urlscan.io logo urlscan.io
SecurityTrails logo

www.therecord.com Open in urlscan Pro
143.204.98.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://therecord.com/
Effective URL: https://www.therecord.com/?redirect=true
Submission Tags: tranco_l324
Submission: On October 31 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 55 IPs in 6 countries across 41 domains to perform 205 HTTP transactions. The main IP is 143.204.98.114, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.therecord.com.
TLS certificate: Issued by Amazon on July 28th 2021. Valid for: a year.
This is the only time www.therecord.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 51 143.204.98.114 16509 (AMAZON-02)
1 142.250.186.138 15169 (GOOGLE)
12 143.204.98.129 16509 (AMAZON-02)
1 104.18.5.81 13335 (CLOUDFLAR...)
2 3.213.205.83 14618 (AMAZON-AES)
1 35.241.9.51 15169 (GOOGLE)
2 185.33.220.243 29990 (ASN-APPNEX)
4 34.107.254.252 15169 (GOOGLE)
5 2.18.235.40 16625 (AKAMAI-AS)
1 158.101.193.98 31898 (ORACLE-BM...)
7 143.204.98.123 16509 (AMAZON-02)
2 142.250.184.200 15169 (GOOGLE)
6 34.96.102.137 15169 (GOOGLE)
1 18.134.72.135 16509 (AMAZON-02)
7 143.204.98.112 16509 (AMAZON-02)
1 1 93.184.220.66 15133 (EDGECAST)
1 199.232.136.157 54113 (FASTLY)
1 143.204.101.28 16509 (AMAZON-02)
7 51.104.28.77 8075 (MICROSOFT...)
2 2.18.234.21 16625 (AKAMAI-AS)
2 104.16.190.66 13335 (CLOUDFLAR...)
1 142.250.185.67 15169 (GOOGLE)
1 104.244.42.133 13414 (TWITTER)
2 157.240.221.16 32934 (FACEBOOK)
1 3 143.204.98.125 16509 (AMAZON-02)
1 143.204.101.2 16509 (AMAZON-02)
1 143.204.101.224 16509 (AMAZON-02)
1 146.88.138.85 33438 (HIGHWINDS2)
4 143.204.95.188 16509 (AMAZON-02)
1 104.244.42.131 13414 (TWITTER)
2 108.128.92.179 16509 (AMAZON-02)
1 52.223.40.198 16509 (AMAZON-02)
1 34.120.133.55 15169 (GOOGLE)
2 142.250.184.226 15169 (GOOGLE)
1 104.111.239.215 16625 (AKAMAI-AS)
5 142.250.184.238 15169 (GOOGLE)
1 143.204.103.127 16509 (AMAZON-02)
17 35.190.14.224 15169 (GOOGLE)
1 52.51.58.216 16509 (AMAZON-02)
2 13.36.218.177 16509 (AMAZON-02)
1 1 52.51.88.158 16509 (AMAZON-02)
2 143.204.98.97 16509 (AMAZON-02)
1 52.205.167.202 14618 (AMAZON-AES)
6 142.250.185.226 15169 (GOOGLE)
2 157.240.221.35 32934 (FACEBOOK)
1 173.194.76.157 15169 (GOOGLE)
9 52.28.203.152 16509 (AMAZON-02)
5 185.33.220.241 29990 (ASN-APPNEX)
1 184.31.84.150 16625 (AKAMAI-AS)
1 142.250.185.98 15169 (GOOGLE)
1 142.250.185.97 15169 (GOOGLE)
2 172.217.16.130 15169 (GOOGLE)
5 142.250.185.225 15169 (GOOGLE)
4 142.250.181.225 15169 (GOOGLE)
1 4 142.250.181.228 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
205 55
51    143.204.98.114 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-114.fra50.r.cloudfront.net
therecord.com
www.therecord.com
1    142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
fonts.googleapis.com
12    143.204.98.129 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-129.fra50.r.cloudfront.net
bc.therecord.com
1    104.18.5.81 (United States)

ASN13335 (CLOUDFLARENET, US)
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
2    3.213.205.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-205-83.compute-1.amazonaws.com
torstar.blueconic.net
1    35.241.9.51 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
2    185.33.220.243 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
4    34.107.254.252 (United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
5    2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
sejs.moatads.com
z.moatads.com
px.moatads.com
1    158.101.193.98 (Seattle, United States)

ASN31898 (ORACLE-BMC-31898, US)
torstar.gscontxt.net
7    143.204.98.123 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net
resources.thestar.com
2    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
6    34.96.102.137 (United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    18.134.72.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-72-135.eu-west-2.compute.amazonaws.com
mb.moatads.com
7    143.204.98.112 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-112.fra50.r.cloudfront.net
images.thestar.com
1    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    199.232.136.157 (United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    143.204.101.28 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-28.fra50.r.cloudfront.net
d5phz18u4wuww.cloudfront.net
7    51.104.28.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adserver.pressboard.ca
sr.studiostack.com
2    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
2    104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.districtm.io
dmx.districtm.io
1    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
fonts.gstatic.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
2    157.240.221.16 (United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lhr8.fbcdn.net
connect.facebook.net
3    143.204.98.125 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-125.fra50.r.cloudfront.net
sb.scorecardresearch.com
1    143.204.101.2 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-2.fra50.r.cloudfront.net
d1nxn87txdj54y.cloudfront.net
1    143.204.101.224 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-224.fra50.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1    146.88.138.85 (United States)

ASN33438 (HIGHWINDS2, US)
cdn.petametrics.com
4    143.204.95.188 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net
c.amazon-adsystem.com
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    108.128.92.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-92-179.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    52.223.40.198 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    34.120.133.55 (United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googletagservices.com
adservice.google.de
1    104.111.239.215 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-215.deploy.static.akamaitechnologies.com
resources.eyereturn.com
5    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
www.google-analytics.com
1    143.204.103.127 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-127.fra50.r.cloudfront.net
cdn.parsely.com
17    35.190.14.224 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com
query.petametrics.com
1    52.51.58.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-58-216.eu-west-1.compute.amazonaws.com
torontostarnewspaperslimited.demdex.net
2    13.36.218.177 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
s.therecord.com
1    52.51.88.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-88-158.eu-west-1.compute.amazonaws.com
cm.everesttech.net
2    143.204.98.97 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-97.fra50.r.cloudfront.net
api.thestar.com
1    52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com
p1.parsely.com
6    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
2    157.240.221.35 (United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lhr8.facebook.com
www.facebook.com
1    173.194.76.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net
stats.g.doubleclick.net
9    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
5    185.33.220.241 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    184.31.84.150 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
adservice.google.com
1    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
57dd74cd5beedab9e4bfac92d6cc8910.safeframe.googlesyndication.com
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
pagead2.googlesyndication.com
5    142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net
cdn.ampproject.org
4    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
tpc.googlesyndication.com
4    142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net
www.google.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
65 therecord.com
therecord.com
www.therecord.com
bc.therecord.com
s.therecord.com
1 MB
18 petametrics.com
cdn.petametrics.com
query.petametrics.com
72 KB
16 thestar.com
resources.thestar.com
images.thestar.com
api.thestar.com
349 KB
9 yahoo.com
c2shb.ssp.yahoo.com
1 KB
8 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
144 KB
7 googlesyndication.com
57dd74cd5beedab9e4bfac92d6cc8910.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
88 KB
7 adnxs.com
ib.adnxs.com
secure.adnxs.com
5 KB
6 studiostack.com
sr.studiostack.com
26 KB
6 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com
106 KB
6 moatads.com
sejs.moatads.com
mb.moatads.com
z.moatads.com
px.moatads.com
133 KB
5 ampproject.org
cdn.ampproject.org
103 KB
5 google.com
adservice.google.com
www.google.com
564 B
5 google-analytics.com
www.google-analytics.com
20 KB
4 amazon-adsystem.com
c.amazon-adsystem.com
40 KB
4 permutive.com
api.permutive.com
1 KB
3 demdex.net
dpm.demdex.net
torontostarnewspaperslimited.demdex.net
5 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 cloudfront.net
d5phz18u4wuww.cloudfront.net
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
58 KB
2 casalemedia.com
htlb.casalemedia.com
as-sec.casalemedia.com
807 B
2 facebook.com
www.facebook.com
442 B
2 parsely.com
cdn.parsely.com
p1.parsely.com
19 KB
2 facebook.net
connect.facebook.net
113 KB
2 districtm.io
hb.districtm.io
dmx.districtm.io
346 B
2 twitter.com
platform.twitter.com
analytics.twitter.com
1010 B
2 googletagmanager.com
www.googletagmanager.com
73 KB
2 blueconic.net
torstar.blueconic.net
2 KB
1 google.de
adservice.google.de
792 B
1 everesttech.net
cm.everesttech.net
517 B
1 eyereturn.com
resources.eyereturn.com
1 googletagservices.com
www.googletagservices.com
27 KB
1 rlcdn.com
api.rlcdn.com
329 B
1 adsrvr.org
match.adsrvr.org
544 B
1 t.co
t.co
469 B
1 gstatic.com
fonts.gstatic.com
113 KB
1 indexww.com
js-sec.indexww.com
35 KB
1 pressboard.ca
adserver.pressboard.ca
789 B
1 ads-twitter.com
static.ads-twitter.com
6 KB
1 gscontxt.net
torstar.gscontxt.net
434 B
1 prmutv.co
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
455 B
1 permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
136 KB
1 googleapis.com
fonts.googleapis.com
1 KB
205 41
Domain Requested by
48 www.therecord.com 2 redirects www.therecord.com
17 query.petametrics.com www.therecord.com
12 bc.therecord.com www.therecord.com
bc.therecord.com
9 c2shb.ssp.yahoo.com js-sec.indexww.com
7 images.thestar.com www.therecord.com
7 resources.thestar.com www.therecord.com
resources.thestar.com
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.therecord.com
6 sr.studiostack.com adserver.pressboard.ca
sr.studiostack.com
6 dev.visualwebsiteoptimizer.com www.therecord.com
dev.visualwebsiteoptimizer.com
d5phz18u4wuww.cloudfront.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 secure.adnxs.com js-sec.indexww.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.therecord.com
4 www.google.com 1 redirects www.therecord.com
4 tpc.googlesyndication.com www.therecord.com
securepubads.g.doubleclick.net
4 c.amazon-adsystem.com www.therecord.com
c.amazon-adsystem.com
4 api.permutive.com be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
3 px.moatads.com www.therecord.com
3 sb.scorecardresearch.com 1 redirects www.therecord.com
3 therecord.com 3 redirects
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 www.facebook.com www.therecord.com
2 api.thestar.com www.therecord.com
2 s.therecord.com resources.thestar.com
2 dpm.demdex.net resources.thestar.com
www.therecord.com
2 connect.facebook.net www.therecord.com
connect.facebook.net
2 www.googletagmanager.com www.therecord.com
2 ib.adnxs.com be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
js-sec.indexww.com
2 torstar.blueconic.net bc.therecord.com
1 googleads.g.doubleclick.net www.therecord.com
1 57dd74cd5beedab9e4bfac92d6cc8910.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 as-sec.casalemedia.com js-sec.indexww.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 htlb.casalemedia.com js-sec.indexww.com
1 dmx.districtm.io js-sec.indexww.com
1 stats.g.doubleclick.net www.google-analytics.com
1 p1.parsely.com www.therecord.com
1 cm.everesttech.net 1 redirects
1 torontostarnewspaperslimited.demdex.net resources.thestar.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 resources.eyereturn.com www.therecord.com
1 www.googletagservices.com www.therecord.com
1 api.rlcdn.com js-sec.indexww.com
1 match.adsrvr.org js-sec.indexww.com
1 analytics.twitter.com platform.twitter.com
1 cdn.petametrics.com www.therecord.com
1 d1z2jf7jlzjs58.cloudfront.net www.therecord.com
1 d1nxn87txdj54y.cloudfront.net www.therecord.com
1 t.co www.therecord.com
1 fonts.gstatic.com fonts.googleapis.com
1 z.moatads.com www.therecord.com
1 hb.districtm.io www.therecord.com
1 js-sec.indexww.com www.therecord.com
1 adserver.pressboard.ca www.therecord.com
1 d5phz18u4wuww.cloudfront.net www.therecord.com
1 static.ads-twitter.com www.therecord.com
1 platform.twitter.com 1 redirects
1 mb.moatads.com sejs.moatads.com
1 torstar.gscontxt.net www.therecord.com
1 sejs.moatads.com www.therecord.com
1 be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1 be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app www.therecord.com
1 fonts.googleapis.com www.therecord.com
205 63

