod.postmedia.digital/16.9.2/websites/js/ 9 KB
3 KB 136ms
81ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/js/1ed11f59d12656f834d140.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/js/main.9848e8b2a5a2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: eb81b353cf79a30f060d68a2cc3dff0f39e0ba3ae8fea742ca85e1d920e824b5

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 05:06:26 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1725025534
age: 205625
x-guploader-uploadid: AD-8ljv_PSy3lIe_RAyplfam4ZKIWznSFxpQTbPIdByLOv6qg7Mww56DAILizW7i-pE0NFDW_Kw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3216
last-modified: Wed, 04 Sep 2024 17:07:16 GMT
server: UploadServer
etag: W/"e3368fa17b0a5800e6fd78b4aa812c6e"
vary: Accept-Encoding
x-goog-generation: 1725469636549933
x-goog-hash: crc32c=FiUjbg==, md5=4zaPoXsKWADm/Xi0qoEsbg==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 9442
accept-ranges: none

GET
H3 200 a6a7b3380e4c2730638416.js Show response
dcs-static.gprod.postmedia.digital/16.9.2/websites/js/ 3 KB
1 KB 135ms
80ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/js/a6a7b3380e4c2730638416.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/js/main.9848e8b2a5a2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3c509a8b1165e7cfba541b2fd2a3829dfbeedfaa434d61b25c31d80902f1a601

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 05:06:26 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1725025534
age: 205625
x-guploader-uploadid: AD-8ljsln-I1VH6gvI3QIpGxR-frtM17EInMkyw6Sk7B6qqDSWUALxgZQButrfirWLiuoxv8d-s
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1009
last-modified: Wed, 04 Sep 2024 17:07:17 GMT
server: UploadServer
etag: W/"cd0ce76b6c892e0bf7cee225c5d54975"
vary: Accept-Encoding
x-goog-generation: 1725469637280799
x-goog-hash: crc32c=La839Q==, md5=zQzna2yJLgv3zuIlxdVJdQ==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 3008
accept-ranges: none

GET
H2 200 xd.html
fem.gprod.postmedia.digital/v110.1/ Frame F2D0 0
0 274ms
9ms Document
text/html 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fem.gprod.postmedia.digital/v110.1/xd.html
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v110.1/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://torontosun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 617059
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31622400
content-length: 166
content-type: text/html
date: Mon, 02 Sep 2024 10:49:12 GMT
etag: "e5ce5a4b65a3602d76f4d3bac095db27"
last-modified: Fri, 16 Aug 2024 18:57:04 GMT
server: UploadServer
x-cache-hit: hit
x-goog-generation: 1723834624847733
x-goog-hash: crc32c=K97U1Q== md5=5c5aS2WjYC129NO6wJXbJw==
x-goog-meta-goog-reserved-file-mtime: 1723834602
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 166
x-guploader-uploadid: AD-8ljsW-Ek-uwkLQ1cnzTw_MOiDAHRk3dBPLW4UUlIZMzOYoOLngpJ4XpEMTT_FuiaabIKXz4w

GET
H2 200 23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Show response
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 609 KB
141 KB 377ms
35ms Script
application/javascript 2606:4700:4400::ac40:98f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v110.1/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5e5a232ab607a914f16f8ac936682b4c695e8d5fd0a40daa26ac7603c33363c

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:31 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 23dc09d6-b664-425a-a76e-0eed6a6cc102
age: 0
x-guploader-uploadid: AD-8ljtB4ZnZ_eQuSyXMQt9n2R6chx4svj0hiRf9MoggL53UypMIk0dNYOcrCLEZ861ms9n4Adg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
content-length: 143907
last-modified: Fri, 30 Aug 2024 16:50:21 GMT
server: cloudflare
etag: "62c60b708c80803b1dddd569c02808f2"
vary: Accept-Encoding
x-goog-generation: 1725036621276832
content-type: application/javascript
x-goog-hash: crc32c=bi4JjA==, md5=YsYLcIyAgDsd3dVpwCgI8g==
cache-control: public, max-age=900
x-goog-stored-content-length: 143907
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8c07c78abe036e06-YUL
expires: Mon, 09 Sep 2024 14:28:31 GMT

GET
H3 200 89e103422dfc197be331.js Show response
fem.gprod.postmedia.digital/v110.1/chunks/ 3 KB
1 KB 114ms
85ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fem.gprod.postmedia.digital/v110.1/chunks/89e103422dfc197be331.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v110.1/fem.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4cc7d4d710673de28581c0cd51cb06bb2acc6aee80be7ac688d31c3d3d163906

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 05:06:28 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1723834602
age: 205623
x-guploader-uploadid: AD-8ljuHegJibauR7jrBjkzXx6i_jUyFcCvM469xGnA_bjaUiSFoxsgoAsA-TNmIuHLBgaM4FhAMx0BB4g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1101
last-modified: Fri, 16 Aug 2024 18:57:02 GMT
server: UploadServer
etag: W/"96f3192615fa7ade535af6a92f6f87dc"
vary: Accept-Encoding
x-goog-generation: 1723834622896587
x-goog-hash: crc32c=d9cccg==, md5=lvMZJhX6et5TWvapL2+H3A==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 3187
accept-ranges: none

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/ 475 KB
148 KB 138ms
89ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409050101/pubads_impl.js?cb=31086851

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

9fd2f63c1c9cb94ccd7d258e81648758206f1a581780a73c30e657af74b6e3f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151712
x-xss-protection: 0
server: cafe
etag: 16156987026240680160
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 09 Sep 2025 14:09:06 GMT

GET
H2 200 3528 Show response
config.aps.amazon-adsystem.com/configs/ 531 B
799 B 187ms
21ms Script
application/javascript 108.138.106.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3528
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-56.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: c2e99cf57d0451726556751ae7a477c3007367909c02779afc6a09ebb2d9caf2

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 13:18:18 GMT
via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
age: 3314
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 531
x-amz-cf-id: 2Y13ITv7X7WMkBVLTAXf0mwOqVFvY9j-nnru-lMQoIHx28Clzm9CBA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
3 KB 79ms
27ms XHR
application/json 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Ftorontosun.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: 9e229513af6ce1b4cfdc5a43b455654b9526f8fc446d650246eb3036e14a8d77

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 09:47:42 GMT
via: 1.1 410372c9ac35ccad4a4fd5dbf80c9f38.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
age: 15949
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://torontosun.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2306
x-amz-cf-id: Xr1GnqVXIvteFtBfzbjmBJiLI1fCzoRw1HqLLV3OCyRxMIHXFpoUdQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 131ms
16ms XHR
application/javascript 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 f359087e1d20f17f76b31eb5ffbbd450.cloudfront.net (CloudFront)
date: Mon, 09 Sep 2024 12:30:42 GMT
x-amz-cf-pop: JFK50-P3
age: 6171
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Origin,accept-encoding
x-amz-cf-id: TIduQdgEM6hnZzJaWHPDFE6Iry0oEodTmQrlIGzzERaHf0z9rmDYAg==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 658ms
19ms Fetch
application/json 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240909

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c6b227e27e04c5d00dded778c7f4cb751eea59ed749d55506b2aa33641ab734f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 09 Sep 2024 14:13:32 GMT
x-content-type-options: nosniff
content-encoding: br
age: 36756
x-jsd-version: 1.0.2173
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 841
x-served-by: cache-fra-eddf8230103-FRA, cache-yul1970032-YUL
x-jsd-version-type: version
etag: W/"63a-Lf/+j3E/aZnhQBgZzcTPM+DEvSQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 41ef077657681c52c6372.js Show response
dcs-static.gprod.postmedia.digital/16.9.2/websites/js/ 14 KB
4 KB 121ms
72ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/js/41ef077657681c52c6372.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/js/main.9848e8b2a5a2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1413cc79bcd47b4af0fe4fe72237f906e31ca8d335314ff0ddb1ffca3c1b7afe

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 05:06:26 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1725025534
age: 205626
x-guploader-uploadid: AD-8ljtDCv96yKsC7RvqByfEDiukPggidW-nI_0K7CWsK50kAdltE3NgsVogUDoOoNovxzWbJRSKHW9d9Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3795
last-modified: Wed, 04 Sep 2024 17:07:16 GMT
server: UploadServer
etag: W/"ce565514c08a80eb5e07c2e9d111e2c2"
vary: Accept-Encoding
x-goog-generation: 1725469636789064
x-goog-hash: crc32c=70FT1g==, md5=zlZVFMCKgOteB8Lp0RHiwg==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 14165
accept-ranges: none

GET
H3 200 3aa2fdcf43a73b3b207655.js Show response
dcs-static.gprod.postmedia.digital/16.9.2/websites/js/ 222 B
259 B 121ms
72ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/js/3aa2fdcf43a73b3b207655.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/js/main.9848e8b2a5a2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8a6ae9397962f51ae98cb8f835fb8d5d1e9e95a79bdde56c12fcdd2f227b0673

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 12:32:39 GMT
x-goog-meta-goog-reserved-file-mtime: 1725025535
age: 178853
x-guploader-uploadid: AD-8ljvl2Gc5vuB4XC6BAOvnr0I2r4_WQzFY9sniVyWwyVYyh2zru3MGc5yZeWbklNNEK30pqStBLogCLrZAbyA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 222
last-modified: Wed, 04 Sep 2024 17:07:16 GMT
server: UploadServer
etag: "fcbec2bdb527147ce9af191f67e9f9b4"
x-goog-generation: 1725469636744237
x-goog-hash: crc32c=AJcJnQ==, md5=/L7CvbUnFHzprxkfZ+n5tA==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 222
accept-ranges: bytes

GET
H3 200 77cebcb2fe7a3cbe614e31.js Show response
dcs-static.gprod.postmedia.digital/16.9.2/websites/js/ 5 KB
2 KB 120ms
70ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/js/77cebcb2fe7a3cbe614e31.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/js/main.9848e8b2a5a2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8eb9324ae96d3fa3ae9f1c63c1b3d64a3e878ab726c30a2bc25fe8e79e33eac7

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 05:06:34 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1725025534
age: 205618
x-guploader-uploadid: AD-8ljsLB0g_A7yOA8bz0fuVmMx1KU3w31klojIYyWXRoYMj7xKwSgbYYbPJtFKLFp_fYaF25xGDv_OOpA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1796
last-modified: Wed, 04 Sep 2024 17:07:17 GMT
server: UploadServer
etag: W/"e6b83672a3dd5829a828fc9700060ad9"
vary: Accept-Encoding
x-goog-generation: 1725469637089396
x-goog-hash: crc32c=8YwgQg==, md5=5rg2cqPdWCmoKPyXAAYK2Q==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 5556
accept-ranges: none

GET
H3 200 4891a64321348b400cdf45.js Show response
dcs-static.gprod.postmedia.digital/16.9.2/websites/js/ 6 KB
2 KB 119ms
71ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/js/4891a64321348b400cdf45.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/js/main.9848e8b2a5a2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d4cd6226e2521b6c534e936918a498fe5c2fb112214c378747f2fb286d88ba7e

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 08 Sep 2024 18:34:44 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1725025534
age: 70728
x-guploader-uploadid: AD-8ljsZF3oWQvNE0HWexQ94JIB6FCVXyU62j_pZWokZI2b9s2G1cONw-_puOcrU51vgQw2erKs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2062
last-modified: Wed, 04 Sep 2024 17:07:16 GMT
server: UploadServer
etag: W/"2bafb125ea9978b0cc9077e387b8f6bd"
vary: Accept-Encoding
x-goog-generation: 1725469636850736
x-goog-hash: crc32c=lNrMbg==, md5=K6+xJeqZeLDMkHfjh7j2vQ==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 6382
accept-ranges: none

POST
H2 200 player-event
events.qortex.ai/api/v1/ 0
0 685ms
62ms Fetch 2606:4700:20::681a:13e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events.qortex.ai/api/v1/player-event
Requested by: Host: tags.qortex.ai
URL: https://tags.qortex.ai/bootstrapper?group-id=QiUOkGRFYUWNdgFd8CThQ&video-container=.jw-wrapper&continuous-load=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 09 Sep 2024 14:13:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=irMGqwfdp2nd%2Bql8zQSazgx2njnuihBjBqL8NfywYKuzB3SEx0pnDnesioYxWhwdF%2BBCAYbSF7rJJ54aMj0F95FHF5SZp3NzxMrejx7DLVilw7n7bLQLe4aIfhG%2BjIbg1LXRdykIt4XtJ%2BhtXyY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 8c07c7921b6baac6-YYZ
content-length: 0

GET
H2 200 cx-bootstrapper-init Show response
tags.qortex.ai/cxo/ 50 KB
9 KB 77ms
51ms Script
application/javascript 2606:4700:20::681a:3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.qortex.ai/cxo/cx-bootstrapper-init
Requested by: Host: tags.qortex.ai
URL: https://tags.qortex.ai/bootstrapper?group-id=QiUOkGRFYUWNdgFd8CThQ&video-container=.jw-wrapper&continuous-load=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c949a53bb8ce748903887c88621a6f43983eda099e5c094c5716fb68ace51beb

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Aug 2024 12:47:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 171
etag: W/"137"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bKGQEfY6dbdXruHb8HOgjxT%2Fqalmo3DoBuDC5an3okZI%2FDZc6RW03SSI%2Bdmwiv9yKPZAH4aApP1v%2B6JruSdU%2F7494bCDC%2BdDZWaXiLX%2BVtAFi%2BEBJ0%2BBZ7uUY%2FY4itZ2we9kIXRv%2F0uYS2sU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8c07c78e3ef6a250-YYZ

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 626ms
66ms Script
application/javascript 23.203.179.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.179.38 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-179-38.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:33 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Mon, 09 Sep 2024 14:28:33 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 43 KB
13 KB 474ms
35ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 07:09:17 GMT
content-encoding: gzip
via: 1.1 77c1752e5c6dfb050c6304b9d473a1e2.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2024 18:47:23 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 25456
x-amz-server-side-encryption: AES256
etag: W/"ad78eaf46246cac6849005eb8b50ae6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: QIwbgkk7WlOD9ZVCQ4zAVO5R9GjqFZxQrdLWLygbE1_Cgh6lG6gOrQ==

GET
H2 200 ima.js Show response
cdn-ima.33across.com/ 16 KB
6 KB 508ms
70ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ima.js
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 712369aef7db8ee613780ed94892762890345add2113c7749b2f03b819c0a4fc

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Aug 2024 20:25:34 GMT
server: cloudflare
age: 495017
etag: W/"66ce363e-403e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8c07c79219e0ac25-YYZ
expires: Thu, 12 Sep 2024 14:13:33 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 95 KB
28 KB 506ms
68ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be1274185bc7a88a74588ef82af3d472ccdc2574282522325f687f37f58dd788

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Aug 2024 13:30:01 GMT
server: cloudflare
x-amz-request-id: VFZTDPW5Z9323XC1
age: 1471
etag: W/"ac65bcbdbadc9ff581ea087feb796f28"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8c07c79218aaa208-YYZ
x-amz-id-2: hq8fndJVNv6F5xYDyjrGTp3d8ykRcjIRHckLNXE/XQ9DmnB5XIgaz2U3v93AIf72DBlOGoTHES+4clUgjiGx1ZliI7rlwk9q

GET
H3 200 prebid_analytics.js Show response
scripts.atmtd.com/js/prebid_analytics/ 78 KB
23 KB 603ms
68ms Script
text/javascript 172.67.40.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.atmtd.com/js/prebid_analytics/prebid_analytics.js
Requested by: Host: go.automatad.com
URL: https://go.automatad.com/geo/BQuheW/afihbs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.40.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dfa9f5311381ee2a357e313d2e1815929a87f471a0612d3103602771c8e84de

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:33 GMT
x-amz-version-id: pYf_3f25tvnC0PyWbbpnNn4KxVXF_Q5B
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2024 05:54:19 GMT
server: cloudflare
x-amz-request-id: 04DF2MA1RBXXWQRB
age: 28058
etag: W/"9ac3bb0f0a7074409afa86a8340bec23"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=120
cf-ray: 8c07c792bd42a228-YYZ
alt-svc: h3=":443"; ma=86400
x-amz-id-2: H/WjPd3E/ddki65dLG9C3WczWvl/5idq6OxHfKGXUGbU2/QFzo6pkivsvUOYDbpcnf7ip2PVKvk=

GET
H3 200 floors.json Show response
floors.atmtd.com/ 121 KB
122 KB 490ms
81ms Fetch 172.67.40.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://floors.atmtd.com/floors.json?siteID=BQuheW
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.40.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15e0aa473ffa549d71bf69947b7dc978665de89c7816b31792322bc16b296168

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 09 Sep 2024 14:13:33 GMT
x-atmtd-floors-source: primary-cache
x-atmtd-floors-path: BQuheW/CA/w/chrome/floor.json
alt-svc: h3=":443"; ma=86400
content-length: 123974
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,POST,OPTIONS
access-control-allow-origin: https://torontosun.com
x-atmtd-cached-until: Mon, 09 Sep 2024 14:13:35 GMT
cache-control: max-age=60
access-control-allow-credentials: true
x-atmtd-floors-created-at: Mon, 09 Sep 2024 14:11:15 GMT
vary: Accept-Encoding
cf-ray: 8c07c7921d90ac3f-YYZ
access-control-allow-headers: Content-Type, x-requested-with

POST
H2 204 beacons
p.flipp.com/ 0
0 569ms
52ms Fetch 18.238.55.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201179443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-52.jfk52.r.cloudfront.net
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 09 Sep 2024 14:13:33 GMT
via: 1.1 24d0edcfa57d0bf029e983a1d3e4649c.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: JFK52-P4
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://torontosun.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-amz-cf-id: omKSwhfWIGfzkLHlXVJhTNW9UPDPFQbPgt7mws7pmSj0fRJSyjU0_w==

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1725891212727&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&c8=Tor...
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1725891212727&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&c8=To...

0
225 B

54ms
44ms

Image
text/plain

108.139.47.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1725891212727&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&c8=Toronto%20Sun&c9=
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Server: 108.139.47.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-50.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:32 GMT
via: 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-amz-cf-id: ncIQWLrqwKRBnb4jRTm9TxQSe_NeyrCpU8vbDE0ZLoPVaBuJpBrAAg==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 09 Sep 2024 14:13:32 GMT
via: 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1725891212727&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&c8=Toronto%20Sun&c9=
content-length: 0
x-amz-cf-id: _K1krZ7M96atpXRFfwRCDJgOp5TR7Vz96Ifc_XYG3cotef_Vc2kBUg==

GET
H2

200

sync
pippio.com/api/
Redirect Chain

https://idsync.rlcdn.com/712559.gif?partner_uid=be42331f-a1ab-49a4-b4f8-bd87cbfe9ac9
https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJGJlNDIzMzFmLWExYWItNDlhNC1iNGY4LWJkODdjYmZlOWFjORAAGg0IjYX8tgYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=03ade173be227470eae661e62c30772e8c6b6bed341d9e2cd706a2f324e5503b791426b5417dce21&_=2

42 B
572 B

566ms
54ms

Image
image/gif

107.178.254.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?pid=5324&it=1&iv=03ade173be227470eae661e62c30772e8c6b6bed341d9e2cd706a2f324e5503b791426b5417dce21&_=2
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:34 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Mon, 09 Sep 2024 14:13:33 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pippio.com/api/sync?pid=5324&it=1&iv=03ade173be227470eae661e62c30772e8c6b6bed341d9e2cd706a2f324e5503b791426b5417dce21&_=2
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK login Show response
postmedia.hub.loginradius.com/ssologin/ 38 B
619 B 124ms
33ms Fetch
application/json 44.208.57.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://postmedia.hub.loginradius.com/ssologin/login

Requested by

Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v110.1/fem.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.208.57.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-208-57-122.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json

Response headers

Date: Mon, 09 Sep 2024 14:13:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
LoginRadius-Location: US1
Server: nginx
Requestid: da856974-9324-4094-88d3-4a8a97e97354
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: https://torontosun.com
X-LoginRadius-Server: Primary - IDX - AWS
Access-Control-Allow-Credentials: true
X-Server: ms_idx_primary
Connection: keep-alive
Content-Length: 38

GET
H2 200 / Show response
torontosun.com/api-root/lists/010c95c1-2deb-459a-849f-30bc362ec9b4/expanded/ 222 KB
23 KB 960ms
953ms Fetch
text/html 34.117.147.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://torontosun.com/api-root/lists/010c95c1-2deb-459a-849f-30bc362ec9b4/expanded/?format=html&name=&from=0&type=category&load_origin_urls=false&is_sponsored=false&slugs_accepted=&slugs_excluded=&replace_video=false&native_ad_enabled=false&native_ad_counter=0&bookmark_enabled=true&template_name=feed-card-list

Requested by

Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/js/6110554f2898a871fc7951.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.147.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

204.147.117.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

a48f9425b7942e0b3c4741ac69dcd5ef4cdf92f9cdeaf9e348be98ba2aee9532

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://torontosun.com/news/local-news/levy-state-of
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:33 GMT
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-content-type-options: nosniff
content-encoding: gzip
x-envoy-decorator-operation: pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
via: 1.1 google
x-envoy-upstream-service-time: 933
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
referrer-policy: strict-origin-when-cross-origin
last-modified: Monday, 09-Sep-2024 14:13:33 GMT
server: istio-envoy
x-pmd-backend: pmd-nginx-proxy-864d96d8c4-bc2jz
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Accept, X_API_KEY, Accept-Language, Cookie, Origin
content-type: text/html; charset=utf-8
allow: GET
content-language: en
cache-control: max-age=300,no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
permissions-policy: autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
expires: Mon, 09 Sep 2024 14:18:33 GMT

OPTIONS
H/1.1 204
No Content login
postmedia.hub.loginradius.com/ssologin/ Frame 0
0 501ms
43ms Preflight 44.208.57.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://postmedia.hub.loginradius.com/ssologin/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.208.57.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-208-57-122.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://torontosun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin: https://torontosun.com
Connection: keep-alive
Date: Mon, 09 Sep 2024 14:13:33 GMT
LoginRadius-Location: US1
Requestid: bb03e127-c886-4d8a-8591-7cb4195aadef
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server: Primary - IDX - AWS
X-Server: ms_idx_primary

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 2042 0
0 143ms
18ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://torontosun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

abp: 63
accept-ranges: bytes
access-control-allow-origin: *
age: 38801
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Mon, 09 Sep 2024 14:13:33 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: SIXWnPXnhn92yClDHp0itXLldCjhRTP4uY2eTULGM5ewIx+45HRwezDxJQ1NZ7cLvbZIE6Nefx4=
x-amz-replication-status: COMPLETED
x-amz-request-id: 7FZWBDN36FVY6X0D
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 10677
x-served-by: cache-yul1970033-YUL
x-timer: S1725891214.750513,VS0,VE0

GET
H2 200 load.js Show response
pm-widget.taboola.com/postmedia1-network/ 3 KB
1 KB 179ms
27ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/postmedia1-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3255c155a89343a3aacbf18ec6400cba42a0529f49d8ff9d79d178034705f07

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Vb2gFPkV4PDHx.ule1U.tai.naDkrpjN
content-encoding: gzip
via: 1.1 varnish
date: Mon, 09 Sep 2024 14:13:33 GMT
x-amz-request-id: DWBN00PZTRFXNGZP
age: 191
x-cache: HIT
content-length: 1085
x-amz-id-2: d0TV1QMgc7eL/HdSax2kHpqiKwDkXjb4UwzveByxDE2ooY96LXQVlkCSlkxQtUuCGOIRxh7uZCU=
x-served-by: cache-yul1970043-YUL
last-modified: Mon, 18 Mar 2024 06:31:40 GMT
server: AmazonS3
x-timer: S1725891214.698669,VS0,VE0
etag: "73fb2ceee5e4669a4b182e38bbca61dd"
vary: Accept-Encoding,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 18

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
431 B 575ms
32ms Script
text/javascript 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:33 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 310844
expires: 60

GET
H2 200 impl.20240909-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ 921 KB
185 KB 96ms
28ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240909-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 0a59ea34c2a48879f45c688ea266ddf6a95310a7315650138c86fe45c197abe7

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: mJ5RwhpIeinuFuM7l2o6Q_I_cmvbrxti
content-encoding: br
via: 1.1 varnish
date: Mon, 09 Sep 2024 14:13:33 GMT
x-amz-request-id: V9GB5V06CJ7VPHX7
age: 16779
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 189191
x-amz-id-2: b6P4R/SaD4BIbs9ZO6/z3067ZEHx3bFqu0SjG+lQMR5npdj9rl7/NIZixBWLOduNb3mBTNa/OIA=
x-served-by: cache-yul1970043-YUL
last-modified: Mon, 09 Sep 2024 09:32:25 GMT
server: AmazonS3-br
x-timer: S1725891214.661671,VS0,VE0
etag: "ef00e447a9b6fb08f0575843ed2ac2f1"
vary: Accept-Encoding
content-type: application/javascript
abp: 9
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 19914

GET
H3 200 promotional Show response
torontosun.com/api-root/feature_bar/ 2 KB
694 B 39ms
31ms Fetch
text/html 34.117.147.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://torontosun.com/api-root/feature_bar/promotional?format=html

Requested by

Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/js/6110554f2898a871fc7951.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.147.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

204.147.117.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

24241308b087ef0282bef310d0968ea7baacbdd9e376809645bf3e216c67722f

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://torontosun.com/news/local-news/levy-state-of
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:33 GMT
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-content-type-options: nosniff
content-encoding: gzip
x-envoy-decorator-operation: pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
via: 1.1 google
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
referrer-policy: strict-origin-when-cross-origin
last-modified: Monday, 09-Sep-2024 14:13:33 GMT
server: istio-envoy
x-pmd-backend: pmd-nginx-proxy-864d96d8c4-wc7c8
vary: Accept-Encoding,Accept-Language, Origin
x-frame-options: SAMEORIGIN
content-language: en
content-type: text/html; charset=utf-8
cache-control: max-age=300,no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
permissions-policy: autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
expires: Mon, 09 Sep 2024 14:13:45 GMT

GET
H2

200

envelope Show response
lexicon.33across.com/v1/
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=aps&ver=1.13.1
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=aps&ver=1.13.1&b=1&tp=Y5h2i%2BQRytV53JPaiIBGoLJ6YrQWUsf46QZ0ty4VPqk%3D

42 B
138 B

63ms
60ms

XHR
application/json

35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=aps&ver=1.13.1&b=1&tp=Y5h2i%2BQRytV53JPaiIBGoLJ6YrQWUsf46QZ0ty4VPqk%3D
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:34 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://torontosun.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Mon, 09 Sep 2024 14:13:33 GMT
via: 1.1 google
referrer-policy: unsafe-url
vary: origin
access-control-allow-origin: https://torontosun.com
location: https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=aps&ver=1.13.1&b=1&tp=Y5h2i%2BQRytV53JPaiIBGoLJ6YrQWUsf46QZ0ty4VPqk%3D
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET 6e3af352-a2be-48d4-8487-b3bb12fbb615
https://torontosun.com/ Frame 0
0

POST
H2 204 json
e01.atmtd.com/bidanalytics-event/ 0
159 B 384ms
63ms Ping
text/plain 143.244.213.152
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://e01.atmtd.com/bidanalytics-event/json?mode=beacon

Requested by

Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/js/prebid_analytics/prebid_analytics.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.213.152 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://torontosun.com
date: Mon, 09 Sep 2024 14:13:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
vary: Origin

GET
H2 200 pxid Show response
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 46 B
383 B 270ms
108ms XHR
application/json 35.241.9.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: b99841f54d3cb462574abf3806e7c61cd8f5fd6e340051ae7dd3cd8acd4965a7

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 09 Sep 2024 14:13:34 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://torontosun.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
703 B 315ms
65ms XHR
application/json 68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.114 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 14:13:34 GMT
an-x-request-uuid: 48f5423c-d04a-49bd-8677-f62c3753d6d1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://torontosun.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 167.114.209.103; 167.114.209.103; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 signinprompt
edge-auth.microsoft.com/v0.5/ Frame DFD6 0
0 304ms
74ms Document
text/html 13.107.6.158
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=09152a38-299b-49fe-81c5-3e4fe41e79fd&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin

Requested by

Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/js/ms_auth_client.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

bingforbusiness.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'strict-dynamic' 'nonce-M8d97GEDWZFz4wNcNTRfdFOI6uFbLZfUygiYidlfWc1Vura7QT7ESIzhd+JlXyePyKyvgPvt7bM0x4mLBlM8tE8IVc05BKgIPwv9V13mgUOU9SFLIQdWF2f7AlUtosDvICAJJdpHZc912y8PW4XkcRyUND6hTlE+teisG2aOwuw=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer: https://torontosun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: script-src 'strict-dynamic' 'nonce-M8d97GEDWZFz4wNcNTRfdFOI6uFbLZfUygiYidlfWc1Vura7QT7ESIzhd+JlXyePyKyvgPvt7bM0x4mLBlM8tE8IVc05BKgIPwv9V13mgUOU9SFLIQdWF2f7AlUtosDvICAJJdpHZc912y8PW4XkcRyUND6hTlE+teisG2aOwuw=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
content-type: text/html; charset=utf-8
date: Mon, 09 Sep 2024 14:13:34 GMT
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: D1236FE5432C41F99A9817CA794704F6 Ref B: CH1AA2020618045 Ref C: 2024-09-09T14:13:34Z

GET
H3 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
2 KB 198ms
59ms Script
application/javascript 104.18.176.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=KlFb8Hg2nS