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com
Subject Issuer Validity Valid
*.thestar.com
Amazon		 2021-07-28 -
2022-08-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
e377.thestar.com
Amazon		 2021-09-15 -
2022-10-14		 a year crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2021-09-20 -
2021-12-18		 3 months crt.sh
*.blueconic.net
Amazon		 2021-08-07 -
2022-09-05		 a year crt.sh
*.prmutv.co
R3		 2021-10-25 -
2022-01-23		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
api.permutive.com
R3		 2021-10-21 -
2022-01-19		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.gscontxt.net
DigiCert SHA2 Secure Server CA		 2020-01-22 -
2022-01-21		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2020-06-19 -
2022-07-06		 2 years crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.pressboard.ca
Go Daddy Secure Certificate Authority - G2		 2021-02-15 -
2022-03-17		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
cdn.petametrics.com
R3		 2021-09-09 -
2021-12-08		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.eyereturn.com
DigiCert SHA2 Secure Server CA		 2021-07-07 -
2022-07-12		 a year crt.sh
*.parsely.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.liftigniter.com
R3		 2021-09-27 -
2021-12-26		 3 months crt.sh
s.therecord.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-09 -
2022-09-09		 a year crt.sh
*.studiostack.com
Go Daddy Secure Certificate Authority - G2		 2020-11-06 -
2021-12-08		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.therecord.com/?redirect=true
Frame ID: 1F038D3BEE2A4DFDCEEE3D8544A7BEF3
Requests: 202 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: B87F093F22906FA18579BD8CE23B6D70
Requests: 1 HTTP requests in this frame

Frame: https://57dd74cd5beedab9e4bfac92d6cc8910.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6416F8492106326AB22E5FA7342B6E29
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 40B360E6E67AEE7C9E4EB51078ECF2A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://therecord.com/ HTTP 301
    https://therecord.com/ HTTP 302
    https://therecord.com/?redirect=true HTTP 301
    https://www.therecord.com/ HTTP 302
    https://www.therecord.com/?redirect=true Page URL

Page Statistics

205
Requests

96 %
HTTPS

0 %
IPv6

41
Domains

63
Subdomains

55
IPs

6
Countries

3189 kB
Transfer

9593 kB
Size

55
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://therecord.com/ HTTP 301
    https://therecord.com/ HTTP 302
    https://therecord.com/?redirect=true HTTP 301
    https://www.therecord.com/ HTTP 302
    https://www.therecord.com/?redirect=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://platform.twitter.com/oct.js HTTP 301
  • https://static.ads-twitter.com/oct.js
Request Chain 75
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005674&ns__t=1635642528795&ns_c=UTF-8&cv=3.5&c8=Waterloo%20Region%20News%20-%20Latest%20Daily%20Breaking%20News%20Stories%20%7C%20TheRecord.com&c7=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1635642528795&ns_c=UTF-8&cv=3.5&c8=Waterloo%20Region%20News%20-%20Latest%20Daily%20Breaking%20News%20Stories%20%7C%20TheRecord.com&c7=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&c9=
Request Chain 88
  • https://cm.everesttech.net/cm/dd?d_uuid=91920720387835992241093056373646475360 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YX3soQAAAHo4kAQS
Request Chain 166
  • https://www.therecord.com/assets/fonts/TorstarCompressed-Bold.woff2 HTTP 302
  • https://www.therecord.com/assets/fonts/TorstarCompressed-Bold.woff2?rf
Request Chain 199
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

205 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.therecord.com/
Redirect Chain
  • http://therecord.com/
  • https://therecord.com/
  • https://therecord.com/?redirect=true
  • https://www.therecord.com/
  • https://www.therecord.com/?redirect=true
354 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
fc36052cbcf725cc0524ee51eb8f467d6d11ea4a5a48cfbf1bd119c57ac517f2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
date
Sun, 31 Oct 2021 01:08:47 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://amp.therecord.com
x-powered-by
Express
etag
W/"5880d-+Porji4LXdQd4ioYAfc5tT+6cgg"
cache-control
max-age=180
content-encoding
gzip
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
4PGZVxG1V-Nl0HiFc3a_aoO2TrlURQ8_clwZaYvgTGst5D9wb84L9Q==

Redirect headers

content-length
0
location
https://www.therecord.com/?redirect=true
server
CloudFront
date
Sun, 31 Oct 2021 01:08:47 GMT
x-cache
LambdaGeneratedResponse from cloudfront
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
mO_D0iEkuuZVRc6ZSQ3CAKN33Mc7jM8hzfh3A-SS7ptzPgBtOydbbw==
icon
fonts.googleapis.com/ 		569 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
bd54d3dc95cf10c02ae9f22ec9e0d584284f02c241478074e4caadf5a8f49e6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 31 Oct 2021 01:08:47 GMT
server
ESF
date
Sun, 31 Oct 2021 01:08:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Sun, 31 Oct 2021 01:08:47 GMT
TorstarTextO3-Roman.ttf
www.therecord.com/assets/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/assets/fonts/TorstarTextO3-Roman.ttf
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.therecord.com/?redirect=true
Origin
https://www.therecord.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:01:09 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
4058
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
24616
last-modified
Mon, 18 Oct 2021 15:35:18 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"6028-17c940af2f0"
x-frame-options
SAMEORIGIN
content-type
font/ttf
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
i0HQNQyDTTBF894z1VuYAVkMvNdO7gpjE1tCT38-gOuSEN25pdllpQ==
TorstarTextO3-Italic.woff2
www.therecord.com/assets/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/assets/fonts/TorstarTextO3-Italic.woff2
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.therecord.com/?redirect=true
Origin
https://www.therecord.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:06:08 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
3759
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
18316
last-modified
Mon, 18 Oct 2021 15:35:18 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"478c-17c940af2f0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
ta6r72-T-7G0EJEj_TDABZxba4vJDy_GuSt9gHgo2M-HAGCOlMim_Q==
TorstarTextO3-Bold.woff2
www.therecord.com/assets/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/assets/fonts/TorstarTextO3-Bold.woff2
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.therecord.com/?redirect=true
Origin
https://www.therecord.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:01:09 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
4058
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
18276
last-modified
Mon, 18 Oct 2021 15:35:18 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"4764-17c940af2f0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
nyM5LEVgE2xic3hIruY7i_pCWcrUnCeMLGV5YNbMePZOOp-SvE1AIw==
TorstarDeckCondensed-Roman.woff2
www.therecord.com/assets/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/assets/fonts/TorstarDeckCondensed-Roman.woff2
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.therecord.com/?redirect=true
Origin
https://www.therecord.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:37:04 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
1903
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
19052
last-modified
Mon, 18 Oct 2021 15:35:18 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"4a6c-17c940af2f0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
pFpLo9GRLCzEBEG6xfK-U5yy1REC-lAk2lgq9BS6XhfY2aBxIGWRmw==
TorstarDeckCondensed-Semibold.woff2
www.therecord.com/assets/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.therecord.com/?redirect=true
Origin
https://www.therecord.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:00:37 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
4090
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
18736
last-modified
Mon, 18 Oct 2021 15:35:18 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"4930-17c940af2f0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
j0L3qwa5a86rAUlvjoK9B4iEarqJpMgFe4UQOWwHXrldOaEFGh44TQ==
MerriweatherSans-Regular.woff2
www.therecord.com/assets/fonts/merriweather/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.therecord.com/?redirect=true
Origin
https://www.therecord.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 22:15:30 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
10397
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
55032
last-modified
Mon, 18 Oct 2021 15:35:18 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"d6f8-17c940af2f0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
9Qo0vVAtTLb6XyUEvVKkOWgr-uUDiIpx76R1CyMfiCViFMwEo7D2uQ==
MerriweatherSans-Italic.woff2
www.therecord.com/assets/fonts/merriweather/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.therecord.com/?redirect=true
Origin
https://www.therecord.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:00:10 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
4117
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
53664
last-modified
Mon, 18 Oct 2021 15:35:18 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"d1a0-17c940af2f0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
SNpQ_Vwvpy16XH6KBHjWpkVGOrVjqB8gFcOrZokFrV-tR8VtgYC39Q==
MerriweatherSans-Bold.woff2
www.therecord.com/assets/fonts/merriweather/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.therecord.com/?redirect=true
Origin
https://www.therecord.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 22:31:14 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
9453
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
56380
last-modified
Mon, 18 Oct 2021 15:35:18 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"dc3c-17c940af2f0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
rXAAozApcInjkyaxyBAuuyu4YaxeEK-N-ZcI9sbB1E1yoE-lYhbvUQ==
MerriweatherSans-BoldItalic.woff2
www.therecord.com/assets/fonts/merriweather/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.therecord.com/?redirect=true
Origin
https://www.therecord.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 23:59:38 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
4149
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
54800
last-modified
Mon, 18 Oct 2021 15:35:18 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"d610-17c940af2f0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
o-fSDyB1xcppZVqxbhYq5bqDX13nPP_EkDSbrvmQmIVRwbCZJhrEAA==
MerriweatherSans-Black.woff2
www.therecord.com/assets/fonts/merriweather/ 		53 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.therecord.com/?redirect=true
Origin
https://www.therecord.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 21:10:59 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
14268
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
54304
last-modified
Mon, 18 Oct 2021 15:35:18 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"d420-17c940af2f0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
3zapbaqwNpLgRBuXFI8UzszTS_1LfJJzyd6lbWbDfNHrUNDiijxQYg==
script.js
bc.therecord.com/ 		130 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.therecord.com/script.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-129.fra50.r.cloudfront.net
Software
- /
Resource Hash
5a247496bc74eccc2f2ecacd48f8698976ebda9d2717d0ea8bb162a605572464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
192
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
39821
x-xss-protection
1; mode=block
last-modified
Sat, 30 Oct 2021 20:54:55 GMT
server
-
etag
a4a01737bf1ae0348356fe2d280c00f3
content-type
text/javascript; charset=utf-8
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
public, no-cache="Set-Cookie", max-age=600
x-amz-cf-pop
FRA50-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
OQ85DxHtGQPQMfunosNYoXjw9YfWejxgRzDzNIU9abt7wIxaMoqjmQ==
expires
Sun, 31 Oct 2021 01:15:35 GMT
73.css
www.therecord.com/static/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/static/73.css?v=6550e3d1b4da6b21e15f
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
5da4fd106c0579a3a3ed3d8c27bb0123c8aa31ebcb1262357ee20d338ac8d12f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/?redirect=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 20:20:29 GMT
content-encoding
gzip
age
18701
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
https://amp.therecord.com
last-modified
Mon, 18 Oct 2021 15:40:13 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-frame-options
SAMEORIGIN
etag
W/"1c92-17c940f7348"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control
max-age=300
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
sUbANaEIhR6tUAxN0r91e3x-EeMWCvmeYPecqxj0Igrim-c_HhUS7w==
bundle.css
www.therecord.com/static/ 		433 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/static/bundle.css?v=ffc0102766a860aca78a
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
8b9a8b7f4e0eacfff24af681e1225070e2b4ca196af7575f4f9ee7abf2e5b75b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/?redirect=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 20:20:29 GMT
content-encoding
gzip
age
18701
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
https://amp.therecord.com
last-modified
Mon, 18 Oct 2021 15:40:13 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-frame-options
SAMEORIGIN
etag
W/"6c205-17c940f7348"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control
max-age=300
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
xruj8xg4fd2yEUQxT3TkDWCE6WyVyr6wvoTwLMEF_GiVn1DhjB3Qhw==
be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/ 		471 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebabc8ebcb1e84a5a8072d05a76d9528a3aa692a0761c07d977c410412cc4fd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:47 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
be54a597-6b6d-4e2d-9d31-642310a8db25
x-guploader-uploadid
ADPycdt73JumXgAa4yRS7dto2ELC3ihjgkJjxmVXsSRKqNUhjK2fbgY9j-L1tU1LQwAmGOcODLYy227nZDlkTMA0rtsgQDTScQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
last-modified
Thu, 28 Oct 2021 20:51:15 GMT
server
cloudflare
etag
W/"edbef704c8de9b956878ffed8208ba3e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=zlPY7Q==, md5=7b73BMjem5VoeP/tggi6Pg==
x-goog-generation
1635454275775192
cache-control
public, max-age=300
x-goog-stored-content-length
143728
cf-ray
6a68fe871dd77163-DUS
expires
Sun, 31 Oct 2021 01:13:47 GMT
cs
torstar.blueconic.net/DG/DEFAULT/ 		16 B
705 B 		Script
General
Check archive.org
Download Go to
Full URL
https://torstar.blueconic.net/DG/DEFAULT/cs?&callback=bc_json189
Requested by
Host: bc.therecord.com
URL: https://bc.therecord.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.205.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-205-83.compute-1.amazonaws.com
Software
- /
Resource Hash
39b22117e39903ddf411626a0f7ba1d81e6b5f97935ebe2a6c2ac243235f68dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:08:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
content-type
text/javascript; charset=utf-8
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
pxid
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/ 		46 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/pxid?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
1b723e0d0e0276b6164551f0f25b5e9a0fa13a1cbbc06a5e2be4ec4a510f0b12