Requested by

Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v110.1/fem.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0876b1b660da79fad9471d3e15816803e4c8f066cba866063bca01f316f7ec93

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
date: Mon, 09 Sep 2024 14:13:34 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 09 Sep 2024 13:57:09 GMT
server: cloudflare
age: 985
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 8c07c79a597c36a4-YYZ
alt-svc: h3=":443"; ma=86400
x-request-id: nwfhqy7o96
expires: Mon, 09 Sep 2024 14:43:34 GMT

GET
H2 200 vf-v2.js Show response
cdn.viafoura.net/ 616 KB
161 KB 223ms
62ms Script
application/javascript 2600:9000:21dd:a400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/vf-v2.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v110.1/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:a400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7118c465a519e4908a2e983f7b97fa18c8be1b551928102b51c31de08486171f

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 2FoCukg0mmcqPxPTiE9_J1BMZxW.B6pp
content-encoding: br
via: 1.1 98ff52bb9a3187350f3ea674f4110afa.cloudfront.net (CloudFront)
date: Mon, 09 Sep 2024 14:10:13 GMT
x-amz-cf-pop: EWR53-C2
age: 204
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 05 Sep 2024 15:57:29 GMT
server: AmazonS3
etag: W/"a84946875099d3ef9a060f090b3cb411"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: nQ2t9Qe9WG75pxhVISW4Or4-rPFOqpU__bif8X1K2K9kZrlqyuBNIA==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
614 B 252ms
56ms XHR
application/json 18.205.166.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.166.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-166-168.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f86ee95132db5506d6fd86e61503c51593645cac136c320c7bcb2f7064f1332a

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 14:13:34 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://torontosun.com
cache-control: no-cache
x-server: 10.40.13.50
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 200 pmk-20220605.2.js Show response
pm-widget.taboola.com/postmedia1-network/ 84 KB
24 KB 142ms
61ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/postmedia1-network/pmk-20220605.2.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/postmedia1-network/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee781c0c021aa874a52a7741466a90708bed089eb41e4b6e59cea4ba5bf33e6a

Request headers

Referer: https://torontosun.com/
Origin: https://torontosun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: vqBt0iWWiTbt6sWyoAK09ZOt1ANYo3DQ
content-encoding: gzip
via: 1.1 varnish
date: Mon, 09 Sep 2024 14:13:34 GMT
x-amz-request-id: SAPGJ51NJRZ9W4DP
age: 2182582
x-cache: HIT
content-length: 24284
x-amz-id-2: O0Oh7skrnqH8Hv+Qb9gPYerUlOR1aCOA8+tIJsh6h/4KrOgoZoTpDBfkZV1uPbp2Hemac0Rplhw=
x-served-by: cache-yul1970048-YUL
last-modified: Mon, 18 Mar 2024 06:31:39 GMT
server: AmazonS3
x-timer: S1725891215.801150,VS0,VE0
etag: "edaa8e4b9e84f4bde8d3bf5ab6df66e5"
vary: Accept-Encoding, ,Origin
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 74482

GET
H2 200 GW-XDrtXcAAwaej-e1725885240561.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/09/ 25 KB
25 KB 210ms
37ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/09/GW-XDrtXcAAwaej-e1725885240561.jpg?quality=90&strip=all&w=344&type=webp&sig=eeBOq3RnTA-5PD30ZzOfNw
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: ce9f7449a45de1091cda4647b73176ade7222827323a46f26f38239ea8cc5d62

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-pmd-smartcdn-requester: torontosun
date: Mon, 09 Sep 2024 12:55:15 GMT
via: 1.1 google
server: nginx/1.18.0
age: 4699
etag: "fcac3e93527f65cfecc53439a31bde88e53f7b29"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000,public
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-f4zdv
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25454

GET
H2 200 5158683941.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/09/ 21 KB
22 KB 264ms
92ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/09/5158683941.jpg?quality=90&strip=all&w=344&type=webp&sig=TByb_VabTCVPLOsXGN6_DQ
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 7d696232ddec32dd77d572a92ea8abf284accd111b968ab1c5c438cf84985aea

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-pmd-smartcdn-requester: torontosun
date: Mon, 09 Sep 2024 13:59:16 GMT
via: 1.1 google
server: nginx/1.18.0
age: 858
etag: "d3c29cbb169886dc62b44d43f3b65493ea26207a"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000,public
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-q6pzm
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21968

GET
H2 200 jacksonville-jaguars-v-miami-dolphins.jpeg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/09/ 22 KB
22 KB 282ms
111ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/09/jacksonville-jaguars-v-miami-dolphins.jpeg?quality=90&strip=all&w=344&type=webp&sig=mt7sP4BdUMDxLpR4__Y5Rw
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 241fb966896eced8f7cc1ac6f1f62deb278993b7d501240882b3e15b9ab523b1

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-pmd-smartcdn-requester: torontosun
date: Mon, 09 Sep 2024 12:58:03 GMT
via: 1.1 google
server: nginx/1.18.0
age: 4531
etag: "b38266edf5226a8416fcc562ce7a25e9b3869e0c"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000,public
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-gkzl7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22576

GET
H2 200 air-canada.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/06/ 21 KB
21 KB 282ms
111ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/06/air-canada.jpg?quality=90&strip=all&w=344&type=webp&sig=YdmfU5Sromr8qF6nqh9GhA
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 0e50b6dc55f72c4fee533d1666100f6d7bdda7dff35b0979666fde7158e8d7c4

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-pmd-smartcdn-requester: torontosun
date: Mon, 09 Sep 2024 12:30:03 GMT
via: 1.1 google
server: nginx/1.18.0
age: 6211
etag: "d4c45b19fae38d3a501fc0722bac673240d442f1"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000,public
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-78k6v
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21112

GET
H2 200 CONDIT4-e1725887059923.png
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/09/ 17 KB
17 KB 282ms
112ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/09/CONDIT4-e1725887059923.png?quality=90&strip=all&w=344&type=webp&sig=XR47L3z6Vbiy0JOMZQEVUw
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 1e796728e891c65c4f607f7c41a419fdba995d96710a9cf0d671879995e83574

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-pmd-smartcdn-requester: torontosun
date: Mon, 09 Sep 2024 13:28:32 GMT
via: 1.1 google
server: nginx/1.18.0
age: 2702
etag: "afe25ac3e6b17e19a36544928cf08f968e43e778"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000,public
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-8gsc6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17002

GET
H3 200 12565d7d77984f2f558f39.js Show response
dcs-static.gprod.postmedia.digital/16.9.2/websites/js/ 7 KB
2 KB 97ms
80ms Script
application/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/js/12565d7d77984f2f558f39.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/js/main.9848e8b2a5a2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 629afec94a73f73e1d8cad980b3c2fa816719936a87280ceb366bb4a107dacd9

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 05:06:26 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1725025534
age: 205628
x-guploader-uploadid: AD-8ljuXENc_NbBD0lporVRg8i8j7zfVbdMgGRjk-1VNQz618QkFSast0CejhXVUOoIsMiEE9A50xW8C6w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2371
last-modified: Wed, 04 Sep 2024 17:07:16 GMT
server: UploadServer
etag: W/"63f88b4809155400d903bee231e3b335"
vary: Accept-Encoding
x-goog-generation: 1725469636551502
x-goog-hash: crc32c=C9lnzA==, md5=Y/iLSAkVVADZA77iMeOzNQ==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 6931
accept-ranges: none

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 503 KB
142 KB 1282ms
1120ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer

Requested by

Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v110.1/fem.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af12bb645bba27c629948c75a8c67909c24e166f1c324fe37850b1a7fb27b318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144867
x-xss-protection: 0
last-modified: Mon, 09 Sep 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Sep 2024 14:13:36 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 53ms
51ms Script
text/javascript 108.139.47.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v110.1/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-50.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 12:56:57 GMT
content-encoding: gzip
via: 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 13:20:45 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 4598
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: YH7asaACdBCPhNKz7QYdiOL5ooIsoJ-d2vkeU9PGpkLiSItnIqT96g==

GET
H/1.1 200
OK fullcontact.js Show response
tags.fullcontact.com/anon/ 140 KB
47 KB 226ms
48ms Script
application/javascript 108.138.106.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.fullcontact.com/anon/fullcontact.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v110.1/fem.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-83.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d04c0e3e88947ddf1538e3315df91b065380ea97a9a5cb40c2f89574e5fb3067

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 09 Sep 2024 12:06:09 GMT
Content-Encoding: br
Via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
Last-Modified: Thu, 22 Aug 2024 15:23:48 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P3
Age: 7646
x-amz-server-side-encryption: AES256
ETag: W/"589a3abd624b7629bac443359ab32e9e"
Transfer-Encoding: chunked
Vary: accept-encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: QtpSm5tq16gEO-Jqjk7kME_7PkUDMJAV4UQWdFyOVPnbIwVr7XM9kg==

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 345 KB
122 KB 185ms
71ms Script
application/javascript 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v110.1/fem.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: b76ff1073099166c3843df64c523f619a2aeb2e2fabc12238a0196ff4769367c

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-hits: 6, 19
date: Mon, 09 Sep 2024 14:13:34 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
server: Kestrel
age: 126
x-timer: S1725891215.988267,VS0,VE0
x-origin-name: fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache: HIT, HIT
content-type: application/javascript
vary: Accept, Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 124595
x-served-by: cache-iad-kcgs7200117-IAD, cache-yul1970028-YUL

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 222 KB
71 KB 177ms
96ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer

Requested by

Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v110.1/fem.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

519e73e2fc0cf71ac3fc7e36fdd9d0f898ea894de1e62bbd3724415305dc8b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72637
x-xss-protection: 0
last-modified: Mon, 09 Sep 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Sep 2024 14:13:34 GMT

GET
H3 200 icon-comment-white.svg
dcs-static.gprod.postmedia.digital/16.9.2/websites/images/suns/ 728 B
766 B 35ms
34ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/images/suns/icon-comment-white.svg
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/css/output.d6b61bbe44e6.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ab800c9061a1ce95d428741cf664ba573abda7a1c120dfa52179d08b56675207

Request headers

Referer: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/css/output.d6b61bbe44e6.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 00:40:50 GMT
x-goog-meta-goog-reserved-file-mtime: 1725025539
age: 221564
x-guploader-uploadid: AD-8ljsDjUT9VVmGiNVK8mk0v3ypBLtjdt08wYy3Jt-sFuJmyCgNAqV-7kgkPibRLzIdRvG4a78
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 728
last-modified: Wed, 04 Sep 2024 17:07:15 GMT
server: UploadServer
etag: "25fdd2816f6028965120e43620fcd070"
x-goog-generation: 1725469635711130
x-goog-hash: crc32c=O0Y9Vg==, md5=Jf3SgW9gKJZRIOQ2IPzQcA==
access-control-allow-origin: *
content-type: image/svg+xml
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 728
accept-ranges: bytes

GET
H3 200 save-article-button--default.svg
dcs-static.gprod.postmedia.digital/16.9.2/websites/images/save-article-buttons/ 239 B
278 B 35ms
34ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/images/save-article-buttons/save-article-button--default.svg
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/css/output.edf320e54478.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 497f053df078e16fc3614f2d1f04630846b2c7a9efe4ef5ce273baddc814415b

Request headers

Referer: https://dcs-static.gprod.postmedia.digital/16.9.2/CACHE/css/output.edf320e54478.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 22:39:35 GMT
x-goog-meta-goog-reserved-file-mtime: 1725025537
age: 142439
x-guploader-uploadid: AD-8ljvQ5xsv2nXPsQSwK8Hhla4jG9V5yPPmFOb_Uo40q8CkbQ_g9xxPwyHZB8vmgnogcPH5vYQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
last-modified: Wed, 04 Sep 2024 17:07:15 GMT
server: UploadServer
etag: "8f65bf7298ec92913f6a1502d5549f9a"
x-goog-generation: 1725469635072570
x-goog-hash: crc32c=UejarA==, md5=j2W/cpjskpE/ahUC1VSfmg==
access-control-allow-origin: *
content-type: image/svg+xml
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 239
accept-ranges: bytes

GET
H2 200 PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v11/ 18 KB
19 KB 93ms
66ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v11/PN_xRfK9oXHga0XdZsg_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://torontosun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 06:59:37 GMT
x-content-type-options: nosniff
age: 285238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18860
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 18:31:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Sep 2025 06:59:37 GMT

GET
H2 200 google-topics-api.20240909-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 45ms
5ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/google-topics-api.20240909-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59f51b4dbe0d027dca11c8ff9018a05a03d442698f9cbd07ea17356763a32176

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: iJSF8lFHGZyFvzQUxCN1fvWona64ITns
content-encoding: gzip
via: 1.1 varnish
date: Mon, 09 Sep 2024 14:13:35 GMT
x-amz-request-id: 67A9MG2BSW37MJVF
age: 8556
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1057
x-amz-id-2: e2GRPdUpvDp4A0a/rs/czNMg43J//Cg1pPjX3RsOuMArvEpE8lsNXu/VzjQWwQgDLvOu9QR2b2g=
x-served-by: cache-yul1970043-YUL
last-modified: Mon, 09 Sep 2024 11:50:59 GMT
server: AmazonS3
x-timer: S1725891215.124810,VS0,VE0
etag: "8ef876a073fe80373d6c480e20cb8a4d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 49
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 7049

GET
H2

201

sync
googlesync.permutive.com/v2.0/px/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=0562e3d9-4609-4933-b5ca-2b86de34ce71&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=0562e3d9-4609-4933-b5ca-2b86de34ce71&gdpr=0&google_tc=
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESECtlLTdlqqgq_RheE6bDhfA&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=0562e3d9-4609-4933-b5ca-2b86de34ce71&gdpr=0&google_cver=1

35 B
167 B

313ms
123ms

Image
image/gif

34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googlesync.permutive.com/v2.0/px/sync?alias=CAESECtlLTdlqqgq_RheE6bDhfA&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=0562e3d9-4609-4933-b5ca-2b86de34ce71&gdpr=0&google_cver=1
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:35 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
vary: Origin
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 09 Sep 2024 14:13:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://googlesync.permutive.com/v2.0/px/sync?alias=CAESECtlLTdlqqgq_RheE6bDhfA&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=0562e3d9-4609-4933-b5ca-2b86de34ce71&gdpr=0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 415
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
86 B 144ms
120ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 75687120c34db5ba05d6bb24a5aa545d0116af50bcf239bed116661d6a532c4f

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 09 Sep 2024 14:13:35 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://torontosun.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 bounce Show response
id5-sync.com/ 29 B
451 B 588ms
95ms Fetch
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://torontosun.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
286 B 539ms
48ms Fetch
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

429c09ef872b45d80fa51a8ed156e581ed31fd094c179e4d6dd1d3f1bf18f20b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://torontosun.com
date: Mon, 09 Sep 2024 14:13:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 407 KB
121 KB 123ms
66ms Script
application/javascript 104.18.176.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js?version=2