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:08:47 GMT
content-encoding
gzip
server
Permutive
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://www.therecord.com
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
clear
content-length
66
via
1.1 google
getuidj
ib.adnxs.com/ 		11 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:08:47 GMT
X-Proxy-Origin
216.131.111.132; 216.131.111.132; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
703c7b2c-bcc4-4bb1-8516-278a2881ca57
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.therecord.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
geoip
api.permutive.com/v2.0/ 		246 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
58a6e36d9b9032be70052ebf42201b8dfab1ae87a0040082565900dcd521bfce

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:08:47 GMT
content-encoding
gzip
server
Permutive
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://www.therecord.com
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
clear
content-length
178
via
1.1 google
7c95277f-d4e1-498c-81b4-85643a1f22d1
https://www.therecord.com/ 		269 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.therecord.com/7c95277f-d4e1-498c-81b4-85643a1f22d1
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22bf8f301983af4a61692d5002d4258dbe50ba36622578f1189fb56ec26a3146

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
275363
72f1495a-8dbf-490e-b976-d290bef2d766
https://www.therecord.com/ 		22 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.therecord.com/72f1495a-8dbf-490e-b976-d290bef2d766
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd2d3727e2bf056b8f108414c53312119bb882738579b003c4c2fa699e99a6b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
22401
identify
api.permutive.com/v2.0/ 		50 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
d998d5d41de30d3427d2aea25fca650619b25779bf0ba68a8102b4be2aa75a7a

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:08:48 GMT
content-encoding
gzip
server
Permutive
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://www.therecord.com
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
clear
content-length
70
via
1.1 google
yi.js
sejs.moatads.com/torontoprebidheader623296055317/ 		216 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f1e39c99cbce0f004507b520ec7d70439089a505f0dc702698400e3340191115

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 01:08:48 GMT
Content-Encoding
gzip
Server
AmazonS3
x-amz-request-id
5TPDXSW5286BZ8KD
ETag
"85c73b6c12815a4951269fde9e2ea49c"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=56741
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
+oxNAI5KAEzMEYhCnmG16+oKh8IsTFR1x4RTkts9E8b36bWKi/hmALE95C7RvtoOotAySlhWWiw=
ads.js
www.therecord.com/assets/js/ 		22 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/assets/js/ads.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/?redirect=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 20:20:29 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
18702
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
22
last-modified
Mon, 18 Oct 2021 15:35:19 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"16-17c940af6d8"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
U1j_IR1Sh1QLNWtbheMVOcWQhbDfkLkxwC2QQUD0GphOPB6op_MCFw==
channels.cgi
torstar.gscontxt.net/main/ 		356 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.101.193.98 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
5b8b1cbb1bacb265ecd2affc0ab76c3819cfb68789c68aaa3e0e9ddd9975aad4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
356
Content-Type
application/javascript
launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
resources.thestar.com/ 		306 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-123.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dfe8f7f111b5e1229765302dccfedd695ec7ff32a83a34c80f9bb0ac74fdc917

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:32:09 GMT
content-encoding
gzip
last-modified
Sun, 31 Oct 2021 00:32:05 GMT
server
AmazonS3
age
2200
etag
W/"09ed3a3e8c445b6e33fbd329ad2a463d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Vo_BDFoYa_F5VpJHd0TF7mRmG3pNKNfw
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
DI89H6EFpRdhuXHX2uKU_5ACpsYwGfJ9xY_Iu_rMFak4jQxvSXov4g==
gtm.js
www.googletagmanager.com/ 		112 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M8B3VW&gtm_auth=1W69eQhT3q5tQGrHIjG7EA&gtm_preview=env-1&gtm_cookies_win=x
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
33f20fa1fedc80e5ac3a2887af44e76a445497357e50d8b3dd8e47c0f19e4bbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:48 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43268
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
js_visitor_settings.php
dev.visualwebsiteoptimizer.com/deploy/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&random=0.42636228168044976
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
079c9087367df7a04c37758edeb7c4c144c68b3e8cf81f6acbda4822cf659ec1

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 31 Oct 2021 01:08:47 GMT
via
1.1 google
server
gfra1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
logo-therecord.svg
www.therecord.com/assets/svg/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therecord.com/assets/svg/logo-therecord.svg
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
98c3f052b72e7bd0d9797e054a0817794b9814bf34f2e8489fbeded175bee5b5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/?redirect=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 23:27:40 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
6068
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
22172
last-modified
Mon, 18 Oct 2021 15:35:19 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"569c-17c940af6d8"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
ItaUyHylMSV34E3JT5x0VhwxzKx-lmBrprXitVQJkJh9Y70GsSuXYg==
loading-spinner.svg
www.therecord.com/assets/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therecord.com/assets/img/loading-spinner.svg
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
9474557b14923e78c9b0b7b44bccd0d7018187fb0150095946932a071f155933
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/?redirect=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:29:13 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
2375
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
3412
last-modified
Mon, 18 Oct 2021 15:35:18 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"d54-17c940af2f0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
7eH4k3NMb0gXYHtDpfB41xu2COVQQieP6CJA9xu31psJhzsnGIzUvQ==
logo-round-therecord.svg
www.therecord.com/assets/svg/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therecord.com/assets/svg/logo-round-therecord.svg
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
d3a268afe2578871f64d50a68127bf60d0f0524b369b97f56e7ce3cde730c110
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/?redirect=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 23:27:40 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
6068
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
1568
last-modified
Mon, 18 Oct 2021 15:35:19 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"620-17c940af6d8"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
s3s6HYhqIc17P6o21vmUSeavSGAkAc_lJM13oOQfCilrl85TXYPT6A==
188
bc.therecord.com/DG/DEFAULT/rest/rpc/ 		50 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.therecord.com/DG/DEFAULT/rest/rpc/188?referer=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=&overruleReferrer=&time=2021-10-31T01%3A08%3A47%2B00%3A00&ts=1635642527841
Requested by
Host: bc.therecord.com
URL: https://bc.therecord.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-129.fra50.r.cloudfront.net
Software
- /
Resource Hash
ecd8c075589e9d41cbdd3ccaa6b5646aac7c2d4bb66b6982110d36cf1d2a0ca7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:08:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
8385
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.therecord.com
server
-
content-type
application/json; charset=utf-8
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
54UoforD3xuO5PDkhn1Gdx4oHqJGSzk4a6XjaEjGYSR9cfhCwTyOMg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
track-9d6ac57dbcbba3321dd904e6ee78b647.js
dev.visualwebsiteoptimizer.com/7.0/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/7.0/track-9d6ac57dbcbba3321dd904e6ee78b647.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&random=0.42636228168044976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
0f1cf8159e8556270c7bce1f1184b1b488806e479e798508684f7275594727fa

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 31 Oct 2021 01:08:47 GMT
content-encoding
br
last-modified
Wed, 27 Oct 2021 11:56:14 GMT
server
gfra1
etag
"61793e5e-dd5"
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3541
via
1.1 google
opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
dev.visualwebsiteoptimizer.com/analysis/4.0/ 		96 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&random=0.42636228168044976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
92a9a2965b5d8aba642aab11278902a43e02935175599f11e810db1024051992

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 31 Oct 2021 01:08:47 GMT
content-encoding
br
last-modified
Wed, 27 Oct 2021 11:56:10 GMT
server
gfra1
etag
"61793e5a-63c7"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25543
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=354908&d=therecord.com&u=D93745F23EE0146750A138B59800F44A7&h=67c7e0bbdc8d0ed3e9c19ea0a2826c71&r=0.8238444117988544
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:08:48 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
v2
mb.moatads.com/yi/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-RKwZAXPHBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-lWWj2Zz1Kg7M0g%3D%3D&sc=1&os=1-Jg%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&pcode=torontoprebidheader623296055317&callback=MoatNadoAllJsonpRequest_47510593
Requested by
Host: sejs.moatads.com
URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.72.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-72-135.eu-west-2.compute.amazonaws.com
Software
TornadoServer/4.5.3 /
Resource Hash
181848fbffebcab78e98be4a0b8fe9d18fc802eac7c492056305849cd5ee92e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:48 GMT
cache-control
max-age=900
server
TornadoServer/4.5.3
timing-allow-origin
*
etag
"f76211d1e06c0183bf50227ed7e6d8c2def2ff05"
content-length
2262
content-type
text/html; charset=UTF-8
DAmato_%20Luisa_logo2019.JPG
images.thestar.com/F4134UPmHKG-tNmZZNKekDuE-4g=/100x100/smart/https://www.therecord.com/content/dam/therecord/uploads/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/F4134UPmHKG-tNmZZNKekDuE-4g=/100x100/smart/https://www.therecord.com/content/dam/therecord/uploads/DAmato_%20Luisa_logo2019.JPG
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-112.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1df25bb2fc9596679198b86639d4e714fa13b7cf0ffe64a67045d1d507afd009

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 11:06:19 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
age
914549
etag
"0122a9bebc31eaaf7e139666bc766539c297bc60"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-length
5809
x-amz-cf-id
HsxhIkllISvj20WIXwKS1UE2Q3_idxB-IXD7qQU9HHqpPa4gNRhWUg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
WaterlooRegionRecord_02.JPG
images.thestar.com/D2ZXlj29cTCQxdCqkiZF2-wD-BU=/100x100/smart/https://www.therecord.com/content/dam/therecord/uploads/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/D2ZXlj29cTCQxdCqkiZF2-wD-BU=/100x100/smart/https://www.therecord.com/content/dam/therecord/uploads/WaterlooRegionRecord_02.JPG
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-112.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d4aa257db18f6063c542136a1a45a9ac6ce1026cffe0f27cb2cb9a80e4d78c1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 12:44:59 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
age
2895829
etag
"5a4527c15989d8cd0da5ebbd086f2048b7356984"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-length
3906
x-amz-cf-id
3prBxUQYyjp8745j-qcuLprZqO36NBZaDIthnPbjxahzbW-zsmaj_w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
brandmark-therecord.svg
www.therecord.com/assets/svg/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therecord.com/assets/svg/brandmark-therecord.svg
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
c9eef508a48855ddd0b36c98368f8f0cecc1ae6f316156703da4934eb3508d5d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/?redirect=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 23:11:10 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
7058
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
22483
last-modified
Mon, 18 Oct 2021 15:35:19 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"57d3-17c940af6d8"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
e9KaIg_iSJDvCAbMkPDBH60jM3EiSK8iPD_3XvAOBnjOljixsK9UpQ==
todays-paper.png
www.therecord.com/assets/svg/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therecord.com/assets/svg/todays-paper.png
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
583a8735e8714c413ee3ef9baa78afe76f3df8b9c0f8c787f29e78f8f388eb06
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/?redirect=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 19:57:06 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
18702
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
4805
last-modified
Mon, 18 Oct 2021 15:35:19 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"12c5-17c940af6d8"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
yOoA_j4NDQC6d8OeZOo1x73LIOQhTXjYyij3rBYM4PjMPdawQNuOaQ==
app-store.svg
www.therecord.com/assets/svg/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therecord.com/assets/svg/app-store.svg
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/?redirect=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 23:11:10 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
7058
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
7779
last-modified
Mon, 18 Oct 2021 15:35:19 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"1e63-17c940af6d8"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
DfRD96b6uLiPgko9hGGCQaBkQg9QeqHW83wViI2NQ7D6p1RTce83SQ==
google-play.svg
www.therecord.com/assets/svg/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.therecord.com/assets/svg/google-play.svg
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/?redirect=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:29:13 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
2375
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
10329
last-modified
Mon, 18 Oct 2021 15:35:19 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"2859-17c940af6d8"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
TsaA89ghLDSy60Skp92T6idjXYRdJsDrMVSuTt3Yly1pIhVbPbMFQA==
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Server
199.232.136.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:48 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra
DE-HE
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kiad7000058-IAD, cache-hhn11563-HHN

Redirect headers

x-tw-cdn
VZ
Date
Sun, 31 Oct 2021 01:08:48 GMT
Server
ECS (frb/6739)
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location
https://static.ads-twitter.com/oct.js
Content-Length
0
vendors~bundle.chunk.js
www.therecord.com/static/ 		1 MB
362 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
ae2f0da1d60556bd1e069bce2947590416839d4a3c3627c544e5d7b8b6ec36b7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/?redirect=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 20:20:30 GMT
content-encoding
gzip
age
18702
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
https://amp.therecord.com
last-modified
Mon, 18 Oct 2021 15:40:13 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-frame-options
SAMEORIGIN
etag
W/"1481a2-17c940f7348"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control
max-age=300
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
UqVzhfMQUMy6kdNyK8YJjihMriEzAApprG5jIOeVTehRWnDv05LJBg==
bundle.js
www.therecord.com/static/ 		1 MB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/static/bundle.js?v=f0dd0f7c
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
5d2d8a15d02e9ad316cab103613356d476688607d91dddf79decd8b03ffd8352
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/?redirect=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 20:20:30 GMT
content-encoding
gzip
age
18702
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
https://amp.therecord.com
last-modified
Mon, 18 Oct 2021 15:40:13 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-frame-options
SAMEORIGIN
etag
W/"1271be-17c940f7348"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control
max-age=300
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
31QxtuVkePNubgPMTx60XRT8RjUayGPGTtwSnzk1yCqsspzuQtwG1w==
vis_opt.js
d5phz18u4wuww.cloudfront.net/ 		168 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-28.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sun, 31 Oct 2021 01:02:31 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 02 May 2019 08:14:16 GMT
Server
AmazonS3
Age
471
ETag
"85932b0cd7c8dce121fa1923529a3189"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
57240
X-Amz-Cf-Id
kEteCjhc4rVPAjxKBLKAKs6vdzKDhkIytmLYof_aSmGhe5XIrlJL3g==
vis_opt-9d6ac57dbcbba3321dd904e6ee78b647.js
dev.visualwebsiteoptimizer.com/7.0/ 		217 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-9d6ac57dbcbba3321dd904e6ee78b647.js
Requested by
Host: d5phz18u4wuww.cloudfront.net
URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
54e588d3c440e8fc3c401bdb9e231000555287d79add2dbf1703f8bf13802021

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 31 Oct 2021 01:08:47 GMT
content-encoding
br
last-modified
Wed, 27 Oct 2021 11:56:14 GMT
server
gfra1
etag
"61793e5e-f68a"
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63114
via
1.1 google
embedder
adserver.pressboard.ca/v3/ 		351 B
789 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.pressboard.ca/v3/embedder?media=130507
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:08:48 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
351
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
181778-184057524023818.js
js-sec.indexww.com/ht/p/ 		121 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f1b8801bfd16cd242166b1a4a1ed918bb2b650a496640dd3ecc8fa11c743f449

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 01:08:48 GMT
Content-Encoding
gzip
Last-Modified
Sun, 31 Oct 2021 00:41:31 GMT
Server
Apache
ETag
"da16a6-1e4ca-5cf9b5251f802"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1999
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
35530
Expires
Sun, 31 Oct 2021 01:42:07 GMT
ron.torstar.js
hb.districtm.io/prod/101918/ 		0
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.districtm.io/prod/101918/ron.torstar.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
6a68fe8a8de48741-DUS
access-control-allow-headers
Content-Type, Origin
moatcontent.js
z.moatads.com/torontocontentstarcontent37863992/ 		165 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/torontocontentstarcontent37863992/moatcontent.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:48 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 17:22:35 GMT
server
AmazonS3
x-amz-request-id
31EA48740775C598
etag
"491121b0fb1268b17bdb2c53880291f2"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=28327
accept-ranges
bytes
content-length
54912
x-amz-id-2
8hhs+vCZD2zll4I07kFl07NUwG/grOjziIprXcQdATPWtbNQOVG5mHNoX1yRKDoCe/Fog07Zw3s=
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v113/ 		113 KB
113 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v113/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
0c2c69ba33a4d4eb53419c912ea55131208d76852cc632e2544833497d165bc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.therecord.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 23:06:48 GMT
x-content-type-options
nosniff
age
180120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115204
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 22:48:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 28 Oct 2022 23:06:48 GMT
star-icons.ttf
www.therecord.com/static/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/static/star-icons.ttf?203c50bac89a39e0ae4f2cca3d0d56d4
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/73.css?v=6550e3d1b4da6b21e15f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
cfe210b9b960e92d867cb501ba3cb9b03c4c66b816dd2427566bed986fb1c00f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.therecord.com/static/73.css?v=6550e3d1b4da6b21e15f
Origin
https://www.therecord.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:06:02 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
166
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
21076
last-modified
Mon, 18 Oct 2021 15:40:13 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"5254-17c940f7348"
x-frame-options
SAMEORIGIN
content-type
font/ttf
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=300
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
YaoYpPfDsrCCgNEjqvTvTpjtiEczxPamb5SeEet--kjmuPpmhrdFdw==
adsct
t.co/i/ 		43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=2847e2ac-f641-4159-89c0-41081743eb38&tw_document_href=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
118
pragma
no-cache
last-modified
Sun, 31 Oct 2021 01:08:48 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
f7a0cee73eee4ed82f82d0d086326e8fc0a4aad4c1e8430cbf08ee52fd1ef29b
x-transaction
96a3a4a9f218bc5b
expires
Tue, 31 Mar 1981 05:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.221.16 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lhr8.fbcdn.net
Software
/
Resource Hash
cc21d5a9e609b2997b4f9c3a5b520216e5ef6522c656b81b6105c9b62a8fcc5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25967
x-xss-protection
0
pragma
public
x-fb-debug
9LSWt8rU29xjnThZHfZutwuCyH0zKCq6YUCddWwpgBoepPvacTbk9KjJfDTGWPoJCN7e21/bYBidWPnWl5bIEA==
x-fb-trip-id
1679558926
x-frame-options
DENY
date
Sun, 31 Oct 2021 01:08:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-125.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 02:30:01 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
81559
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
xA-6ZbUIHz_1PRjYRA2TJ2MMPn3mrpG4-qT8-jJwnvPP7tJCwQ9rig==
/
d1nxn87txdj54y.cloudfront.net/ 		43 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1nxn87txdj54y.cloudfront.net/?a=40727dc8cfba4185b5b471b11fed6eb9
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-2.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 01:08:49 GMT
Via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
Last-Modified
Mon, 22 Apr 2013 19:31:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA50-C1
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache
RefreshHit from cloudfront
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
eUWbiyWeYg9AYxkW_ZwbdYnOxWFAoEQQfAY5X1fnvpGCJwElYt41QQ==
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 30 Oct 2021 04:50:25 GMT
Via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
Age
73103
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
ojnnN1jJIrx8oSVblxMQsJXPOWijoDmzmnmEkPS4ZgnNQ_V7mSNh4g==
Expires
Sun, 31 Oct 2021 04:50:25 GMT
9rju8in71pm9336q-nbc.js
cdn.petametrics.com/ 		156 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.petametrics.com/9rju8in71pm9336q-nbc.js?ts=454345
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.88.138.85 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
08978e03db8ac78af1f563de3e6c6ca10b9c170cf8a7b31d0e499614309e4129

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 01:08:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 03:07:02 GMT
Server
NetDNA-cache/2.2
x-amz-request-id
PPSSCV3D060608HA
ETag
W/"ab0fa3df177d28e46c5ef787c2bbdb42"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
x-amz-version-id
UIMV4uXbMXeecS0ow5sLW14bQWJtd0QX
x-amz-id-2
I7+fjKS0FsVtzGxoLXxmgSHDy1yw9iL18bGYrXe7MgQwxQXk68J3ocMGD0NzVR2dcnVxg8VlhQA=
Expires
Sun, 07 Nov 2021 01:08:48 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
nY_PcrO6M1v8rxrnAfvFh4iOgrD_tFp3
content-encoding
gzip
etag
3900a2c2d757386fb762bfd86288f882
age
806
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0655ENTY5F4QWC2XSFYC
date
Sun, 31 Oct 2021 00:55:46 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
yPNB-t6KBilp2dJjg5ywaGkkc8hKcwVbvm29WwMs1aTeUhQp3UpFag==
adsct
analytics.twitter.com/i/ 		31 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=2847e2ac-f641-4159-89c0-41081743eb38&tw_document_href=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
108
pragma
no-cache
last-modified
Sun, 31 Oct 2021 01:08:48 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
4a4e0cf57d943b9c24ac59b67270d3d764458cf6a1eb2f273b5cbe0028cece0d
x-transaction
93334c109f38e618
expires
Tue, 31 Mar 1981 05:00:00 GMT
worker-70faafffa0475802f5ee03ca5ff74179.js
dev.visualwebsiteoptimizer.com/analysis/ 		47 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:47 GMT
content-encoding
br
last-modified
Wed, 27 Oct 2021 11:56:10 GMT
server
gfra1
etag
"61793e5a-351f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13599
via
1.1 google
id
dpm.demdex.net/ 		387 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1635642528261
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.92.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-92-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1147271d437a8ada6e32368f3cd8c3d453cb210c281abca37444784942d1379b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v019-04d6dc97f.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
QEbGeue1Tac=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.therecord.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
326
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/3c9f569cbf2c/hostedLibFiles/EP6326e4d6b32f4a71ad5204459cc57d66/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/3c9f569cbf2c/hostedLibFiles/EP6326e4d6b32f4a71ad5204459cc57d66/AppMeasurement.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-123.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02e1c4508320ee6bc6b884c4de9a0d73e541b6735fa139cbd957a27f42c72140

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:32:09 GMT
content-encoding
gzip
last-modified
Sun, 31 Oct 2021 00:31:38 GMT
server
AmazonS3
age
2200
etag
W/"b135e36e0ffbaaaebca4ed5a17a3a5c5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
rY_FdJtEbU1y9zkwtlyH4jFkSefR6HrK
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
nxAzB9Cz0CACQQnvyLP3VQkFzNPi3PhFYjybUMCkuWBD4WnPrHvilA==
AppMeasurement_Module_ActivityMap.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/3c9f569cbf2c/hostedLibFiles/EP6326e4d6b32f4a71ad5204459cc57d66/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/3c9f569cbf2c/hostedLibFiles/EP6326e4d6b32f4a71ad5204459cc57d66/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-123.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a176b44662d7eb55562527b7df840e6eb620d9f326989674a16f0765dc94f360

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:32:09 GMT
content-encoding
gzip
last-modified
Sun, 31 Oct 2021 00:31:38 GMT
server
AmazonS3
age
2200
etag
W/"92ba45f9116eed843514845165336fae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
TEU7gCjEW2uDPazCd_Jkn_t0IB7TMklF
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
DXWB8iA-qwGPy4d-e43y0Je7-SdPuFqtv_vHtac0J2F43eRbDfH9Xg==
beb4418ef0c4fcc3512a7ea46588fb07
bc.therecord.com/plugin/plugin/ 		159 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.therecord.com/plugin/plugin/beb4418ef0c4fcc3512a7ea46588fb07
Requested by
Host: bc.therecord.com
URL: https://bc.therecord.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-129.fra50.r.cloudfront.net
Software
- /
Resource Hash
767151dcee5897c6cf0a32de1d38e8d62083da83c933a5d170d9d12e74c980a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 06:59:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
151778
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
35219
x-xss-protection
1; mode=block
last-modified
Thu, 28 Oct 2021 06:59:10 GMT
server
-
etag
beb4418ef0c4fcc3512a7ea46588fb07
content-type
text/javascript; charset=utf-8
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop
FRA50-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
zROdO1z7nBSQSsrhCR4HoaCj6TMJswuP1V5Pj9Q3AbopIuvh4vrhnw==
expires
Sat, 29 Oct 2022 06:59:10 GMT
rid
match.adsrvr.org/track/ 		109 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=181778
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
9a5ffd3735db2940b6f1b24b6628d40f2a8f4e6ba591865356dabbfbf7038d66