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=KlFb8Hg2nS

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5df5ba5318545215b0148ecd1a1f866e4a1993ab6ef834c7fa600d4c0c2ac01f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:35 GMT
x-amz-version-id: K4j.CQonVYI2_ED_.X0psIYUdTJHT9kh
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: NK64PXSS2JK9XQV4
age: 11802
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6EDuoc7Au+wNxGJPHISGuD1tl/FAv4iwR3m8GRB3pNrZ8CvvvcAJ+5ZAoZtoc8UurnmWUg0wWtM=
last-modified: Thu, 05 Sep 2024 09:06:00 GMT
server: cloudflare
etag: W/"e880501854a37ad101c5aedf94ee2a43"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8c07c7a339f436a4-YYZ
expires: Mon, 09 Sep 2024 18:13:35 GMT

POST
H2 200 v2 Show response
api.viafoura.co/v2/torontosun.com/bootstrap/ 8 KB
3 KB 188ms
48ms XHR
application/json 2600:1f18:44f0:4850:7963:2d32:88db:3d63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/torontosun.com/bootstrap/v2
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4850:7963:2d32:88db:3d63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1985ed8d171d72f52263b05cb8e81d1c82564b2f547841aeb14fe2fc404ff684

Request headers

Accept: application/json, text/plain, */*
Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

expires: Mon, 09 Sep 2024 14:13:36 GMT
pragma: no-cache
date: Mon, 09 Sep 2024 14:13:36 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://torontosun.com
cache-control: max-age=0
access-control-allow-credentials: true
x-instance-id: i-0d22cb60a466a3576

OPTIONS
H2 204 v2
api.viafoura.co/v2/torontosun.com/bootstrap/ Frame 0
0 298ms
39ms Preflight 2600:1f18:44f0:4850:7963:2d32:88db:3d63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/torontosun.com/bootstrap/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4850:7963:2d32:88db:3d63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://torontosun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://torontosun.com
access-control-max-age: 86400
cache-control: max-age=0
date: Mon, 09 Sep 2024 14:13:36 GMT
expires: Mon, 09 Sep 2024 14:13:36 GMT
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-instance-id: i-048b009b13f038ced

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ Frame 0
0 294ms
31ms Preflight 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-mp-key
Access-Control-Request-Method: POST
Origin: https://torontosun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-mp-key
access-control-allow-methods: POST
access-control-allow-origin: *
age: 420
date: Mon, 09 Sep 2024 14:13:36 GMT
server: Kestrel
strict-transport-security: max-age=900
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 455
x-fastly-trace-id: 3976456845
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-yul1970030-YUL
x-timer: S1725891217.647434,VS0,VE0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 266 KB
77 KB 123ms
116ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c301cea731a34c0862bd5d8d9cb91665d1c2d3d0c159b20a9179b00181bfc618

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79068
x-xss-protection: 0
last-modified: Mon, 09 Sep 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Sep 2024 14:13:36 GMT

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 176 B
345 B 80ms
55ms XHR
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e492753a602bb173fb1bbe4986bb5493ec4fe763e5da3ad54126e443bab8dfd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: us1-99b65fde89a1a145894d2d51d283cc83
Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 09 Sep 2024 14:13:36 GMT
content-encoding: gzip
via: 1.1 varnish
x-mp-max-age: 86400
strict-transport-security: max-age=900
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache: MISS
x-served-by: cache-yul1970030-YUL
server: Kestrel
x-timer: S1725891217.716137,VS0,VE28
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-MP-Max-Age
x-fastly-trace-id: 3976457284
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 did-004q.min.js Show response
d-code.liadm.com/ 122 KB
42 KB 292ms
31ms Script
application/javascript 2600:9000:23cb:5000:1c:2afd:fb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d-code.liadm.com/did-004q.min.js
Requested by: Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:5000:1c:2afd:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 46d7779aadd344d2a95e120f81b6bbd0cdf0ab0ab1d1cf63e03aee24d60c3241

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 08 Sep 2024 16:28:18 GMT
content-encoding: gzip
via: 1.1 ed4584f7c263c11cf4adf75ba3a25764.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
age: 78319
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: zCzLR4LsRI0KkLRZBMcbuJzSL-LXEfBE1_AgTjVDOxW4_IXiMuKcuw==

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 3274 0
0 1ms
1ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/google-topics-api.20240909-4-RELEASE.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://torontosun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

abp: 63
accept-ranges: bytes
access-control-allow-origin: *
age: 38801
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Mon, 09 Sep 2024 14:13:33 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: SIXWnPXnhn92yClDHp0itXLldCjhRTP4uY2eTULGM5ewIx+45HRwezDxJQ1NZ7cLvbZIE6Nefx4=
x-amz-replication-status: COMPLETED
x-amz-request-id: 7FZWBDN36FVY6X0D
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 10677
x-served-by: cache-yul1970033-YUL
x-timer: S1725891214.750513,VS0,VE0

GET
H2 200 69.4d85619efb1bd45bba7b.js Show response
cdn.viafoura.net/chunks/ 40 KB
12 KB 46ms
38ms Script
application/javascript 2600:9000:21dd:a400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/69.4d85619efb1bd45bba7b.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:a400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ac7b70ed7e55e26a07a65c1c0dd5121f776b936fb52a096366e1782a8933760

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 15:57:43 GMT
x-amz-version-id: IYMF402T.6lbmOabJOw_bQa7POsO2gc8
content-encoding: br
via: 1.1 98ff52bb9a3187350f3ea674f4110afa.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 339355
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 05 Sep 2024 15:57:19 GMT
server: AmazonS3
etag: W/"136694a1b896f11f553a8dd74e96bf21"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-amz-cf-id: kPwsjhEKTXNS9rPKPk23M-kewPRapHqD9lWnTaA7yNJ2XeaI7zqDKA==

GET
H2 200 73.a7284e32578a2b60038d.js Show response
cdn.viafoura.net/chunks/ 19 KB
5 KB 46ms
41ms Script
application/javascript 2600:9000:21dd:a400:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/73.a7284e32578a2b60038d.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:a400:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61e871fe8b83f5c5466a97efa52e66feb364c7d4d4495129ea33ba7a277564b7

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 15:57:43 GMT
x-amz-version-id: lGc_flKDngixW90eUs6x2aMlxNlsQcnv
content-encoding: br
via: 1.1 98ff52bb9a3187350f3ea674f4110afa.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 339355
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 05 Sep 2024 15:57:09 GMT
server: AmazonS3
etag: W/"a4b1d393c6dc366c9544ec24b9e6c168"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-amz-cf-id: YWHlWaQXxH-e4LYhjhMmgQghx8lkvAPLmc4GcMUTG-X7yuRqPf9EfQ==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 187 KB
67 KB 116ms
110ms Script
application/javascript 142.250.72.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KJC8VVB&l=gtm_data_layer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4460e00efd2c8d499fbccf04f310c7984eb81e4a2ff9ee55e09a942a68dae786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68832
x-xss-protection: 0
last-modified: Mon, 09 Sep 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Sep 2024 14:13:37 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 309 KB
93 KB 99ms
93ms Script
application/javascript 142.250.72.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

02f8130e092bbda36484ef92fddef71fbf33cbd9286d509b813d5fa242ab7b07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94817
x-xss-protection: 0
last-modified: Mon, 09 Sep 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Sep 2024 14:13:37 GMT

POST
H2 200 v3 Show response
id5-sync.com/gm/ 700 B
1 KB 142ms
133ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

5ecb965caa7178aee751c35f802bb40e49aaeed68e7cd1e17f285bbf918b01cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 Sep 2024 14:13:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://torontosun.com
content-type: application/json
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 25 KB
7 KB 138ms
32ms Script
application/x-javascript 2600:141b:1c00:2482::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:2482::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bf0c89a6d466325e7481eca13bbecf43daa80644400723d47e43457bc14985f2

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 09 Sep 2024 14:13:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Apr 2024 13:13:58 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6352
Expires: Mon, 09 Sep 2024 15:13:38 GMT

POST
H3 200 execute Show response
c2.piano.io/xbuilder/experience/ 4 KB
2 KB 187ms
115ms XHR
application/json 104.16.143.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=KlFb8Hg2nS

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6eb7b5b175b04b83dfb328b49ee9aaf9ec725ff4e3a227ee871029293db74d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 09 Sep 2024 14:13:38 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-request-id: efqctr7fw5
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://torontosun.com
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 8c07c7b0ea13ab63-YYZ

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 176 B
268 B 85ms
59ms XHR
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ef6a3737c572b2fc3bf46cde002069b22dc488395174aec22f02e11af3d640a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: us1-99b65fde89a1a145894d2d51d283cc83
Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 09 Sep 2024 14:13:38 GMT
content-encoding: gzip
via: 1.1 varnish
x-mp-max-age: 86400
strict-transport-security: max-age=900
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache: MISS
x-served-by: cache-yul1970030-YUL
server: Kestrel
x-timer: S1725891218.024009,VS0,VE37
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-MP-Max-Age
x-fastly-trace-id: 3976466405
accept-ranges: bytes
x-cache-hits: 0

POST
H2 202 Forwarding Show response
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 0
190 B 176ms
44ms XHR
text/plain 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-cache-hits: 0
date: Mon, 09 Sep 2024 14:13:38 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1725891218.179071,VS0,VE16
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
x-served-by: cache-yul1970028-YUL

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 299 KB
100 KB 130ms
102ms Script
application/javascript 142.250.72.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8c3ebc88501ed6a4c5ed7452efcd759e48cc9797071da470a66f59bf8cd79e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102689
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 09 Sep 2024 14:13:38 GMT

GET
H2

200

web-vitals.attribution.iife.js Show response
unpkg.com/web-vitals@3.5.2/dist/
Redirect Chain

https://unpkg.com/web-vitals@3/dist/web-vitals.attribution.iife.js
https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.attribution.iife.js

10 KB
5 KB

40ms
31ms

Script
application/javascript

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.attribution.iife.js

Requested by

Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

834855b0c8387a3ba457811b0e664777e79fa712722c962f12efb129b60c47b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:39 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3276388
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J49XGP8V3KFEBST1HKK8VRHE-yul
server: cloudflare
etag: "28bb-wwZ82D9Sng4EXAJwcNpWRMvXVbg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8c07c7b82ca3a2df-YUL

Redirect headers

date: Mon, 09 Sep 2024 14:13:38 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J7BHVP4TBWMJXR4VM0WTYXEZ-yul
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 275
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.5.2/dist/web-vitals.attribution.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8c07c7b22eb9a2df-YUL

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://id5-sync.com/i/1674/8.gif?o=api&id5id=ID5*keH5AnTQ0sIQ53AvqEdxzglhF9mrAO-ZeRABt1yPuuXDBVFz4IL1rgkXCHsRQDgU&gdpr_consent=undefined&gdpr=false
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F429%2F7%2F2.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F429%2F7%2F2.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0&rdf=1
https://id5-sync.com/c/1674/429/7/2.gif?puid=5D45139A-373C-4286-9DEA-2FA0129AEC7C&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=14719fe3-2571-417b-bda3-a04b436cc302&ttl=%%TTL%%
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F434%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
https://id5-sync.com/c/1674/434/5/4.gif?puid=563c63e1-ee95-4e9f-9a2b-e69f50b2b843&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F441%2F4%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://id5-sync.com/c/1674/441/4/5.gif?puid=u_190329fe-1877-4191-a16c-19bbb2b3607f&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/1674/2/3/6.gif?puid=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F2%2F3%2F6.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/1674/2/3/6.gif?puid=9079213231228108371&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F112%2F2%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F112%2F2%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/1674/112/2/7.gif?puid=F6564ED135BB5A0E&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F108%2F1%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_co...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1674%2F108%2F1%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&g...
https://id5-sync.com/c/1674/108/1/8.gif?puid=3f3fe8e2-1e41-43ad-84e5-20b45d8a19f2&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RjY1NjRFRDEzNUJCNUEwRQ%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-e88bgAkTouQ-sU9cnrCu_bjWuV_ZLvmNycDXqFZ7hQ

0
0

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
130 B 122ms
114ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 5f9abc59c4a6c2646a8732e9c6a8b7a8f61e7e75e328132f108f8d85b3978dc5

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 09 Sep 2024 14:13:38 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://torontosun.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112

GET
H2 200 any Show response
idx.liadm.com/idex/did-004q/ 134 B
549 B 163ms
48ms XHR
text/plain 54.236.187.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/did-004q/any?duid=fd9804c9473c--01j7bj42vr6vsenvgfrvdnrzak&did=did-004q&cd=.torontosun.com&pu=https%3A%2F%2Ftorontosun.com%2F&_pubcid=045ca156-1228-4a90-945b-f35d218db23b

Requested by

Host: d-code.liadm.com
URL: https://d-code.liadm.com/did-004q.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.236.187.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-187-249.compute-1.amazonaws.com

Software

Resource Hash

277abbdb5eba2ae36556023150efa4cdeb86f859e9701e73f08faf07aeff160e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 4
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://torontosun.com
cache-control: max-age=86399, private
access-control-allow-credentials: true
trace-id: 302fccd91d830c46
content-length: 134
expires: Tue, 10 Sep 2024 14:13:38 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 320 KB
106 KB 119ms
115ms Script
application/javascript 142.250.72.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RT9GKF97XT&l=dl_mparticle&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

cfc4b66abf31e22738531b7e313bb2d76bbf77c0b91583dd6ef3d68da8d33f80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108645
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 09 Sep 2024 14:13:38 GMT

POST
H2 202 events Show response
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 42 B
158 B 38ms
33ms Fetch
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: c32a8e2b2611ac780b3e0d4002f911979e1b8f205b3d3dd515468711d4869d86

Request headers

Accept: text/plain;charset=UTF-8
Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-cache-hits: 0
date: Mon, 09 Sep 2024 14:13:38 GMT
content-encoding: gzip
via: 1.1 varnish
server: Kestrel
x-timer: S1725891219.875313,VS0,VE16
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-served-by: cache-yul1970028-YUL

GET
H2 200 LoginRadiusV2.js Show response
auth.lrcontent.com/v2/ 237 KB
55 KB 36ms
36ms Script
text/javascript 2606:4700::6812:4eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.lrcontent.com/v2/LoginRadiusV2.js

Requested by

Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c1cd912006884427e5b206fc39d264ff7c80ffb5fbb0935b68eb4b403f8d4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:39 GMT
strict-transport-security: max-age= 63072000; includeSubdomains; preload
via: 1.1 35e07c95316db9000ef0d713d9fb2e2c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: gzip
x-amz-cf-pop: ORD53-C1
age: 941
cf-polished: origSize=1487410
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Mon, 02 Sep 2024 05:54:18 GMT
server: cloudflare
etag: W/"e85ad246d3435e0a8bfdf64227a02401"
vary: Origin, Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-ray: 8c07c7b71a3da29a-YUL
x-amz-cf-id: UqPkye6cr_yjxhjGgu69itOhwcvws1JWJ-x8vFghUABAkEMxGUSxpg==
expires: Mon, 09 Sep 2024 18:13:39 GMT