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:48 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.therecord.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Tue, 30 Nov 2021 01:08:48 GMT
identity
api.rlcdn.com/api/ 		44 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:48 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/bundle.js?v=f0dd0f7c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
9d72dece8ed48f4ba9c11e021a9cec5bc4e698ff95da7e378d71bca8a18c5667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1029 / 256 of 1000 / last-modified: 1635545117"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27325
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 31 Oct 2021 01:08:48 GMT
generic.js
resources.eyereturn.com/dt/6291/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.eyereturn.com/dt/6291/generic.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/bundle.js?v=f0dd0f7c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.239.215 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
img_5288_1_.jpg
images.thestar.com/IJp1fPIxAZQvNdPiPqOh1iD4Oqg=/0x0:1200x800/690x460/smart/https://www.therecord.com/content/dam/therecord/sports/football/2021/10/28/battle-of-waterloo-ii-warriors-fight-to-extend-... 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/IJp1fPIxAZQvNdPiPqOh1iD4Oqg=/0x0:1200x800/690x460/smart/https://www.therecord.com/content/dam/therecord/sports/football/2021/10/28/battle-of-waterloo-ii-warriors-fight-to-extend-season-in-saturday-oua-football-showdown-with-laurier/img_5288_1_.jpg
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-112.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1a2d8b1bb1f6e7444aa05a80f50f4d393da6fb19457fac31be5a07e99bba831a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 22:43:19 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
age
95130
etag
"b8e968019b9999ee09b6d94c52618e0fd51849d2"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-length
82641
x-amz-cf-id
UlrzGCH3VcrVZ_SM0t7RUsMWu2hZKhNsAn9T9-uBM4uHe4NZwNQtzA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
breakingnews
www.therecord.com/api/alerts/ 		19 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/alerts/breakingnews
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-powered-by
Express
etag
W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
content-length
19
x-amz-cf-id
kw3vLeDiyme5BvDqP3rkxxUcY7vOgwMCYBvH2GYfFNndzVnTkyPUmw==
updates
www.therecord.com/api/alerts/ 		19 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/alerts/updates
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-powered-by
Express
etag
W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
content-length
19
x-amz-cf-id
qbWJZ--ZLPRSL7vKLHWyee_Yg6Ku4wquprxKlMDn74exg6E4en1mtw==
ruleenginedata
www.therecord.com/api/ 		1 KB
961 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/ruleenginedata
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
bef0b1129a23d6614b2914c9a5a1de8d4f2746cdf732181a3e01c0b4a4e80ea0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
vary
Accept-Encoding
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-powered-by
Express
etag
W/"5d2-c4SMgGN5Xgj66XYqxKJ9P4RcwWk"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
x-amz-cf-id
-yLQ0NExwXx1f4TktPcm5K9H_aWMBvi3slR7ixcpNLazsZ6SgCaB0A==
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8B3VW&gtm_auth=1W69eQhT3q5tQGrHIjG7EA&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
4063
date
Sun, 31 Oct 2021 00:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 31 Oct 2021 02:01:06 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005674&ns__t=1635642528795&ns_c=UTF-8&cv=3.5&c8=Waterloo%20Region%20News%20-%20Latest%20Daily%20Breaking%20News%20Stories%20%7C%20TheRecord.com&c7=https%...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1635642528795&ns_c=UTF-8&cv=3.5&c8=Waterloo%20Region%20News%20-%20Latest%20Daily%20Breaking%20News%20Stories%20%7C%20TheRecord.com&c7=https...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1635642528795&ns_c=UTF-8&cv=3.5&c8=Waterloo%20Region%20News%20-%20Latest%20Daily%20Breaking%20News%20Stories%20%7C%20TheRecord.com&c7=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&c9=
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Server
143.204.98.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-125.fra50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
vuwjawVWJ7X_mr6WKsu2ncyHwcndHd_eh8XKK52m1tsBCUP1TCrN2w==

Redirect headers

date
Sun, 31 Oct 2021 01:08:49 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1635642528795&ns_c=UTF-8&cv=3.5&c8=Waterloo%20Region%20News%20-%20Latest%20Daily%20Breaking%20News%20Stories%20%7C%20TheRecord.com&c7=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&c9=
content-length
270
x-amz-cf-id
vjND2cKJuqMdKaUthurM9qUxT8_CDhrEQT89PnJp3w9SlKD1MwMFmA==
p.js
cdn.parsely.com/keys/therecord.com/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/therecord.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.103.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-103-127.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
84d7f246c627e1dace32be9718823468baa37312c810ba75735ed8818e596fe9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Oct 2021 06:30:24 GMT
content-encoding
gzip
last-modified
Mon, 22 Feb 2021 19:29:12 GMT
server
nginx
age
67105
etag
W/"60340608-c8b7"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
I72dJwJlbhAjgxFbPT3mjWjoNzFPff25QAdRJdvmGEIWImm5BnLCiw==
expires
Sun, 31 Oct 2021 06:30:24 GMT
359742557899281
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/359742557899281?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.221.16 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lhr8.fbcdn.net
Software
/
Resource Hash
3a0102f6b88616a31065318392e6bc61a6a753d66eacfdfd905b161567a8699d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
ZgvaqH3VsAxILeba+qGWny/3L1AdDOAYrV8J69BxKRhklhy7B1rnelRzIfoveX6BWMMrFrgfw9UzPQaokBNQag==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 31 Oct 2021 01:08:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
__activity.gif
query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/ 		35 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/__activity.gif?e=pageview&ct=Waterloo+Region+News+-+Latest+Daily+Breaking+News+Stories+%7C+TheRecord.com&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=1894&blst=1164&ist=1885&iet=1891&bdst=1164&bdet=1258&bcttt=12&jsfv=nbc&ts=1635642528852&jsk=9rju8in71pm9336q&jsv=20210816&cu=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&uid=1fa639b2-22a7-4ed9-c118-16dbdfdd5cab&sid=6e31c792-a54c-499d-ba98-c3d528438f02&pvid=cdae99c8-4c7b-42c0-ec06-c81cb0782ba0&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F95.0.4638.54+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.3&saveData=false&tzo=0&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 01:08:49 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
clear
content-length
35
content-type
image/gif
model
query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/model
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
d979815884f1c8becf25ae063836bf14728151f9c1633862af0250402302eda4

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
server
openresty/1.13.6.2
alt-svc
clear
via
1.1 google
content-type
application/json
model
query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/model
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
9c893ea312e7b567157b2d2471db0a0929e04b13b642b7b3fedf378855fb6b79

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
server
openresty/1.13.6.2
alt-svc
clear
via
1.1 google
content-type
application/json
model
query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/model
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
c9dad2e85ed4eabdd82b80174503fa8a56fed29da4713e0a080167b568b54e10

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
server
openresty/1.13.6.2
alt-svc
clear
via
1.1 google
content-type
application/json
model
query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/model
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
3c265536042feb4749d5cb80372914ac943bf1afed48024ef59c3a0044429522

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
server
openresty/1.13.6.2
alt-svc
clear
via
1.1 google
content-type
application/json
model
query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/model
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
ea91e46624febbfc01c1a1623c45aba51aa8bccda2a8dc2cd11427fc3f0c101b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
server
openresty/1.13.6.2
alt-svc
clear
via
1.1 google
content-type
application/json
model
query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/model
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
83491eeaf857d21126712ed9d207bb9e25d35db023038c1162a9eb3c92d8200c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
server
openresty/1.13.6.2
alt-svc
clear
via
1.1 google
content-type
application/json
model
query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/model
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
059a877a7b9142b5a4ce9d51ccba5e870e213b200226cff5bc1413bc34e75f20

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
server
openresty/1.13.6.2
alt-svc
clear
via
1.1 google
content-type
application/json
dest5.html
torontostarnewspaperslimited.demdex.net/ Frame B87F 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.58.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-58-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Sun, 31 Oct 2021 01:08:49 GMT
DCS
dcs-prod-irl1-1-v019-0cd393dcb.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 14 Oct 2021 10:51:21 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
XNtcoE9LRNI=
Content-Length
2791
Connection
keep-alive
id
s.therecord.com/ 		48 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.therecord.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=91957278122818991221091654050303023722&ts=1635642528897
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
27c30b288016abeb6fbf86cd24a410b7d89a8567348b4ca917ad56c8c80455af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-b4c7fdd79-722hr
vary
Origin
x-c
main-1540.I13d07b.M0-522
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.therecord.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YX3soQAAAHo4kAQS
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=91920720387835992241093056373646475360
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YX3soQAAAHo4kAQS
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YX3soQAAAHo4kAQS
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
HTTP/1.1
Server
108.128.92.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-92-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-0cac9a0e9.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
kN6ezYloQEE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YX3soQAAAHo4kAQS
Date
Sun, 31 Oct 2021 01:08:49 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
model
query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/model
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
dfee47f9a3460117df8b06284ef577f78956381a2e3303d344f3e12b01b845ec

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
server
openresty/1.13.6.2
alt-svc
clear
via
1.1 google
content-type
application/json
evicted1.jpg
images.thestar.com/4wMy6r_9thU0FkhEg3UWaFLwGuU=/114x76/smart/https://www.therecord.com/content/dam/therecord/news/waterloo-region/2021/10/22/i-have-nowhere-to-go-says-kitchener-woman-whose-family-f... 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/4wMy6r_9thU0FkhEg3UWaFLwGuU=/114x76/smart/https://www.therecord.com/content/dam/therecord/news/waterloo-region/2021/10/22/i-have-nowhere-to-go-says-kitchener-woman-whose-family-faces-eviction-after-falling-behind-on-rent-utilities/evicted1.jpg
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-112.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
9cdfde961deefbcee674fd865940cc32922fe2a710420d2f87e2e66b4ea3e1cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 16:45:18 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
age
116611
etag
"8cb3e75894e18be6a52d47467924ca84ce247686"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-length
6510
x-amz-cf-id
AslweARsCmP_UlODaLriSHwHIgIujN8Xd1xQwUSpoV7LyOiWxnmjmA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
dsc_3528.jpg
images.thestar.com/pheJNokzM2HyJHv67_55xfz43dA=/690x460/smart/https://www.therecord.com/content/dam/therecord/news/waterloo-region/2021/10/27/how-can-you-do-this-to-a-five-year-old-said-a-kitchener... 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/pheJNokzM2HyJHv67_55xfz43dA=/690x460/smart/https://www.therecord.com/content/dam/therecord/news/waterloo-region/2021/10/27/how-can-you-do-this-to-a-five-year-old-said-a-kitchener-father-whose-son-allegedly-had-his-wrists-tied-with-masking-tape-in-his-classroom/dsc_3528.jpg
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-112.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
16d7b9eb3ab0b5172ea43d111c914aef27f863f5310240a045cbe701393b7abc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:22:14 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
age
110795
etag
"58fff4763baded4fb1ac191a45f3daaa77908a1c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-length
62450
x-amz-cf-id
MUm1xsieRh6ZQmqn662NorZZ-8mvx4Klz4RTZWZukhGk2f-z4yN43A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
missing.jpg
images.thestar.com/3pUPbjWtS06Mp4GKM7vWHmzbQYg=/330x220/smart/https://www.therecord.com/content/dam/therecord/news/waterloo-region/2021/10/30/police-searching-for-missing-14-year-old-girl-in-waterloo/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/3pUPbjWtS06Mp4GKM7vWHmzbQYg=/330x220/smart/https://www.therecord.com/content/dam/therecord/news/waterloo-region/2021/10/30/police-searching-for-missing-14-year-old-girl-in-waterloo/missing.jpg
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-112.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1d6cbbaa1f67f3a0bd51cf2f85fc36c444372023ead4f136c440e0c3f122644a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 19:41:26 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
age
19643
etag
"ff2cbeaf118ead5a9882d546c88c4a1dfa189e71"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-length
28854
x-amz-cf-id
9eA1HHw4YmQfEPR98ofklHq7_Bne8q5r-h05uNkvJIrFMjUyuCUZbw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:48 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.therecord.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
gDuIFytPNiHYBdm67S_qwfTAGyPwPPGabpsRaYhMUiVJj-T-ez1oSg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
74748
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
date
Sat, 30 Oct 2021 04:23:02 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ztFmyVuhcAiDT4pSYQs_a89S4n1fjcEdebfGJXMiKVQf2_R42jRGvw==
services
sr.studiostack.com/v3/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/v3/services
Requested by
Host: adserver.pressboard.ca
URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8e8574026a04195a694ec12f088d744eed6c3210ee15fe84a3c04ed8308badea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:08:48 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
24454
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
91957278122818991221091654050303023722
api.thestar.com/users/data/anonymous/sitename/therecord/id/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.thestar.com/users/data/anonymous/sitename/therecord/id/91957278122818991221091654050303023722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-97.fra50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-api-key
Origin
https://www.therecord.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Sun, 31 Oct 2021 01:08:49 GMT
x-amzn-requestid
3d89dabe-54ac-4f51-bce4-4c724e384144
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
IDHpQEKvIAMF7Fw=
access-control-allow-methods
GET,OPTIONS
x-cache
Miss from cloudfront
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
FbGqtUKUuwT5-0_rbHG4t2h3KiasQL5kuz5QRyX3NG2yslZ8EdEX3g==
91957278122818991221091654050303023722
api.thestar.com/users/data/anonymous/sitename/therecord/id/ 		51 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.thestar.com/users/data/anonymous/sitename/therecord/id/91957278122818991221091654050303023722
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-97.fra50.r.cloudfront.net
Software
/
Resource Hash
a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
x-api-key
b07LQ46EyU42X8fc14kd08w8gAyfSf337nbF5L8b