POST
H2 200 ingest
i.viafoura.co/v3/torontosun.com/ 67 B
266 B 154ms
30ms Ping
image/png 44.206.181.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://i.viafoura.co/v3/torontosun.com/ingest
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.181.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-181-253.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://torontosun.com
date: Mon, 09 Sep 2024 14:13:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 67
content-type: image/png

POST
H2 200 mbox
vidanalytics.taboola.com/putes/ 2 B
240 B 246ms
220ms Ping
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidanalytics.taboola.com/putes/mbox
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

x-served-by: cache-yul1970043-YUL
date: Mon, 09 Sep 2024 14:13:39 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1725891219.258488,VS0,VE148
x-cache: MISS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://torontosun.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2
x-backend-name: 5i41NEgLZrTBnTzubPzIMu--F_NLB_VIDEO_UI_00102

POST
H/1.1 404
Not Found webtag.resolve Show response
api.fullcontact.com/v3/ 82 B
616 B 117ms
52ms Fetch
application/json 54.175.18.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fullcontact.com/v3/webtag.resolve?webtagKey=yY2pOf77RzG1E3grWXhBFn9ZtGmt6vYa

Requested by

Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.175.18.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-18-20.compute-1.amazonaws.com

Software

Resource Hash

4bc8c25a69301455f77ae0d6432f1bf0c1e24c2c514130589803f190fcc6681f

Security Headers

Name	Value
Content-Security-Policy	default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Content-Security-Policy: default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
Date: Mon, 09 Sep 2024 14:13:39 GMT
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Vary: Origin, Origin
X-Frame-Options: sameorigin
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://torontosun.com
Access-Control-Allow-Credentials: true
X-FullContact-RateDelay: 33
Connection: keep-alive
X-Robots-Tag: noindex,nofollow
Content-Length: 82
X-XSS-Protection: 1

OPTIONS
H/1.1 200
OK webtag.resolve
api.fullcontact.com/v3/ Frame 0
0 164ms
32ms Preflight
text/plain 54.175.18.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fullcontact.com/v3/webtag.resolve?webtagKey=yY2pOf77RzG1E3grWXhBFn9ZtGmt6vYa

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.175.18.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-18-20.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://torontosun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, PUT, PATCH, POST, DELETE, HEAD, OPTIONS
Access-Control-Allow-Origin: https://torontosun.com
Access-Control-Max-Age: 3600
Allow: POST,OPTIONS
Connection: keep-alive
Content-Length: 13
Content-Security-Policy: default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
Content-Type: text/plain
Date: Mon, 09 Sep 2024 14:13:39 GMT
Referrer-Policy: same-origin
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-FullContact-RateDelay: 0
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
100 KB 119ms
118ms Script
application/javascript 142.250.72.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0f5acbfe0d9c217c951942c98620a02624bd3e6637d261c12ef9c55909251b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102167
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 09 Sep 2024 14:13:39 GMT

GET
H3 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 164 KB
45 KB 144ms
37ms Script
application/javascript 172.67.159.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c53fc7bdefd460166261897f1dd5ba0249643df21f7d777e8d9e1fa8fd39ed6a

Request headers

Referer: https://torontosun.com/
Origin: https://torontosun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 33
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400
content-length: 45370
x-response-time: 1ms
last-modified: Mon, 09 Sep 2024 14:13:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8c07c7b9cb31ab81-YYZ

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 111ms
36ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 09 Sep 2024 14:13:39 GMT
document-policy: force-load-at-top
x-fb-server-load: 36
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58953
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=23, mss=1232, tbw=4316, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: vpkiDLjZ1S0+C3eq5FoZrTkIA/YdeWtLOlj4iCKgd9WyuFznZi1SGwTMoh4OA94xsrGc4X1k/vmU/x1qCl9lng==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/torontosun.com/ 60 KB
22 KB 162ms
34ms Script
application/javascript 18.164.101.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/torontosun.com/p.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-101-60.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: 2a497f7892149a1cbba1abf69d08bc22ddfafd835e07b97a310ade3d1e63d13b

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: public
date: Mon, 09 Sep 2024 07:07:26 GMT
content-encoding: gzip
via: 1.1 07f7cebee7fc49278f602ad96f5f6790.cloudfront.net (CloudFront)
last-modified: Wed, 21 Aug 2024 20:55:18 GMT
server: nginx
x-amz-cf-pop: JFK50-P5
age: 25608
etag: W/"66c65436-f020"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: xeanjTS0EeceLBevRzAY47m4eKrd3E2FMunXwTcJNHmOac3-QOSMww==
expires: Tue, 10 Sep 2024 07:06:51 GMT

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
86 B 128ms
112ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 75687120c34db5ba05d6bb24a5aa545d0116af50bcf239bed116661d6a532c4f

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 09 Sep 2024 14:13:39 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://torontosun.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 114 KB
37 KB 41ms
35ms Script
application/x-javascript 2600:141b:1c00:2482::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:2482::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 792a63b3f8dfac70677824a0f359f68dfcb306c1398aacf00ae2605074b1c0e3

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 09 Sep 2024 14:13:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Sep 2024 10:53:38 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37803
Expires: Mon, 09 Sep 2024 15:13:39 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1725891219530&did=did-004q&se=e30&duid=fd9804c9473c--01j7bj42vr6vsenvgfrvdnrzak&tv=v3.0.10&pu=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&ext__pub...
https://rp4.liadm.com/j?dtstmp=1725891219530&did=did-004q&se=e30&duid=fd9804c9473c--01j7bj42vr6vsenvgfrvdnrzak&tv=v3.0.10&pu=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&ext__pu...

13 B
347 B

247ms
34ms

XHR
application/json

52.21.135.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?dtstmp=1725891219530&did=did-004q&se=e30&duid=fd9804c9473c--01j7bj42vr6vsenvgfrvdnrzak&tv=v3.0.10&pu=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&ext__pubcid=045ca156-1228-4a90-945b-f35d218db23b&wpn=lc-bundle&wpv=v3.0.10&cd=.torontosun.com&c=PHRpdGxlPlRvcm9udG8gU3VuPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly90b3JvbnRvc3VuLmNvbS9uZXdzL2xvY2FsLW5ld3MvbGV2eS1zdGF0ZS1vZiI-PHRpdGxlIGlkPSJ0c3VuTG9nbyI-VG9yb250byBTdW48L3RpdGxlPjx0aXRsZT5Vc2VyPC90aXRsZT48aDEgY2xhc3M9InRoZTQwNF9faGVhZGluZyI-NDA0PGJyPk1pc3NpbmcgcGFnZTwvaDE-&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjEw
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: H2
Server: 52.21.135.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-135-234.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:40 GMT
x-pixel-event-id: c1e7e0be-b084-4bae-9e0f-4f0d1364a47b
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?dtstmp=1725891219530&did=did-004q&se=e30&duid=fd9804c9473c--01j7bj42vr6vsenvgfrvdnrzak&tv=v3.0.10&pu=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&ext__pubcid=045ca156-1228-4a90-945b-f35d218db23b&wpn=lc-bundle&wpv=v3.0.10&cd=.torontosun.com&c=PHRpdGxlPlRvcm9udG8gU3VuPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly90b3JvbnRvc3VuLmNvbS9uZXdzL2xvY2FsLW5ld3MvbGV2eS1zdGF0ZS1vZiI-PHRpdGxlIGlkPSJ0c3VuTG9nbyI-VG9yb250byBTdW48L3RpdGxlPjx0aXRsZT5Vc2VyPC90aXRsZT48aDEgY2xhc3M9InRoZTQwNF9faGVhZGluZyI-NDA0PGJyPk1pc3NpbmcgcGFnZTwvaDE-&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjEw
access-control-allow-origin: https://torontosun.com
date: Mon, 09 Sep 2024 14:13:39 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 117ms
39ms Fetch
text/plain 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RT9GKF97XT&gtm=45je4940v9135149014z89134303430za200zb9134303430&_p=1725891216369&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1374569483.1725891220&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725891219&sct=1&seg=0&dl=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&dt=Toronto%20Sun&en=page_view&_fv=1&_nsi=1&_ss=1&ep.main_category=index&ep.metered_content=false&ep.ad_blocker_enabled=false&ep.browser=Chrome&ep.browser_language=en-US&ep.brand=Toronto%20Sun&ep.device_type=desktop&ep.division=suns&ep.domain=torontosun.com&ep.fem_version=v110.1&ep.page_url=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=16.9.2&ep.user_status=anonymous&ep.view_type=HTML&up.mpid=-8068335459689144178&tfd=11040
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RT9GKF97XT&l=dl_mparticle&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 14:13:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://torontosun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 65.24b1b2dd97bd11410f15.js Show response
cdn.viafoura.net/chunks/ 6 KB
3 KB 30ms
29ms Script
application/javascript 13.226.34.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/chunks/65.24b1b2dd97bd11410f15.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-86.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08e2e909fb0b5d12c2635f23a5a9d164ecfd64daaec1a4ad9253a5d9c4e4cdd2

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 15:57:46 GMT
x-amz-version-id: T2dAWsIrmX_qEpiNIwh5Uw7u4kTGzsSM
content-encoding: br
via: 1.1 96d147941ae6bca8fe66457104d07bb6.cloudfront.net (CloudFront)
age: 339354
x-amz-cf-pop: EWR53-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 05 Sep 2024 15:57:22 GMT
server: AmazonS3
etag: W/"f9ddbaf3aff204ea72c28bd3926c4454"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-amz-cf-id: 16WztSelvwTdUo-ciEXsm8DKJxN_FbwDi8Zrh945rzI4Gah1tBTQ8g==

POST
H2 204 collect
analytics.google.com/g/ 0
0 228ms
53ms Fetch
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-H792QCFZPV&gtm=45je4940v880952819z8854753396za200zb854753396&_p=1725891214881&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1374569483.1725891220&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&dl=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&dr=&sid=1725891220&sct=1&seg=0&dt=Toronto%20Sun&en=error&_fv=1&_ss=1&ep.debug_mode=false&ep.gtm_version=58&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=16.9.2&ep.fem_version=v110.1&ep.brand=Toronto%20Sun&ep.timestamp=2024-09-09T07%3A13%3A39.341-07%3A00&ep.error_type=404%20Error&tfd=11510
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 14:13:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://torontosun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 199ms
53ms Ping
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H792QCFZPV&cid=1374569483.1725891220&gtm=45je4940v880952819z8854753396za200zb854753396&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 14:13:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://torontosun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame A63B 0
0 192ms
59ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-H792QCFZPV&gacid=1374569483.1725891220&gtm=45je4940v880952819z8854753396za200zb854753396&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1833511609

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Sep 2024 14:13:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 633ms
495ms Image
image/gif 142.250.176.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H792QCFZPV&cid=1374569483.1725891220&gtm=45je4940v880952819z8854753396za200zb854753396&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=1490881056

Requested by

Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 14:13:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1685973801652415 Show response
connect.facebook.net/signals/config/ 76 KB
16 KB 62ms
61ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1685973801652415?v=2.9.167&r=stable&domain=torontosun.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

8370f5d818eb4c49220ec874612de68fca44e3c54c991c85907a8e0cc33f9283

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 09 Sep 2024 14:13:40 GMT
document-policy: force-load-at-top
x-fb-server-load: 41
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15786
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=68, mss=1232, tbw=66956, tp=62, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: 1MWQuP7yNHRY+MjHlQD5Ii9j0xzUqjpCjUXYwrBtoZQqA7wwVOAgKYOBgS5NtokBHvT5cyVR9XzVAUuR0ohI4g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 182ms
42ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1725891220670&plid=880a216b-c14c-4936-8316-b4177fc255a7&idsite=torontosun.com&url=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&sref=&sts=1725891220620&slts=0&title=Toronto+Sun&date=Mon+Sep+09+2024+07%3A13%3A40+GMT-0700+(Pacific+Daylight+Time)&action=pageview&pvid=2a76b5a4-fb73-4fff-9c05-748c9022a440&u=pid%3D395c4224-7665-4ebe-85ff-c637820cc47a
Requested by: Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-144-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 09 Sep 2024 14:13:40 GMT
Cache-Control: no-cache
Last-Modified: Monday, 09-Sep-2024 14:13:40 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 204 collect
analytics.google.com/g/ 0
0 46ms
43ms Fetch
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je4940v880952817z879194588za200zb79194588&_p=1725891214798&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1374569483.1725891220&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1725891220&sct=1&seg=0&dl=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&dt=Toronto%20Sun&en=FCP&_fv=1&_ss=1&ep.web_vitals_measurement_name=FCP&ep.web_vitals_measurement_id=v3-1725891220463-1512677774819&epn.web_vitals_measurement_value=3122.5999999046326&epn.value=3122.5999999046326&tfd=12035
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 14:13:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://torontosun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 42ms
40ms Ping
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-72QH41ZTMR&cid=1374569483.1725891220&gtm=45je4940v880952817z879194588za200zb79194588&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 14:13:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://torontosun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 7CE9 0
0 63ms
45ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-72QH41ZTMR&gacid=1374569483.1725891220&gtm=45je4940v880952817z879194588za200zb79194588&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=546516006

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Sep 2024 14:13:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 159ms
158ms Image
image/gif 142.250.176.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-72QH41ZTMR&cid=1374569483.1725891220&gtm=45je4940v880952817z879194588za200zb79194588&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=1618896229

Requested by

Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 14:13:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 89 B
883 B 434ms
98ms Fetch
application/json 57.128.96.202
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.128.96.202 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy08.cl11.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 16c6db2264fc4692b56c6684fc47601ab5f09dd4110f3f8e1497fb223e1e1240

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 09 Sep 2024 14:13:41 GMT
content-encoding: gzip
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://torontosun.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 99

GET
H3 200 b706eebb47acf8d32611.js Show response
sdk.mrf.io/statics/ 69 KB
16 KB 38ms
37ms Script
application/javascript 172.67.159.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/b706eebb47acf8d32611.js
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abc308011d9550d6702d42e4cebb52e8b364b7098228484eb33cbbd3d4b4b80e

Request headers

Referer: https://torontosun.com/
Origin: https://torontosun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:41 GMT
content-encoding: br
via: 1.1 d1a8cc0bb52400f43698b4c3cd691acc.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: LHR61-C1
age: 3558
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 Jul 2024 14:46:19 GMT
server: cloudflare
etag: W/"e6b88b4c5f31434b53d349d7e4679bc6"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
timing-allow-origin: *
cf-ray: 8c07c7c44ee2ab81-YYZ
x-amz-cf-id: PT0XG5-AVga9LNX2ZKN8OYO8e9m3nwVi_kfqhJcIT2m2lmRYBLZnlw==