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
7049bc65-314c-4874-a91a-a02c46d6847e
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-617deca1-01f79c9324a052f10ca00f8f;Sampled=0
x-amz-apigw-id
IDHpTEHcIAMFqUA=
content-length
51
x-amz-cf-id
79tYGykhGiNA0QJ1fChTc4FrAgLd8iImZMCf9gGqZKsDWvdPUpr89Q==
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1635642528972&plid=10035783&idsite=therecord.com&url=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A9236%7D&sid=1&surl=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&sref=&sts=1635642528968&slts=0&title=Waterloo+Region+News+-+Latest+Daily+Breaking+News+Stories+%7C+TheRecord.com&date=Sun+Oct+31+2021+01%3A08%3A48+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=94879969&u=pid%3D885f76760b73209fcfc75c1006e647ab
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-167-202.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 01:08:49 GMT
Cache-Control
no-cache
Last-Modified
Sunday, 31-Oct-2021 01:08:49 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=822231141&t=pageview&_s=1&dl=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=Waterloo%20Region%20News%20-%20Latest%20Daily%20Breaking%20News%20Stories%20%7C%20TheRecord.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=732595530&gjid=449632513&cid=808863817.1635642529&tid=UA-30378177-1&_gid=870537367.1635642529&_r=1&gtm=2wgar0M8B3VW&z=1457533919
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:08:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.therecord.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=822231141&t=pageview&_s=1&dl=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=Waterloo%20Region%20News%20-%20Latest%20Daily%20Breaking%20News%20Stories%20%7C%20TheRecord.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=878192924&gjid=949381049&cid=808863817.1635642529&tid=UA-73335503-1&_gid=870537367.1635642529&_r=1&gtm=2wgar0M8B3VW&z=1643456699
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:08:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.therecord.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
mdc.textfield.min.js
bc.therecord.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/ 		66 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.therecord.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/mdc.textfield.min.js
Requested by
Host: bc.therecord.com
URL: https://bc.therecord.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-129.fra50.r.cloudfront.net
Software
- /
Resource Hash
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 03:39:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
4397389
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
11561
x-xss-protection
1; mode=block
last-modified
Thu, 09 Sep 2021 03:39:00 GMT
server
-
etag
6255d33f94b82e67e60ed3d71ba26fe3
content-type
text/javascript; charset=utf-8
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop
FRA50-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
U5UPkqHZFTdZBOrjTANmEZD3Q8ItpeqePIozpcWertYVmxH1arU6IA==
expires
Sat, 10 Sep 2022 03:39:00 GMT
49bde80823711adc50f6d04c4efaa58a
bc.therecord.com/plugin/library/ 		451 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.therecord.com/plugin/library/49bde80823711adc50f6d04c4efaa58a
Requested by
Host: bc.therecord.com
URL: https://bc.therecord.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-129.fra50.r.cloudfront.net
Software
- /
Resource Hash
771206b4871f340480acf99faf7d23c1ccfecfc3083f99254c98a987122fed9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 06:59:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
151777
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
147125
x-xss-protection
1; mode=block
last-modified
Thu, 28 Oct 2021 06:59:12 GMT
server
-
etag
49bde80823711adc50f6d04c4efaa58a
content-type
text/javascript; charset=utf-8
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop
FRA50-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
W29mDXA5zW06bJYR8is_bip_-WTMQcokQykfUGp70BYOc-cbTofT6g==
expires
Sat, 29 Oct 2022 06:59:12 GMT
LB-Zone-3
bc.therecord.com/DG/DEFAULT/rest/rpc/188/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.therecord.com/DG/DEFAULT/rest/rpc/188/LB-Zone-3?referer=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=1136a49c-d72f-47d8-a0f9-6197aa9a295a&overruleReferrer=&time=2021-10-31T01%3A08%3A49%2B00%3A00&ts=1635642529007
Requested by
Host: bc.therecord.com
URL: https://bc.therecord.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-129.fra50.r.cloudfront.net
Software
- /
Resource Hash
1223d568601507bdd1c205ff9db52edb4c60b0421448aaf96f019b3d2458b09a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
858
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.therecord.com
server
-
content-type
application/json; charset=utf-8
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
DJo-2X8mZKGJWScvcbRfq91L6xKw2DxTj9wiiEIKBabnrM3aXR1_mA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pubads_impl_2021102601.js
securepubads.g.doubleclick.net/gpt/ 		353 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
8156274be416705f770f8d4e0338e9886f99a863f433e105dc497f2e998f1812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121587
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 08:35:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 31 Oct 2021 01:08:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		94 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.therecord.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef43fac43f5b5032094f86e525d294098afa03c035f6564ad5e611d7b75684b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86
x-xss-protection
0
expires
Sun, 31 Oct 2021 01:08:49 GMT
/
www.facebook.com/tr/ 		44 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=359742557899281&ev=PageView&dl=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&rl=&if=false&ts=1635642529054&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1635642529052.1102663117&it=1635642528834&coo=false&rqm=GET
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.221.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lhr8.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 31 Oct 2021 01:08:49 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-73335503-1&cid=808863817.1635642529&jid=878192924&gjid=949381049&_gid=870537367.1635642529&_u=YEDAAAABAAAAAC~&z=165847562
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 31 Oct 2021 01:08:49 GMT
content-type
text/plain
access-control-allow-origin
https://www.therecord.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
attention-event
sr.studiostack.com/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.therecord.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Allow
POST
Content-Length
4
Content-Type
text/html; charset=utf-8
Expires
0
ETag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Date
Sun, 31 Oct 2021 01:08:49 GMT
attention-event
sr.studiostack.com/track/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:08:49 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
attention-data
sr.studiostack.com/track/ 		119 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-data?media=130507&ref=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44422576be25a3211b86c0614206a0875d1acf762262eaf88ae7538d4054dbfa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:08:49 GMT
ETag
W/"77-qRBh4Vnazvdd3PyicIvneviqY3s"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
119
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
images
www.therecord.com/api/liftigniter/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/liftigniter/images
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
e3c1b74f537f7fafc5cf77ebe0830a7e0020e26ab9390b346eee562d5007d690
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
etag
W/"f0a-wici/5nU9lhsfTWCpwu47Vv3MhE"
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-frame-options
SAMEORIGIN
x-powered-by
Express
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
x-amz-cf-id
X675IIRlgUZbBm6DfXJT4ePjEr71o4Xgl6PSehaf_ZBlfQz1_elvAw==
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
images
www.therecord.com/api/liftigniter/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/liftigniter/images
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
0a96841f66e6b9c9421ce336b18b39a5e1310c833fce81aa6f373e61f488206c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
etag
W/"1040-vaWPMTpiCkE2FsRo6cRMgS5eAeY"
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-frame-options
SAMEORIGIN
x-powered-by
Express
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
x-amz-cf-id
vxJUHZrm-266dGFVNOl6uq_op3NdRTxlA94WiFm42IS1O4s7rCR1bA==
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
images
www.therecord.com/api/liftigniter/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/liftigniter/images
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
4787257f2b5422a35a59697faad40da2634e95814eff1434110e9ac556069e7e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
etag
W/"fd7-MS+OQ0S/HWpnb/CSduIpyGoDN1A"
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-frame-options
SAMEORIGIN
x-powered-by
Express
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
x-amz-cf-id
lOMReeKhfWtUCKwftFNtDImjuzysafAudxtpPwF8cmuJ0YBXBLzqoQ==
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
images
www.therecord.com/api/liftigniter/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/liftigniter/images
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
9af3151ce4d53c18ac2ac1bd12d6107775327326b352cebef24204b1f1f8ca5c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
etag
W/"f7d-CjytGCrexlSCTTlT3C+8VbSGslY"
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-frame-options
SAMEORIGIN
x-powered-by
Express
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
x-amz-cf-id
-ve106I1YP-VUTlUovT3gwYrAHlpM0aNgY34bPlJ1RHSE_n4jcI0Ww==
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
images
www.therecord.com/api/liftigniter/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/liftigniter/images
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
f4d5e38853c97e6ce404c1915524d0c9f90f414d6c0e68be986a3f13b8a1e8e8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
etag
W/"1512-rHbgmMKL6+jYpqJGc3OfX4rKqUY"
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-frame-options
SAMEORIGIN
x-powered-by
Express
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
x-amz-cf-id
YZHZAW382vGVvwah_FF4lyLWCvUBoPTHgbgwepsKmmJnSPirgyuKZg==
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
images
www.therecord.com/api/liftigniter/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/liftigniter/images
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
3396e072885bf6734096be74c3a9153c9234eae594d45fc273822e1f3563414e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
etag
W/"1f85-vdoaZgqICYSZeagYhZhqwB6tVkQ"
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-frame-options
SAMEORIGIN
x-powered-by
Express
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
x-amz-cf-id
yCwoK4ntrc2XvQH-iNQm8egrN8XiUEL5R9PKVeKk2cxF1fINxeBG5w==
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
images
www.therecord.com/api/liftigniter/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/liftigniter/images
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
8341c908ba52daf5de9fa2bb358f23832891d7e41498c23efce3f06a88d25790
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
etag
W/"e6a-UAWjxOtnbsmvBFRc+U99N78vX5o"
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-frame-options
SAMEORIGIN
x-powered-by
Express
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
x-amz-cf-id
XpezlVx3LYkL1bhHE0_aDeay70u9rxgYzSChRAIbDzeSM0ica8cHQQ==
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
events
api.permutive.com/v2.0/batch/ 		101 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b302c188cc0aa21788901fb82c0011525ed35f77d8b26593fea57e850ec94079

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
server
Permutive
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://www.therecord.com
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-max-age
86400
alt-svc
clear
content-length
111
via
1.1 google
images
www.therecord.com/api/liftigniter/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/liftigniter/images
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
714834ed861c34dedeb55337322da3d74ee0a11c7f51163bd80277e5dd8a11de
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
etag
W/"1502-YhTos+78/+FlshXod5L1OrB4WPY"
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-frame-options
SAMEORIGIN
x-powered-by
Express
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
x-amz-cf-id
qZJzntEMexa1dBJ7nweJokBJ07Mr8GQVOE58dObGcGHzPIodgiyG2A==
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&pid=L8Nebe6MfS9gY&cb=0&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthe_record%2Fhomepage%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthe_record%2Fhomepage%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthe_record%2Fhomepage%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%2258580620%2Fthe_record%2Fhomepage%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2258580620%2Fthe_record%2Fhomepage%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthe_record%2Fhomepage%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthe_record%2Fhomepage%22%7D%2C%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthe_record%2Fhomepage%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
DY7KWQ80K8G4DRVTES11
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
_c4RXuXS7arhhIg3Zuhpsizjy2z_EX3Lf0Wl8g5AFMy0jAOCdpCN3w==
v1
dmx.districtm.io/b/ 		0
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
cf-ray
6a68fe922ff88741-DUS
access-control-allow-headers
Content-Type, Origin
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a96985001777781761c879ef5e4013e&pos=dailies_desktop_4_btf_728x90_pos2&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
aa1ab264509ebb2923a84401b245319c48e1df406c17c5283f19b3e4b408de51

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a96985001777781761c879ef5e4013e&pos=dailies_desktop_4_btf_970x250_pos2&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
40a082956ed988861f9b57ce91f06eb686c164ede67334b00714306f6e0b03d5

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a96985001777781761c879ef5e4013e&pos=dailies_desktop_11_btf_300x250_pos2&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
2a72d93a888cb738600df74e40a1acaa765117d354232c682320a65d7e15b03c

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a96985001777781761c879ef5e4013e&pos=dailies_desktop_3_btf_300x600_pos2&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
934cdac05eac50eb48403aeb2b6f2430d1e34ba4c49173d198d0d748841c9bfb

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a96985001777781761c879ef5e4013e&pos=dailies_desktop_10_btf_300x250_pos1&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
73e944306ea136a27c9f7d362c0054b2a1e7178a9afcaa4b60f0b5d38a6ea69e

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a96985001777781761c879ef5e4013e&pos=dailies_desktop_2_btf_300x600_pos1&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
49fa91c0db5de8b9aaead13954ca2d58fa99d90f2c1e48c4cd77e3e1c269fa10

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a96985001777781761c879ef5e4013e&pos=dailies_desktop_1_atf_728x90_pos1&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
0b288855d753a6f35de1ad5d63f66fb3e455a1066f4fc980899b64b1f9163713

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a96985001777781761c879ef5e4013e&pos=dailies_desktop_5_btf_728x90_pos3&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
4c52fd733f9e050706e73b27145aa20b13215064f5f7595b86d327218f0a9237

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a96985001777781761c879ef5e4013e&pos=dailies_desktop_5_btf_970x250_pos3&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
700f63ad216bea81b52bfd641294d0775834c38a008ef420d7edfd5f239ddd69

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
content-length
62
jpt
secure.adnxs.com/ 		0
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=19951372&size=728x90&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=rGMXI7ST&psa=0&promo_sizes=970x250&referrer=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:08:49 GMT
X-Proxy-Origin
216.131.111.132; 216.131.111.132; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
fe1952e2-23d9-4203-aca7-a0ac442c4313
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.therecord.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		0
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=19951371&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=WVgxVfRX&psa=0&promo_sizes=300x600&referrer=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:08:49 GMT
X-Proxy-Origin
216.131.111.132; 216.131.111.132; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c2002a9a-0948-4bab-924f-47af3b08ba8e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.therecord.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		0
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=19951370&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=ZZSm4wKJ&psa=0&promo_sizes=300x600&referrer=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:08:49 GMT
X-Proxy-Origin
216.131.111.132; 216.131.111.132; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
12f1e806-a3e8-4d86-843a-7e7402e755e7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.therecord.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		100 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=19951378&size=728x90&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=b6u7XNVS&psa=0&referrer=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ea374bda0d2e2a3b395464a87e827e8c5a71ef188f30293b89e199ac85b11267
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:08:49 GMT
X-Proxy-Origin
216.131.111.132; 216.131.111.132; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
12300788-dc08-472c-a031-44285fc6881c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.therecord.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
100
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		0
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=19951374&size=728x90&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=aNtBJiTX&psa=0&promo_sizes=970x250&referrer=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:08:49 GMT
X-Proxy-Origin
216.131.111.132; 216.131.111.132; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
384aeec1-d01e-4d0c-8fb4-9728d4c9832b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.therecord.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		53 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:08:49 GMT
X-Proxy-Origin
216.131.111.132; 216.131.111.132; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
03dba98a-dee5-4188-8152-c92f8210a4b2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.therecord.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		78 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?v=7.2&s=299819&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2264531536%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%227%22%2C%22siteID%22%3A%22308865%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%228%22%2C%22siteID%22%3A%22308863%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%225%22%2C%22siteID%22%3A%22308867%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22sid%22%3A%226%22%2C%22siteID%22%3A%22308864%22%7D%7D%5D%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22308861%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22sid%22%3A%224%22%2C%22siteID%22%3A%22308862%22%7D%7D%5D%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2217%22%2C%22siteID%22%3A%22487501%22%7D%7D%5D%7D%2C%22id%22%3A%224%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%229%22%2C%22siteID%22%3A%22308866%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2210%22%2C%22siteID%22%3A%22308869%22%7D%7D%5D%7D%2C%22id%22%3A%225%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22796cb175-b4fc-4ef1-a941-3e15e34b028b%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-10-31T01%3A08%3A48%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9ff2daf17db56f877ab13c10078f5c7c796b3464b5d0049f15d9ddb4db39924b