GET
H2 200 appInfo Show response
config.lrcontent.com/ciam/ 5 KB
2 KB 47ms
5ms XHR
application/json 2606:4700::6812:4eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by: Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17c676c141b36613e4d5c3f4765ca02fb5d9e83367488eff52d8a50dcc987d44

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 09 Sep 2024 14:13:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json
access-control-allow-origin: https://torontosun.com
cache-control: max-age=86400
cf-ray: 8c07c7c5da1aa2f0-YUL

OPTIONS
H2 204 appInfo
config.lrcontent.com/ciam/ Frame 0
0 183ms
33ms Preflight 2606:4700::6812:4eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://torontosun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-requested-with
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://torontosun.com
allow: GET, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8c07c7c599d6a2f0-YUL
date: Mon, 09 Sep 2024 14:13:41 GMT
server: cloudflare
vary: Origin

GET
H/1.1 200
OK sp1.html
cdn.cxense.com/ Frame 6527 0
0 114ms
36ms Document
text/html 2600:141b:1c00:2482::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:2482::268b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://torontosun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 289
Content-Type: text/html
Date: Mon, 09 Sep 2024 14:13:41 GMT
Expires: Thu, 19 Sep 2024 14:13:41 GMT
Last-Modified: Thu, 30 Nov 2023 11:55:50 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 168ms
28ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&rl=&if=false&ts=1725891221324&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1725891221303.266410260886148915&cs_est=true&ler=empty&cdl=API_unavailable&it=1725891220547&coo=false&rqm=GET

Requested by

Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1297, tbw=2817, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 09 Sep 2024 14:13:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 258ms
119ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&rl=&if=false&ts=1725891221324&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1725891221303.266410260886148915&cs_est=true&ler=empty&cdl=API_unavailable&it=1725891220547&coo=false&rqm=FGET

Requested by

Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x24e06f6e44ab2fb3","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:1248673751829361","7830:1248673751829361","10853:1248673751829361","41:1248673751829361","8046:1248673751829361"]},"debug_reporting":true,"debug_key":"3229377402438591597"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 09 Sep 2024 14:13:41 GMT
x-fb-server-load: 37
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7412646351689464292", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=10, mss=1297, tbw=3135, tp=-1, tpl=-1, uplat=87, ullat=1
pragma: no-cache
x-fb-debug: X5TyO0Hp+9+Ho7oChau5cOIZ5smhiX+sZh71HBNbuFC5qgiU2ClFuzSiWS1ivc7+3nOt0EAn0DXKIBIrc6V7xQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7412646351689464292"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK login Show response
postmedia.hub.loginradius.com/ssologin/ 38 B
619 B 33ms
31ms XHR
application/json 44.208.57.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://postmedia.hub.loginradius.com/ssologin/login

Requested by

Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.208.57.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-208-57-122.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

Date: Mon, 09 Sep 2024 14:13:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
LoginRadius-Location: US1
Server: nginx
Requestid: aa96590c-ddfa-4904-b594-b02da330c0f6
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: https://torontosun.com
X-LoginRadius-Server: Primary - IDX - AWS
Access-Control-Allow-Credentials: true
X-Server: ms_idx_primary
Connection: keep-alive
Content-Length: 38

OPTIONS
H/1.1 204
No Content login
postmedia.hub.loginradius.com/ssologin/ Frame 0
0 46ms
34ms Preflight 44.208.57.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://postmedia.hub.loginradius.com/ssologin/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.208.57.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-208-57-122.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://torontosun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-requested-with
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin: https://torontosun.com
Connection: keep-alive
Date: Mon, 09 Sep 2024 14:13:41 GMT
LoginRadius-Location: US1
Requestid: 2bc72d9d-6d7f-469e-b1fa-02ee449c4dcb
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server: Primary - IDX - AWS
X-Server: ms_idx_primary

POST
H2 200 rfv.php Show response
events.newsroom.bi/data/ 27 B
469 B 103ms
99ms Fetch
application/json 57.128.96.202
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/data/rfv.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.128.96.202 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy08.cl11.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 09 Sep 2024 14:13:41 GMT
content-encoding: gzip
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://torontosun.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 42

GET
H2 200 id Show response
id.cxense.com/public/user/ 102 B
593 B 166ms
50ms Script
text/javascript 145.40.89.32
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22m0v32ilfdbt80b15%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%2236fgn9z6gtzkk17jymvifd4mj1%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%2236fgn9z6gtzkk17jymvifd4mj1%22%7D%5D%7D&callback=cXJsonpCB1

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

c6194671ffdb69477f4556bba57e71036c2a9348094466bc667c26cb29c73336

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 14:13:41 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 102
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 sdk-runtime-config.js Show response
buy.tinypass.com/api/v3/anon/assets/ 266 B
544 B 173ms
53ms XHR
application/json 104.18.176.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=KlFb8Hg2nS

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9061316ebceb8b497b58fa0605207b70bad59a334060b636e439effc7e44900a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:42 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: HIT
age: 11806
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
content-length: 177
x-request-id: Mw2ljjs95ip
wn: prod-dash-10-0-129-228
last-modified: Mon, 09 Sep 2024 10:56:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.006
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8c07c7ca3abe54af-YYZ
expires: Mon, 09 Sep 2024 18:13:42 GMT

GET
H2 200 ribn.min.js Show response
assets.ribn.com/production/ 10 KB
3 KB 608ms
40ms Script
application/javascript 2606:4700:4400::ac40:91b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.ribn.com/production/ribn.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:42 GMT
via: 1.1 37fecf641296846b450fec2550a25bee.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-amz-cf-pop: JFK52-P7
age: 3389
content-encoding: gzip
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Oct 2020 14:49:59 GMT
server: cloudflare
etag: W/"6b213f30955b664fd78dc9e388b17e54"
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8c07c7cd3e05a2a4-YUL
x-amz-cf-id: vDVSns5G-VNqMP_aNZiURQ9V-50_8xZjXMbH2PeA_M8-mbO5j_QRjg==
expires: Mon, 09 Sep 2024 18:13:42 GMT

GET
H2 200 ribn-postmedia.min.js Show response
assets.ribn.com/v2/production/ 13 KB
4 KB 607ms
41ms Script
application/javascript 2606:4700:4400::ac40:91b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.ribn.com/v2/production/ribn-postmedia.min.js

Requested by

Host: torontosun.com
URL: https://torontosun.com/news/local-news/levy-state-of

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:42 GMT
via: 1.1 1c610300f1cb400174de7494833bcf14.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-amz-cf-pop: JFK52-P7
age: 1800
content-encoding: gzip
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 01 Sep 2021 18:06:03 GMT
server: cloudflare
etag: W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cache-control: public, max-age=14400
vary: Accept-Encoding
cf-ray: 8c07c7cd3e0aa2a4-YUL
x-amz-cf-id: Wq5hHWI87pFqR8_a-tynM0NSodIxfNCEwwQ4BDS9xxrQwlruKCroUw==
expires: Mon, 09 Sep 2024 18:13:42 GMT

GET
H3 200 ta.js Show response
static.trueanthem.com/scripts/ 731 B
1 KB 144ms
43ms Script
text/javascript 172.67.72.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.trueanthem.com/scripts/ta.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89bd39b2a848d8ef9910066b7c39e9742cc47bd2cf700c273e026c3f60d213d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2191
x-guploader-uploadid: ABPtcPrQ_Jz39cKyNM8OAVhpO1jKZ4qDua9_ZmGgyWrAxR-HlivaRFNszHi5Q-dKL3Rd-P9JAPo
x-goog-storage-class: STANDARD
content-encoding: br
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 03 Apr 2023 04:25:23 GMT
server: cloudflare
etag: W/"2d510096ac78a0ff3a40edae5d9c0c92"
vary: Origin, Accept-Encoding
x-goog-hash: crc32c=cFyq6Q==, md5=LVEAlqx4oP86QO2uXZwMkg==
x-goog-generation: 1680495923461532
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7FqAL1XVnfRQ2plPzBoe6U7rHsdWGUv7YhZa1%2Bb6hBjvW%2BqZRj32OF%2BLs%2BfhD%2F2%2FMvjyjZeoUYma08v3ozOtyVwLPQ4h8AeNdzSLLIob3bi5Awu0ebqhjM3fKCYx64RrFrc44MGLsg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
x-goog-stored-content-length: 731
cf-ray: 8c07c7ca4d0faac6-YYZ
expires: Mon, 09 Sep 2024 14:37:11 GMT

GET
H3 200 favicon-tsun.ico
dcs-static.gprod.postmedia.digital/16.9.2/websites/images/suns/ 15 KB
5 KB 31ms
22ms Other
image/vnd.microsoft.icon 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/16.9.2/websites/images/suns/favicon-tsun.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3ba871bc7df3575268383e6f87afa33f41b20307dd4141e9288e96597a634fb7

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 17:29:34 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1725025539
age: 420248
x-guploader-uploadid: AD-8ljuMbrZMqGIzpNwJYvF8W8mnr9yYoFbEiHRRbuTXsdp4zyNOr2QpUdQDzLeL_mLsnOxYofE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4754
last-modified: Wed, 04 Sep 2024 17:07:15 GMT
server: UploadServer
etag: W/"5012604e2d9d5f01438c0232782608cb"
vary: Accept-Encoding
x-goog-generation: 1725469635678427
x-goog-hash: crc32c=VgeVxQ==, md5=UBJgTi2dXwFDjAIyeCYIyw==
access-control-allow-origin: *
content-type: image/vnd.microsoft.icon
cache-control: public,max-age=31622400
x-cache-hit: hit
x-goog-stored-content-length: 15086
accept-ranges: none

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
971 B 177ms
56ms Script
text/javascript 142.250.80.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.36 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f4.1e100.net

Software

ESF /

Resource Hash

1be24db5f3aa860a3d2b5c918f43e1cb57dc367db832e72cc4dc5f289d81bcc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
expires: Mon, 09 Sep 2024 14:13:42 GMT

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 2 B
778 B 127ms
102ms Fetch
application/json 57.128.96.202
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.128.96.202 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy08.cl11.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 09 Sep 2024 14:13:42 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://torontosun.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H3 200 ta.c34341.js Show response
static.trueanthem.com/scripts/ 27 KB
11 KB 52ms
51ms Script
text/javascript 172.67.72.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.trueanthem.com/scripts/ta.c34341.js

Requested by

Host: static.trueanthem.com
URL: https://static.trueanthem.com/scripts/ta.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

469c3c3ebe581ecb1a3c893d20b642bbc014912693d13cc2bfd54de246e12c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 14:13:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3305
x-guploader-uploadid: ABPtcPqanIHeYMYcRssIAZgPZIMut0NnhkqZlyzj3RnzcKV2_urXB_e_Mib4HOsRHVlCmzUO8aFGPcaBtg
x-goog-storage-class: STANDARD
content-encoding: br
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 03 Apr 2023 04:25:20 GMT
server: cloudflare
etag: W/"28b2dbdb03f096998a381f6126ddac4c"
vary: Origin, Accept-Encoding
x-goog-hash: crc32c=rvRlhw==, md5=KLLb2wPwlpmKOB9hJt2sTA==
x-goog-generation: 1680495920536276
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hP7e0nNjhSDxSg262%2FdHyBXYAg%2BxxdCZkAxd8q%2FHpJ6%2FxlDATblVuV9RPgXEgDsD9sMuA1CUjbH1Ft2Du4tQSmGrKPbhroi8BFIE12Goy1P54%2Bvc60YzWLwqiZXlDMeHQZFWQ%2FG2%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
x-goog-stored-content-length: 27234
cf-ray: 8c07c7cdaff9aac6-YYZ
expires: Mon, 09 Sep 2024 14:18:37 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/ 536 KB
212 KB 161ms
39ms Script
text/javascript 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04a0c20c086ea1edc10ab2a9612afc96ac6bd5a49fa5b310768aba2ab688718f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://torontosun.com/
Origin: https://torontosun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 13:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216812
x-xss-protection: 0
last-modified: Mon, 26 Aug 2024 04:00:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Sep 2025 13:59:59 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
0 52ms
51ms Fetch
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-H792QCFZPV&gtm=45je4940v880952819z8854753396za200zb854753396&_p=1725891214881&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1374569483.1725891220&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=2&dl=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&sid=1725891220&sct=1&seg=1&dt=Toronto%20Sun&en=page_view&ep.debug_mode=false&ep.gtm_version=58&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.session_uuid=A7D164A9-D5B1-4D5C-5F58-1D27CDA4BDD5&ep.platform=Cheetah&ep.platform_version=16.9.2&ep.fem_version=v110.1&ep.mp_id=-8068335459689144178&ep.brand=Toronto%20Sun&ep.timestamp=2024-09-09T07%3A13%3A40.729-07%3A00&ep.ga_client_id=1374569483.1725891220&ep.main_category=index&ep.metered_content=false&_et=409&up.mp_id=-8068335459689144178&up.client_id=1374569483.1725891220&tfd=16939
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 14:13:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://torontosun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
0 71ms
69ms Fetch
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je4940v880952817z879194588za200zb79194588&_p=1725891214798&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1374569483.1725891220&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=2&sid=1725891220&sct=1&seg=0&dl=https%3A%2F%2Ftorontosun.com%2Fnews%2Flocal-news%2Flevy-state-of&dt=Toronto%20Sun&en=TTFB&ep.web_vitals_measurement_name=TTFB&ep.web_vitals_measurement_id=v3-1725891220464-4797945125723&epn.web_vitals_measurement_value=542.0999999046326&epn.value=542.0999999046326&_et=1167&tfd=18229
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 14:13:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://torontosun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 mbox
vidanalytics.taboola.com/putes/ 2 B
162 B 179ms
168ms Ping
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidanalytics.taboola.com/putes/mbox
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://torontosun.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

x-served-by: cache-yul1970043-YUL
date: Mon, 09 Sep 2024 14:13:47 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1725891228.827816,VS0,VE143
x-cache: MISS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://torontosun.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2
x-backend-name: 5i41NEgLZrTBnTzubPzIMu--F_NLB_VIDEO_UI_00101

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: torontosun.com
URL: blob:https://torontosun.com/6e3af352-a2be-48d4-8487-b3bb12fbb615

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RjY1NjRFRDEzNUJCNUEwRQ%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-e88bgAkTouQ-sU9cnrCu_bjWuV_ZLvmNycDXqFZ7hQ

Verdicts & Comments Add Verdict or Comment

328 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

80 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 09:00:51	Name: lidid Value: cc2dfacf-5a9c-4b6b-bb5a-abd5d5951ad0
.automatad.com/	1970-01-20 23:24:53	Name: __cf_bm Value: CNf4DNtlvHYKPHczxJlKqdeXcXTI5kj7l49GImKAmR4-1725891211-1.0.1.1-dG0i5_1TSZn6Hv1l6cf0tO87TQiTN2CYt33SXEsWG4bPAKFm84dAtE.k7IYdpgGY0AN6HA4.JXGm7D5ZH8IRkw
.torontosun.com/	1970-01-21 00:08:03	Name: pbjs_sharedId Value: 40de200e-1828-47b7-b387-b78e193791b2
.torontosun.com/	1970-01-21 00:08:03	Name: pbjs_sharedId_cst Value: zix7LPQsHA%3D%3D
torontosun.com/	1970-01-21 08:10:27	Name: flipp-uid Value: be42331f-a1ab-49a4-b4f8-bd87cbfe9ac9
.scorecardresearch.com/	1970-01-21 08:46:27	Name: UID Value: 1F45bc1a1809023d5250d4d1725891212
.scorecardresearch.com/	1970-01-21 08:46:27	Name: XID Value: 1F45bc1a1809023d5250d4d1725891212
torontosun.com/	1970-01-20 23:24:51	Name: __adblocker Value: false
.atmtd.com/	1970-01-20 23:24:53	Name: __cf_bm Value: lVhW2Ys88H1NRaqBjJ9uBS_il2oVTpSyqxn.Z1GKueU-1725891213-1.0.1.1-KDeasZuJANsmjF62VYquFxb0fQ8VeQGiuJOaPB38Y8Nzv5GsjGAVCQFjRL1JhQzrkZnuuaTlBWg5q7EDYy.vPw
.p.flipp.com/	1970-01-21 09:00:51	Name: gid Value: "E693AwAAze6dc/ZbBM3tlg=="
.rlcdn.com/	1970-01-21 08:10:27	Name: rlas3 Value: ZAyzLLZ5svlsOFHdzSs+hELSB/6x0zF1zgoDZx1AQWQ=
.rlcdn.com/	1970-01-21 00:51:15	Name: pxrc Value: CI2F/LYGEgUI6AcQABIFCOhHEAA=
torontosun.com/	1970-01-20 23:34:56	Name: political-ad-opt-out Value: {"data":false,"exp":604800000,"ts":1725891213602,"mac":1012698188}
.torontosun.com/	1970-01-21 03:45:29	Name: permutive-id Value: 0562e3d9-4609-4933-b5ca-2b86de34ce71
.pippio.com/	1970-01-21 08:10:27	Name: did Value: CwY0sgX9PXbrOLki
.pippio.com/	1970-01-21 08:10:27	Name: didts Value: 1725891214
.pippio.com/	1970-01-21 00:51:15	Name: nnls Value:
.pippio.com/	1970-01-21 00:51:15	Name: pxrc Value: CAA=
.criteo.com/	1970-01-21 08:46:27	Name: receive-cookie-deprecation Value: 1
.33across.com/	1970-01-21 08:10:27	Name: check Value: true
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/	1970-01-21 01:35:53	Name: pxid Value: cdd8c80b-de9a-4c3d-9a9e-e35eec561d40
.adnxs.com/	1970-01-21 09:00:51	Name: receive-cookie-deprecation Value: 1
.crwdcntrl.net/	1970-01-21 05:53:38	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 05:53:38	Name: _cc_id Value: 38d8a14ea73330502d9506c289b20539
torontosun.com/	1970-01-20 23:34:56	Name: x-id Value: {"data":{"id":"bxpeqjzpgp6l1nndvbnjbs9wvhrcjtxaf","updated":1725891214804,"adLightDisabled":true,"printSubscriber":false,"adLight":false},"exp":604800000,"ts":1725891214805,"mac":-564022089}
fem.gprod.postmedia.digital/	1970-01-20 23:34:56	Name: x-id Value: {"data":{"id":"bxpeqjzpgp6l1nndvbnjbs9wvhrcjtxaf","updated":1725891214804,"adLightDisabled":true,"printSubscriber":false,"adLight":false},"exp":604800000,"ts":1725891215004,"mac":-563336927}
.torontosun.com/	1970-01-21 05:53:39	Name: _cc_id Value: 38d8a14ea73330502d9506c289b20539
.torontosun.com/	1970-01-20 23:26:17	Name: panoramaId_expiry Value: 1725977614576
.doubleclick.net/	1970-01-21 09:00:51	Name: IDE Value: AHWqTUmGSl5Zr9CD6G-ZL0uNMrlq_VizOwoaTo917uR2UjmUaafaCxdWQ1GtdAUiSBo
.torontosun.com/	1970-01-21 09:00:51	Name: fc_storage_location Value: cookie
.torontosun.com/	1970-01-21 09:00:51	Name: fc_pid_variable Value: fc_pid
.torontosun.com/	1970-01-21 08:53:39	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOBmADgFYAnADYALIP69uonh34B2YSAC%2BQA
.torontosun.com/	1970-01-21 08:53:39	Name: _pcid Value: %7B%22browserId%22%3A%22m0v32ilfdbt80b15%22%7D
torontosun.com/	1970-01-21 01:34:30	Name: __pnahc Value: 0
.piano.io/	1970-01-20 23:24:53	Name: __cf_bm Value: 3EhnXAeFsW4ddjzwVC_Mkisd3WL8Kz2c..R35izjNkM-1725891218-1.0.1.1-KPaTgUSZeXR1cBgQOE_KzT7yTgsEp3u_aqbyHWcOC3bD6UI0P7ZLCP7EHpRGT0mTiJw6yLMjsW2j0pkfXrCaMA
.torontosun.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .torontosun.com
.torontosun.com/	1970-01-21 09:00:51	Name: _lc2_fpi Value: fd9804c9473c--01j7bj42vr6vsenvgfrvdnrzak
.id5-sync.com/	1970-01-21 01:34:27	Name: id5 Value: 47ee745e-e7c8-791d-8278-c8b004ccb47b#1725891216151#3
.pubmatic.com/	1970-01-20 23:26:17	Name: KTPCACOOKIE Value: YES
.liadm.com/	1970-01-21 09:00:51	Name: lidid Value: cc2dfacf-5a9c-4b6b-bb5a-abd5d5951ad0
.torontosun.com/	1970-01-21 08:10:27	Name: mprtcl-v4_4662F03F Value: {'gs':{'ie':1\|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'\|'av':'1.0.0'\|'cgid':'fa97d031-def2-482c-9555-d72ac78407cd'\|'das':'cbdb9fac-bc7c-454b-e7ac-2d77af67c143'\|'csm':'WyItODA2ODMzNTQ1OTY4OTE0NDE3OCJd'\|'sid':'A7D164A9-D5B1-4D5C-5F58-1D27CDA4BDD5'\|'les':1725891218857\|'ssd':1725891216371}\|'l':1\|'-8068335459689144178':{'fst':1725891217153\|'ui':'eyIwIjoiYnhwZXFqenBncDZsMW5uZHZibmpiczl3dmhyY2p0eGFmIn0='}\|'cu':'-8068335459689144178'}
.torontosun.com/	1970-01-21 09:00:51	Name: __tbc Value: %7Bkpex%7DNdz29qXkepmdKzA4La8xDZffD3l7OtRgkVMwlHHoHEsyusT-iX7iRgMPWy9VtxX7
.pubmatic.com/	1970-01-21 08:10:27	Name: KADUSERCOOKIE Value: 5D45139A-373C-4286-9DEA-2FA0129AEC7C
.torontosun.com/	1970-01-21 00:08:03	Name: __pat Value: -14400000
.torontosun.com/	1970-01-20 23:26:17	Name: __pvi Value: eyJpZCI6InYtbTB2MzJpbnBqMzhweGJmayIsImRvbWFpbiI6Ii50b3JvbnRvc3VuLmNvbSIsInRpbWUiOjE3MjU4OTEyMTg5NDF9
.torontosun.com/	1970-01-21 09:00:51	Name: xbc Value: %7Bkpex%7DVaGByP9Hx5Y2lkxTLuHYVbZO-MYAPFa-IcCtB8g4fnI
.torontosun.com/	1970-01-20 23:24:53	Name: _vfb Value: torontosun%2Ecom.00000000-0000-4000-8000-d11b93482c8b.1..1725891219....
torontosun.com/	1970-01-20 23:24:51	Name: _vfz Value: torontosun%2Ecom.00000000-0000-4000-8000-d11b93482c8b.1725891219.1.medium=direct\|source=\|sharer_uuid=\|terms=
.torontosun.com/	1970-01-21 08:10:27	Name: _vfa Value: torontosun%2Ecom.00000000-0000-4000-8000-d11b93482c8b.3567eb25-1b5d-4c40-a63a-22b4bf92c82f.1725891219.1725891219.1725891219.1
.torontosun.com/	1970-01-21 09:00:51	Name: __li_idex_cache_eyJxZiI6IjAuMSJ9 Value: 6-Q29gUKNGfNJLd3zklmO2n4B+ehLeggILHmBA8Tq88CvmPBdBiI35uZ8ubY0ZBNC8NAKnKK/91nCXoqHblxQ/NoaQ5tzYd2UB7cnifYEEiSa71a4AM8Jl
.adsrvr.org/	1970-01-21 08:10:27	Name: TDID Value: 14719fe3-2571-417b-bda3-a04b436cc302
.adsrvr.org/	1970-01-21 08:10:27	Name: TDCPM Value: CAEYBSABKAIyCwjg-77UirmoPRAFOAE.
.go.sonobi.com/	1970-01-21 08:10:27	Name: __uis Value: 563c63e1-ee95-4e9f-9a2b-e69f50b2b843
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s8564\|Zt8Cl
.torontosun.com/	1970-01-21 09:00:51	Name: _ga_RT9GKF97XT Value: GS1.1.1725891219.1.0.1725891219.0.0.0
.torontosun.com/	1970-01-21 09:00:51	Name: _ga Value: GA1.1.1374569483.1725891220
.torontosun.com/	1970-01-20 23:24:53	Name: fc_session Value: nopid
.gumgum.com/	1970-01-21 08:10:27	Name: vst Value: u_190329fe-1877-4191-a16c-19bbb2b3607f
.torontosun.com/	1970-01-20 23:24:53	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://torontosun.com/news/local-news/levy-state-of%22%2C%22sref%22:%22%22%2C%22sts%22:1725891220620%2C%22slts%22:0}
.torontosun.com/	1970-01-21 08:54:15	Name: _parsely_visitor Value: {%22id%22:%22pid=395c4224-7665-4ebe-85ff-c637820cc47a%22%2C%22session_count%22:1%2C%22last_session_ts%22:1725891220620}
.torontosun.com/	1970-01-21 09:00:51	Name: _ga_H792QCFZPV Value: GS1.1.1725891220.1.1.1725891220.60.0.0
.adnxs.com/	1970-01-21 01:34:27	Name: XANDR_PANID Value: ifJRBVpS-yI-K4gLzP8xpxi97nBn-FrnQDkS6xkNXZEaoRW6lyzS41mY7B1UYXi1UL2iauaW3cxnsngWqGqlZoksUv7GG5U_nxoc6T6JZnw.
.adnxs.com/	1970-01-21 01:34:27	Name: uuid2 Value: 9079213231228108371
.torontosun.com/	1969-12-31 23:59:59	Name: ___nrbic Value: %7B%22isNewUser%22%3Atrue%2C%22previousVisit%22%3A1725891221%2C%22currentVisitStarted%22%3A1725891221%2C%22sessionId%22%3A%22e743555a-228f-42e9-9d84-420ddd48d76a%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//torontosun.com/news/local-news/levy-state-of%22%2C%22referrer%22%3A%22%22%7D
.torontosun.com/	1970-01-21 03:45:29	Name: ___nrbi Value: %7B%22firstVisit%22%3A1725891221%2C%22userId%22%3A%229a613a82-0f29-4afa-ae4f-fc0f0b22c8dc%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1725891221%2C%22timesVisited%22%3A1%7D
.torontosun.com/	1970-01-21 03:45:29	Name: compass_uid Value: 9a613a82-0f29-4afa-ae4f-fc0f0b22c8dc
.torontosun.com/	1970-01-21 08:53:39	Name: cX_P Value: m0v32ilfdbt80b15
.torontosun.com/	1970-01-21 01:34:27	Name: _fbp Value: fb.1.1725891221303.266410260886148915
.semasio.net/	1970-01-21 08:10:27	Name: SEUNCY Value: F6564ED135BB5A0E
events.newsroom.bi/	1970-01-21 03:44:03	Name: 1528_u Value: 9a613a82-0f29-4afa-ae4f-fc0f0b22c8dc
events.newsroom.bi/	1969-12-31 23:59:59	Name: 1528_s Value: e743555a-228f-42e9-9d84-420ddd48d76a
events.newsroom.bi/	1970-01-21 00:08:03	Name: 1528_lv Value: null
events.newsroom.bi/	1970-01-21 00:08:03	Name: 1528_ut Value: 0
.cxense.com/	1970-01-21 08:10:27	Name: gckp Value: 13evzqpdhsx743pa853mjjq7ye
.tapad.com/	1970-01-21 00:51:15	Name: TapAd_TS Value: 1725891221718
.tapad.com/	1970-01-21 00:51:15	Name: TapAd_DID Value: 3f3fe8e2-1e41-43ad-84e5-20b45d8a19f2
.tapad.com/	1970-01-21 00:51:15	Name: TapAd_3WAY_SYNCS Value:
.id5-sync.com/	1970-01-21 01:34:27	Name: 3pi Value: 112#1725891221574#-990940814#F6564ED135BB5A0E\|434#1725891219929#-1163557662\|2#1725891220954#-1794246633#9079213231228108371\|1221#1725891221858#-1482083833\|264#1725891219580#333327946#14719fe3-2571-417b-bda3-a04b436cc302\|441#1725891220529#1824871358#u_190329fe-1877-4191-a16c-19bbb2b3607f\|108#1725891221858#-145152761\|429#1725891219028#-1639528079#5D45139A-373C-4286-9DEA-2FA0129AEC7C
.torontosun.com/	1970-01-21 08:53:39	Name: cX_G Value: cx%3A1pvqv8o0n4ag81ayva1tcv40je%3Av7wjidaeoypa
.torontosun.com/	1970-01-21 09:00:51	Name: _ga_72QH41ZTMR Value: GS1.1.1725891220.1.0.1725891222.58.0.0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://torontosun.com/news/local-news/levy-state-of Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.fullcontact.com/v3/webtag.resolve?webtagKey=yY2pOf77RzG1E3grWXhBFn9ZtGmt6vYa Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RjY1NjRFRDEzNUJCNUEwRQ%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-e88bgAkTouQ-sU9cnrCu_bjWuV_ZLvmNycDXqFZ7hQ Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	warning	URL: https://torontosun.com/news/local-news/levy-state-of Message: The resource https://ak.sail-horizon.com/spm/spm.v1.min.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
ak.sail-horizon.com
analytics.google.com
api.fullcontact.com
api.permutive.com
api.viafoura.co
assets.ribn.com
auth.lrcontent.com
bcp.crwdcntrl.net
buy.tinypass.com
c.amazon-adsystem.com
c2.piano.io
cdn-gateflipp.flippback.com
cdn-ima.33across.com
cdn.cxense.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.parsely.com
cdn.taboola.com
cdn.tinypass.com
cdn.viafoura.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
config.lrcontent.com
connect.facebook.net
d-code.liadm.com
dcs-static.gprod.postmedia.digital
e01.atmtd.com
edge-auth.microsoft.com
events.newsroom.bi
events.qortex.ai
experience.tinypass.com
fem.gprod.postmedia.digital
floors.atmtd.com
fonts.googleapis.com
fonts.gstatic.com
go.automatad.com
googlesync.permutive.com
gum.criteo.com
i.viafoura.co
ib.adnxs.com
id.cxense.com
id5-sync.com
identity.mparticle.com
idsync.rlcdn.com
idx.liadm.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
lb.eu-1-id5-sync.com
lexicon.33across.com
micro.rubiconproject.com
p.flipp.com
p1.parsely.com
pippio.com
pm-widget.taboola.com
postmedia.hub.loginradius.com
rp.liadm.com
rp4.liadm.com
sb.scorecardresearch.com
scripts.atmtd.com
sdk.mrf.io
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
smartcdn.gprod.postmedia.digital
static.trueanthem.com
stats.g.doubleclick.net
tags.crwdcntrl.net
tags.fullcontact.com
tags.qortex.ai
td.doubleclick.net
torontosun.com
unpkg.com
vidanalytics.taboola.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
www.npttech.com
cm.g.doubleclick.net
torontosun.com
104.16.143.111
104.18.176.126
107.178.254.65
108.138.106.56
108.138.106.83
108.138.115.149
108.138.128.46
108.139.29.52
108.139.47.50
13.107.6.158
13.225.63.110
13.226.34.86
142.250.176.195
142.250.72.104
142.250.80.36
142.251.40.194
142.251.40.98
143.244.213.152
145.40.89.32
151.101.1.44
151.101.129.44
151.101.193.44
157.240.241.1
162.19.138.119
162.19.138.83
172.64.152.89
172.67.155.215
172.67.159.162
172.67.22.191
172.67.40.225
172.67.72.135
18.164.101.60
18.205.166.168
18.238.55.52
216.239.38.181
23.203.179.38
23.205.2.235
2600:141b:1c00:2482::268b
2600:1f18:44f0:4850:7963:2d32:88db:3d63
2600:1f18:730:b120:3639:11da:2268:5ca3
2600:9000:21dd:a400:8:2ae1:d740:93a1
2600:9000:23cb:5000:1c:2afd:fb00:93a1
2606:4700:10::6816:3556
2606:4700:20::681a:13e
2606:4700:20::681a:3e
2606:4700:4400::ac40:91b1
2606:4700:4400::ac40:98f3
2606:4700::6811:f8cb
2606:4700::6812:4eb
2607:f8b0:4004:c06::9b
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80e::2003
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81f::200e
2607:f8b0:4006:824::2008
2620:100:a00b::12
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:200::485
2a04:4e42:400::645
2a04:4e42::645
34.107.254.252
34.117.147.204
34.117.54.29
34.149.157.221
35.241.9.51
35.244.154.8
35.244.193.51
44.206.181.253
44.208.57.122
52.21.135.234
54.144.144.142
54.175.18.20
54.236.187.249
57.128.96.202
68.67.160.114
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
02c5ffc45100bfa72a88b1cf8ca400026c683c45b00e1f41504557c3ab7b710a
02f8130e092bbda36484ef92fddef71fbf33cbd9286d509b813d5fa242ab7b07
04a0c20c086ea1edc10ab2a9612afc96ac6bd5a49fa5b310768aba2ab688718f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0876b1b660da79fad9471d3e15816803e4c8f066cba866063bca01f316f7ec93
08e2e909fb0b5d12c2635f23a5a9d164ecfd64daaec1a4ad9253a5d9c4e4cdd2
0a59ea34c2a48879f45c688ea266ddf6a95310a7315650138c86fe45c197abe7
0dfa9f5311381ee2a357e313d2e1815929a87f471a0612d3103602771c8e84de
0e50b6dc55f72c4fee533d1666100f6d7bdda7dff35b0979666fde7158e8d7c4
0f5acbfe0d9c217c951942c98620a02624bd3e6637d261c12ef9c55909251b96
12efbe2db232da135bb9a26a79d1a172bf48319f6e6dbbf60320c6f16e1a48cf
134c97ce633bf82631dc50bcc98d548fa8951003aba01bd426b3dcb61067819d
1413cc79bcd47b4af0fe4fe72237f906e31ca8d335314ff0ddb1ffca3c1b7afe
15b54a90686829d59ef0c2bc6a9e2e82b6a11536be56acf2b4ff414b081c891d
15e0aa473ffa549d71bf69947b7dc978665de89c7816b31792322bc16b296168
16c6db2264fc4692b56c6684fc47601ab5f09dd4110f3f8e1497fb223e1e1240
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5
179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61
17c676c141b36613e4d5c3f4765ca02fb5d9e83367488eff52d8a50dcc987d44
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1985ed8d171d72f52263b05cb8e81d1c82564b2f547841aeb14fe2fc404ff684
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1be24db5f3aa860a3d2b5c918f43e1cb57dc367db832e72cc4dc5f289d81bcc5
1e796728e891c65c4f607f7c41a419fdba995d96710a9cf0d671879995e83574
241fb966896eced8f7cc1ac6f1f62deb278993b7d501240882b3e15b9ab523b1
24241308b087ef0282bef310d0968ea7baacbdd9e376809645bf3e216c67722f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
277abbdb5eba2ae36556023150efa4cdeb86f859e9701e73f08faf07aeff160e
2a497f7892149a1cbba1abf69d08bc22ddfafd835e07b97a310ade3d1e63d13b
2c1cd912006884427e5b206fc39d264ff7c80ffb5fbb0935b68eb4b403f8d4e8
304a596bb9715360b71c3002d94553e04943f56dffbbefcf5c3ce3efc60db4a5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
33cc6e61cbb1addafa75cc8ed40216823ee7e50631bb8d2b71eda77ca81a77f3
33d90fb972cd60019e9611c5682c2f4fc79fa109a76a236e8894121c6de8a452
3b2ed21935f0861241c0d0483b604205ee065122d120bde02e1bffd2d2346744
3ba871bc7df3575268383e6f87afa33f41b20307dd4141e9288e96597a634fb7
3c509a8b1165e7cfba541b2fd2a3829dfbeedfaa434d61b25c31d80902f1a601
3c6dca214089cd4df1f188267d6f42e917ea662a14332d0a2e8627a56431207b
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
429c09ef872b45d80fa51a8ed156e581ed31fd094c179e4d6dd1d3f1bf18f20b
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4460e00efd2c8d499fbccf04f310c7984eb81e4a2ff9ee55e09a942a68dae786
469c3c3ebe581ecb1a3c893d20b642bbc014912693d13cc2bfd54de246e12c1d
46d7779aadd344d2a95e120f81b6bbd0cdf0ab0ab1d1cf63e03aee24d60c3241
497f053df078e16fc3614f2d1f04630846b2c7a9efe4ef5ce273baddc814415b
4bc8c25a69301455f77ae0d6432f1bf0c1e24c2c514130589803f190fcc6681f
4cc7d4d710673de28581c0cd51cb06bb2acc6aee80be7ac688d31c3d3d163906
4f4143f7f86c1d683680ac81953e5f23b0008f05e6ff5a3661a92341f17e95f4
519e73e2fc0cf71ac3fc7e36fdd9d0f898ea894de1e62bbd3724415305dc8b76
59f51b4dbe0d027dca11c8ff9018a05a03d442698f9cbd07ea17356763a32176
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5b740b764c32da039868fb07780caa7d55401fb92c17adfff3e07e31f74e9464
5df5ba5318545215b0148ecd1a1f866e4a1993ab6ef834c7fa600d4c0c2ac01f
5ecb965caa7178aee751c35f802bb40e49aaeed68e7cd1e17f285bbf918b01cc
5f9abc59c4a6c2646a8732e9c6a8b7a8f61e7e75e328132f108f8d85b3978dc5
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08
5fdf5757206da468353cbfe267bc6648d1c9bf49096cc6650e013f1414c0348f
61e871fe8b83f5c5466a97efa52e66feb364c7d4d4495129ea33ba7a277564b7
629afec94a73f73e1d8cad980b3c2fa816719936a87280ceb366bb4a107dacd9
63b90661a7fa25d46eaf0dd3d0d80afc5be6d8c6bf1bc3d8de939df43c3ddc2c
6a8a53bd115acd2b119a42b0943d57667498975cc19009011d780da5d5edd4be
6ac7b70ed7e55e26a07a65c1c0dd5121f776b936fb52a096366e1782a8933760
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e1442a4ed58986cc47bc718ab9b6b434c367cf0e8f900309318b0bb78412076
6eb7b5b175b04b83dfb328b49ee9aaf9ec725ff4e3a227ee871029293db74d8a
6fdb7c12792ebd6e785128456249178e9b508c9677a300df8fbc6e7520147baa
7118c465a519e4908a2e983f7b97fa18c8be1b551928102b51c31de08486171f
712369aef7db8ee613780ed94892762890345add2113c7749b2f03b819c0a4fc
75687120c34db5ba05d6bb24a5aa545d0116af50bcf239bed116661d6a532c4f
789f444ec23aaaa66971b7e515b952030812f9ee80bb4d40f229e14819a252b0
792a63b3f8dfac70677824a0f359f68dfcb306c1398aacf00ae2605074b1c0e3
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7c716d0f2f83a533361dcae7162065f1acebb02f1354686bf4374238c751e5de
7d696232ddec32dd77d572a92ea8abf284accd111b968ab1c5c438cf84985aea
834855b0c8387a3ba457811b0e664777e79fa712722c962f12efb129b60c47b4
8370f5d818eb4c49220ec874612de68fca44e3c54c991c85907a8e0cc33f9283
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8890f286a1c30ce3fc996087571af716ac09b2f69b678854675710a530ffb666
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
89bd39b2a848d8ef9910066b7c39e9742cc47bd2cf700c273e026c3f60d213d2
8a6ae9397962f51ae98cb8f835fb8d5d1e9e95a79bdde56c12fcdd2f227b0673
8c3ebc88501ed6a4c5ed7452efcd759e48cc9797071da470a66f59bf8cd79e15
8eb9324ae96d3fa3ae9f1c63c1b3d64a3e878ab726c30a2bc25fe8e79e33eac7
9061316ebceb8b497b58fa0605207b70bad59a334060b636e439effc7e44900a
96da850789d5b230a3bd4a2a124bcb719716d46186f32a0c8ee09297e435254e
99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436
9e163e69a01d2ce1e0c682f1a658dfcda7ea0ce2fd370d697a4a9285c86ef6eb
9e229513af6ce1b4cfdc5a43b455654b9526f8fc446d650246eb3036e14a8d77
9fd2f63c1c9cb94ccd7d258e81648758206f1a581780a73c30e657af74b6e3f8
a48f9425b7942e0b3c4741ac69dcd5ef4cdf92f9cdeaf9e348be98ba2aee9532
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab800c9061a1ce95d428741cf664ba573abda7a1c120dfa52179d08b56675207
abc308011d9550d6702d42e4cebb52e8b364b7098228484eb33cbbd3d4b4b80e
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
af12bb645bba27c629948c75a8c67909c24e166f1c324fe37850b1a7fb27b318
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b5e5a232ab607a914f16f8ac936682b4c695e8d5fd0a40daa26ac7603c33363c
b76ff1073099166c3843df64c523f619a2aeb2e2fabc12238a0196ff4769367c
b99841f54d3cb462574abf3806e7c61cd8f5fd6e340051ae7dd3cd8acd4965a7
bbb6de1e8b6b7b98e612945463c49aa8939e106d209dc5b7b5a21342fd6e2902
be1274185bc7a88a74588ef82af3d472ccdc2574282522325f687f37f58dd788
bf0c89a6d466325e7481eca13bbecf43daa80644400723d47e43457bc14985f2
c2e99cf57d0451726556751ae7a477c3007367909c02779afc6a09ebb2d9caf2
c301cea731a34c0862bd5d8d9cb91665d1c2d3d0c159b20a9179b00181bfc618
c3255c155a89343a3aacbf18ec6400cba42a0529f49d8ff9d79d178034705f07
c32a8e2b2611ac780b3e0d4002f911979e1b8f205b3d3dd515468711d4869d86
c53fc7bdefd460166261897f1dd5ba0249643df21f7d777e8d9e1fa8fd39ed6a
c6194671ffdb69477f4556bba57e71036c2a9348094466bc667c26cb29c73336
c6b227e27e04c5d00dded778c7f4cb751eea59ed749d55506b2aa33641ab734f
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
c949a53bb8ce748903887c88621a6f43983eda099e5c094c5716fb68ace51beb
ce9f7449a45de1091cda4647b73176ade7222827323a46f26f38239ea8cc5d62
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc4b66abf31e22738531b7e313bb2d76bbf77c0b91583dd6ef3d68da8d33f80
d04c0e3e88947ddf1538e3315df91b065380ea97a9a5cb40c2f89574e5fb3067
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428
d4cd6226e2521b6c534e936918a498fe5c2fb112214c378747f2fb286d88ba7e
d824cd9adec02120ce914792a4f8df10dc72e68bbcdf158c5e49fea2464fd99a
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e492753a602bb173fb1bbe4986bb5493ec4fe763e5da3ad54126e443bab8dfd2
eb81b353cf79a30f060d68a2cc3dff0f39e0ba3ae8fea742ca85e1d920e824b5
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ee781c0c021aa874a52a7741466a90708bed089eb41e4b6e59cea4ba5bf33e6a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6a3737c572b2fc3bf46cde002069b22dc488395174aec22f02e11af3d640a3
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
f86ee95132db5506d6fd86e61503c51593645cac136c320c7bcb2f7064f1332a
fe0305a892613f25ab92b692f00ecef1b2b00d4e408b12ab14c75b66586bfdb7

torontosun.com Open in urlscan Pro 34.117.147.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

166 Requests

95 %HTTPS

32 %IPv6

52 Domains

81 Subdomains

75 IPs

4 Countries

3889 kBTransfer

12338 kBSize

80 Cookies

23 Outgoing links

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

torontosun.com Open in urlscan Pro
34.117.147.204 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

95 %
HTTPS

32 %
IPv6

52
Domains

81
Subdomains

75
IPs

4
Countries

3889 kB
Transfer

12338 kB
Size

80
Cookies

166 HTTP transactions
0 data transactions