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:08:49 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.111.132], XFF:[]
server
Apache
content-type
text/javascript
access-control-allow-origin
https://www.therecord.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
78
x-ak-client-geo
12
expires
Sun, 31 Oct 2021 01:08:49 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TORONTO_PREBID_HEADER1&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&t=1635642527895&de=59293954765&rx=955519318122&m=0&ar=fb6a7277fce-clean&iw=89e7fd2&q=1&cb=0&cu=1635642527895&ll=2&lm=0&ln=0&em=0&en=0&d=therecord.com%3AWaterloo%20Region%20News%20-%20Latest%20Daily%20Breaking%20News%20Stories%20%7C%20TheRecord.com%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=torontoprebidheader623296055317&fd=1&ac=1&it=500&pe=1%3A1155%3A1852%3A0%3A1166&fs=194999&na=50057040&cs=0
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:08:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 31 Oct 2021 01:08:49 GMT
gtm.js
www.googletagmanager.com/ 		76 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-57Q9DV2
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f6d28e78a70a55a2d131d8de9a18ec5157608a4aa274605e37ef0d5af7410b94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30606
x-xss-protection
0
last-modified
Sun, 31 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 31 Oct 2021 01:08:49 GMT
188
bc.therecord.com/DG/DEFAULT/rest/rpc/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.therecord.com/DG/DEFAULT/rest/rpc/188?referer=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&bcsessionid=1136a49c-d72f-47d8-a0f9-6197aa9a295a&bctempid=&overruleReferrer=&time=2021-10-31T01%3A08%3A49%2B00%3A00&ts=1635642529431
Requested by
Host: bc.therecord.com
URL: https://bc.therecord.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-129.fra50.r.cloudfront.net
Software
- /
Resource Hash
e6cff966cf6b1b9374e6ac5a130b896c1a23742530fb44bb102ac55f956eac75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1446
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.therecord.com
server
-
content-type
application/json; charset=utf-8
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
Lbwp9ANo83X84hUkBOoZ8m_S6hqwP2ZvnMWgQFQnwFZeGkf7fLJ90g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
188
bc.therecord.com/DG/DEFAULT/rest/rpc/ 		279 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.therecord.com/DG/DEFAULT/rest/rpc/188?referer=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&bcsessionid=1136a49c-d72f-47d8-a0f9-6197aa9a295a&bctempid=&overruleReferrer=&time=2021-10-31T01%3A08%3A49%2B00%3A00&ts=1635642529450
Requested by
Host: bc.therecord.com
URL: https://bc.therecord.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-129.fra50.r.cloudfront.net
Software
- /
Resource Hash
d5094ecf4fa2afa6ef227fb4e945fe80c96a9125ee5b52b6c407c91aee660e7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
154
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.therecord.com
server
-
content-type
application/json; charset=utf-8
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
eDg22Y8Mk5lR7RJPtaG4dNgqBmDm41gEoPnVReWjAFf0Lf8nE9xC_Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
188
bc.therecord.com/DG/DEFAULT/rest/rpc/ 		140 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.therecord.com/DG/DEFAULT/rest/rpc/188?referer=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&bcsessionid=1136a49c-d72f-47d8-a0f9-6197aa9a295a&bctempid=&overruleReferrer=&time=2021-10-31T01%3A08%3A49%2B00%3A00&ts=1635642529451
Requested by
Host: bc.therecord.com
URL: https://bc.therecord.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-129.fra50.r.cloudfront.net
Software
- /
Resource Hash
df69ab6b5ace74afe676ea122d35ccdcfed400622b7ee4c574cc55562fbda5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
143
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.therecord.com
server
-
content-type
application/json; charset=utf-8
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
vzdGFqYwWDfx4sf984wzMS_uQvre_ATd1pD8Ubjro8CYQ33IMSRWPw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
images
www.therecord.com/api/liftigniter/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/liftigniter/images
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
e4169e96e542de70eb426c71b029165f55a8e718215ac069f0c656e469197d0f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
etag
W/"6dd-VTVslsjG2RY0oak0fAJWpzD+F4k"
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-powered-by
Express
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
content-length
1757
x-amz-cf-id
GwvOnaSaVX8hse5Dg_uotFy-mN4Zzzl6fei9Qhhcs2cIeYea3XTYWA==
images
www.therecord.com/api/liftigniter/ 		874 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/liftigniter/images
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
7ebfbdf032326a8b39a95857cb2decb79471f034f37f2bd19115226a558a84ef
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
etag
W/"36a-P3Zy/BncXGU9mIZXWjpkWvVM8xM"
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-powered-by
Express
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
content-length
874
x-amz-cf-id
boilyVegXZ7mCfAy7C4cvxpMRFZ6ydxihkelcVk1j8U2KuTrvELo4Q==
images
www.therecord.com/api/liftigniter/ 		864 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/liftigniter/images
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
04b77125e19df15788b0879fc6c6ba217958f5f49ff3e39223e77c1a3e1f2e04
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
etag
W/"360-dwCNg+ZY52ybHnqY/f5zU9a/1uY"
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-powered-by
Express
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
content-length
864
x-amz-cf-id
KuPLgqbA8aiuG0jJgl2J7b_Qv6TdbtrigcGu-D69OEx6f4VpMznU4w==
images
www.therecord.com/api/liftigniter/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/liftigniter/images
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
5bcb40e5f899c1a6d9f0c0765e76a0b6c0040434443283f2f608b7dd22a05257
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
etag
W/"6dd-W+yPiiGILt5ZwIUhO1z7hIvp708"
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-powered-by
Express
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
content-length
1757
x-amz-cf-id
xdkz63C2Vv2qFJcm2WjAni2UTdnyVhf4fLIRSKFKeqWI-EtvTLQWnw==
images
www.therecord.com/api/liftigniter/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/liftigniter/images
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
610e357d4e37f6df2a9447ed9ebae41bdbbec9b8ec08a1d560f3f258f71a04c3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
etag
W/"a14-0pilfDcJW5kbV1N58oTN7+miCWY"
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-powered-by
Express
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
content-length
2580
x-amz-cf-id
PeRMmID4SS6TO5E6u8ZJqXz3EzT5Hf4z-oSKY-9wHBQAo2gB0e-T-Q==
images
www.therecord.com/api/liftigniter/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/liftigniter/images
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
89630bcc5819b44a10c049ccdcd4e7a593ae22591b6b8015b4d5087eecdaa9c7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
etag
W/"6bf-l4ElYxj0Et5TN7RpxCy0+Z6CZfc"
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-powered-by
Express
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
content-length
1727
x-amz-cf-id
683G152LKK8mZdLljgO1__rGliI2XHxdgxbUTe6hyhgc9qX0_QSoAw==
images
www.therecord.com/api/liftigniter/ 		869 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/liftigniter/images
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
de9cbf4615f62b850b21aae2c75e454fc915d28158ed15d4868305405589b62a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
etag
W/"365-pX9eenDOZlJ7mpbUku19oekOnKU"
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-powered-by
Express
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
content-length
869
x-amz-cf-id
LQnAlfvEtMr3mCT5K81m7oPkEDCsz6imfsQGSPB3FdhvvrIXRnM-mA==
cs
torstar.blueconic.net/DG/DEFAULT/ 		66 B
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://torstar.blueconic.net/DG/DEFAULT/cs?bcsessionid=1136a49c-d72f-47d8-a0f9-6197aa9a295a&&callback=bc_json190
Requested by
Host: bc.therecord.com
URL: https://bc.therecord.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.205.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-205-83.compute-1.amazonaws.com
Software
- /
Resource Hash
2f9c4bd78c85e2c9482838b96c9460543e70a99e4a822c11eb01e0a1f8b3f73b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
content-type
text/javascript; charset=utf-8
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=https%3A%2F%2Fwww.therecord.com%2F-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-RKwZAXPHBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-lWWj2Zz1Kg7M0g%3D%3D&sc=1&os=1-Jg%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&pcode=torontoprebidheader623296055317&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1635642527895&de=59293954765&rx=955519318122&cu=1635642527895&m=1485&ar=fb6a7277fce-clean&iw=89e7fd2&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9236&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1155%3A1852%3A0%3A1166&im=0&in=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=therecord.com%3AWaterloo%20Region%20News%20-%20Latest%20Daily%20Breaking%20News%20Stories%20%7C%20TheRecord.com%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=194999&na=237323627&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:08:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 31 Oct 2021 01:08:49 GMT
images
www.therecord.com/api/liftigniter/ 		2 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/liftigniter/images
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-powered-by
Express
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
content-length
2
x-amz-cf-id
tDELX1ebcOpfk3n09SrAueasd63xEbqUzpVprBBkaUitJ94LFkiD7A==
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.therecord.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.therecord.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
headerstats
as-sec.casalemedia.com/ 		0
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=299819&u=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-184057524023818.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:08:49 GMT
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.111.132], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.therecord.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Sun, 31 Oct 2021 01:08:49 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		301 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1406045163552779&correlator=2956107651769310&output=ldjh&impl=fifs&eid=31063338%2C31063167&vrg=2021102601&ptt=17&sc=1&sfv=1-0-38&ecs=20211031&iu_parts=58580620%2Cthe_record%2Chomepage&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2&prev_iu_szs=728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250%2C1x1%2C728x90%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%7C970x250&ppid=91957278122818991221091654050303023722&prev_scp=pos%3D3%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D4%26m_gv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D5%26m_gv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26m_gv%3D90%2C80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26m_gv%3D40%2C30%2C20%2C10%26m_mv%3D60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26m_gv%3D50%2C40%2C30%2C20%2C10%26m_mv%3D50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3D%26gs_channels%3Dts_bz_ndstry_gnrl%252Cgs_entertain%252Cgs_business%252Cts_pl_nws_lctns_cnd_ntnl%252Cgs_home%252Cgt_negative%252Cgs_home_property%252Cgs_covid19%252Cgs_news_and_weather%252Cgs_health_misc%252Cts_fmly_prntng_gnrl%252Cts_pl_nws_lctns_cnd_prvncl%252Cgv_crime%252Cgs_entertain_books%252Cgt_negative_fear%252Cts_sprts_tlvsd_gnrl%252Cts_sprts_tlvsd_smmr_lympcs%252Cts_bz_ndstry_r%26tkspo%3D9%26env%3Dbeta%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26key%3Dhphub&cookie_enabled=1&bc=31&abxe=1&lmt=1635642529&dt=1635642529544&dlt=1635642527434&idt=1714&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C436%2C436%2C0%2C436%2C1047%2C253%2C436&adys=5488%2C7124%2C8621%2C0%2C0%2C972%2C1843%2C3808&adks=1746894007%2C1746894004%2C1746894005%2C1184731046%2C2682176837%2C444331328%2C444331335%2C1746894006&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90%7C728x90%7C728x90%7C1600x0%7C1600x90%7C300x250%7C300x250%7C728x90&msz=728x90%7C728x90%7C728x90%7C1x-1%7C1600x90%7C300x250%7C300x250%7C728x90&ga_vid=808863817.1635642529&ga_sid=1635642530&ga_hid=822231141&ga_fc=true&fws=0%2C0%2C0%2C0%2C0%2C512%2C512%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=1%7C2%7C3%7C0%7C0%7C0%7C4%7C5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
3a3a2b7dd118839cff6879aa8b56de6c9e56aa0d55cff69a794caf86cf7c906e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24076
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-2,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-2,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.therecord.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
57dd74cd5beedab9e4bfac92d6cc8910.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6416 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://57dd74cd5beedab9e4bfac92d6cc8910.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 31 Oct 2021 01:08:49 GMT
expires
Mon, 31 Oct 2022 01:08:49 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/tr/ Frame 40B3 		0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.221.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lhr8.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.therecord.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
date
Sun, 31 Oct 2021 01:08:49 GMT
TheRecord
www.therecord.com/api/overlaydatarule/ 		37 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/overlaydatarule/TheRecord
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
0d057f68aa7caa9c4ad930fdccc2924d6719af8d5aa0f53de21e823e6c8df033
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
vary
Accept-Encoding
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-powered-by
Express
etag
W/"9478-NPNFYtZecYcIbPxev5IePPAz7Xo"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
x-amz-cf-id
IVPCvkXmTXgQRbE7sbD6PgmQGrqSXv4KQ8VrCuIAuYuwUA-61aPJrA==
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
overlaydata
www.therecord.com/api/ 		42 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/api/overlaydata
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/vendors~bundle.chunk.js?v=b44e5c55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
1f1946e2d87846cbceb83d8e2a9a7137c5b5cdaa1bc90f6acd652a62ed04a3a5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/?redirect=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:08:49 GMT
content-encoding
gzip
vary
Accept-Encoding
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop
FRA50-C1
x-powered-by
Express
etag
W/"a9bb-VbmKWNblUi+3iKftJoe4iy3fHnE"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=180
x-amz-cf-id
BUEE8fcYy1SRsSavuEl917IBI58Z0jc2v6rTuGDLQorbAbmwNSkzig==
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
__activity.gif
query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/__activity.gif?e=widget_shown&ct=Waterloo+Region+News+-+Latest+Daily+Breaking+News+Stories+%7C+TheRecord.com&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=2698&blst=1164&ist=1885&iet=1891&bdst=1164&bdet=1258&bcttt=44&jsfv=nbc&ts=1635642529656&jsk=9rju8in71pm9336q&jsv=20210816&cu=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&uid=1fa639b2-22a7-4ed9-c118-16dbdfdd5cab&sid=6e31c792-a54c-499d-ba98-c3d528438f02&pvid=cdae99c8-4c7b-42c0-ec06-c81cb0782ba0&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F95.0.4638.54+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.3&saveData=false&tzo=0&w=therecord_business&source=LI&pl=null&tr=null&st=2697&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fbusiness%2F2021%2F10%2F30%2Fon-the-verge-of-achieving-his-fathers-dream-edward-rogers-appears-poised-to-shatter-it-whats-going-on-with-the-late-founders-son.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fbusiness%2Fthestreet%2F2021%2F10%2F29%2Felectric-vehicle-checkpoint-tesla-leads-the-ev-revolution.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fbusiness%2Fopinion%2F2021%2F10%2F30%2Fin-light-of-the-facebook-papers-what-can-we-do-to-build-a-better-social-media-environment.html%22%5D&sdk=bc-pixel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 01:08:49 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
clear
content-length
35
content-type
image/gif
RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/3c9f569cbf2c/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/3c9f569cbf2c/RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-123.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
472d911ab15eef1cce741f8c4996c9786aa540b53a18068afe9d4fd6a5f2f2f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:32:08 GMT
content-encoding
gzip
last-modified
Sun, 31 Oct 2021 00:31:38 GMT
server
AmazonS3
age
2202
etag
W/"d921e6c3b1e06800df0d6837d0d4229b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
sGRWUj0V.LKB3ZgdfREAhu7.yIFySX6e
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
0c86lgpBQ2KuwdY5xzFWE7q6YfSFTf_35MNPMieb9Mu2E-MFgvhtmg==
__activity.gif
query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/__activity.gif?e=widget_shown&ct=Waterloo+Region+News+-+Latest+Daily+Breaking+News+Stories+%7C+TheRecord.com&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=2751&blst=1164&ist=1885&iet=1891&bdst=1164&bdet=1258&bcttt=50&jsfv=nbc&ts=1635642529709&jsk=9rju8in71pm9336q&jsv=20210816&cu=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&uid=1fa639b2-22a7-4ed9-c118-16dbdfdd5cab&sid=6e31c792-a54c-499d-ba98-c3d528438f02&pvid=cdae99c8-4c7b-42c0-ec06-c81cb0782ba0&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F95.0.4638.54+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.3&saveData=false&tzo=0&w=therecord_entertainment&source=LI&pl=null&tr=null&st=2748&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fentertainment%2Fbooks%2F2021%2F10%2F29%2Ftananarive-dues-groundbreaking-horror-novel-the-between-finally-gets-the-embrace-it-deserves.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fbooks%2Freview%2F2021%2F10%2F29%2Fat-the-library-the-listeners-by-jordan-tannahill.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fentertainment%2F2021%2F10%2F24%2Fwhats-a-bones-day-meet-the-boneless-13-year-old-pug-with-millions-of-followers.html%22%5D&sdk=bc-pixel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 01:08:50 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
clear
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/__activity.gif?e=widget_shown&ct=Waterloo+Region+News+-+Latest+Daily+Breaking+News+Stories+%7C+TheRecord.com&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=2890&blst=1164&ist=1885&iet=1891&bdst=1164&bdet=1258&bcttt=54&jsfv=nbc&ts=1635642529848&jsk=9rju8in71pm9336q&jsv=20210816&cu=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&uid=1fa639b2-22a7-4ed9-c118-16dbdfdd5cab&sid=6e31c792-a54c-499d-ba98-c3d528438f02&pvid=cdae99c8-4c7b-42c0-ec06-c81cb0782ba0&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F95.0.4638.54+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.3&saveData=false&tzo=0&w=therecord_life&source=LI&pl=null&tr=null&st=2889&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fts%2Flife%2Frelationships%2Fadvice%2F2021%2F10%2F28%2Fdont-pry-into-daughters-troubled-marriage-ask-ellie.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Flife%2Fhomes%2F2021%2F10%2F26%2Fdream-home-a-custom-82-million-estate-in-milton-with-designs-on-nature.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2F2021%2F10%2F25%2Fdonny-hishon-found-satisfaction-in-helping-others.html%22%5D&sdk=bc-pixel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 01:08:50 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
clear
content-length
35
content-type
image/gif
2021102922100-617ca7ed2fb6720f4e4ebcc4jpeg.jpg
images.thestar.com/nK6k08woTDagLoMnHt2-oCxQc2Y=/690x460/smart/https://www.therecord.com/content/dam/thestar/sports/hockey/2021/10/29/panthers-reach-8-0-winning-first-game-without-quenneville/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/nK6k08woTDagLoMnHt2-oCxQc2Y=/690x460/smart/https://www.therecord.com/content/dam/thestar/sports/hockey/2021/10/29/panthers-reach-8-0-winning-first-game-without-quenneville/2021102922100-617ca7ed2fb6720f4e4ebcc4jpeg.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-112.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cd832e09f93c9a48b3d738b1b6eefdee43c8ec90727310fcac5d02fca94b29de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 07:05:38 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
age
64992
etag
"67bfe8efeca4172a3f7514a47e62953f9392629a"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-length
70578
x-amz-cf-id
QawmoV1blBukzKisrc3RFxC1N4uali12UiZluePDQImfGgzT5Z_cKw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
TorstarCompressed-Bold.woff2
www.therecord.com/assets/fonts/
Redirect Chain
  • https://www.therecord.com/assets/fonts/TorstarCompressed-Bold.woff2
  • https://www.therecord.com/assets/fonts/TorstarCompressed-Bold.woff2?rf
23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.therecord.com/assets/fonts/TorstarCompressed-Bold.woff2?rf
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/static/bundle.css?v=ffc0102766a860aca78a
Protocol
H2
Server
143.204.98.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
Apache/2.4.51 (Unix) OpenSSL/1.1.1k / Express
Resource Hash
97a8cb323b800e312421b5f10b9292a19c964f2de15e15703bbed583e1d78639
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/static/bundle.css?v=ffc0102766a860aca78a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 21:34:17 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age
12873
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
23168
last-modified
Mon, 18 Oct 2021 15:35:18 GMT
server
Apache/2.4.51 (Unix) OpenSSL/1.1.1k
etag
W/"5a80-17c940af2f0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://amp.therecord.com
cache-control
max-age=14400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
vmnWrQV41vHRD8JNEx_brg6B3VUXDF0Kk2Mi0zaSNDVFbna-OQhVlQ==

Redirect headers

date
Sun, 31 Oct 2021 01:08:50 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA50-C1
x-cache
LambdaGeneratedResponse from cloudfront
location
https://www.therecord.com/assets/fonts/TorstarCompressed-Bold.woff2?rf
content-length
0
x-amz-cf-id
n0ac5la2ixtZDgjW32HIL6JuWF2YljFtaZx6stDk5FI_7hGE7WzYrQ==
__activity.gif
query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/__activity.gif?e=widget_shown&ct=Waterloo+Region+News+-+Latest+Daily+Breaking+News+Stories+%7C+TheRecord.com&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=2911&blst=1164&ist=1885&iet=1891&bdst=1164&bdet=1258&bcttt=68&jsfv=nbc&ts=1635642529868&jsk=9rju8in71pm9336q&jsv=20210816&cu=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&uid=1fa639b2-22a7-4ed9-c118-16dbdfdd5cab&sid=6e31c792-a54c-499d-ba98-c3d528438f02&pvid=cdae99c8-4c7b-42c0-ec06-c81cb0782ba0&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F95.0.4638.54+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.3&saveData=false&tzo=0&w=therecord_sports&source=LI&pl=null&tr=null&st=2910&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fsports%2Fhockey%2F2021%2F10%2F29%2Fpanthers-reach-8-0-winning-first-game-without-quenneville.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fsports%2Ffootball%2Fcfl%2F2021%2F10%2F30%2Fmasoli-throws-for-357-yards-and-three-touchdowns-in-ticats-39-23-win-over-elks.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fsports%2Fhockey%2F2021%2F10%2F28%2Fjoel-quenneville-resigns-as-head-coach-of-the-florida-panthers.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fsports%2Fsoccer%2F2021%2F10%2F30%2Fchelsea-extends-premier-league-lead-by-beating-newcastle-3-0.html%22%5D&sdk=bc-pixel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 01:08:50 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
clear
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/__activity.gif?e=widget_shown&ct=Waterloo+Region+News+-+Latest+Daily+Breaking+News+Stories+%7C+TheRecord.com&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=2929&blst=1164&ist=1885&iet=1891&bdst=1164&bdet=1258&bcttt=80&jsfv=nbc&ts=1635642529887&jsk=9rju8in71pm9336q&jsv=20210816&cu=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&uid=1fa639b2-22a7-4ed9-c118-16dbdfdd5cab&sid=6e31c792-a54c-499d-ba98-c3d528438f02&pvid=cdae99c8-4c7b-42c0-ec06-c81cb0782ba0&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F95.0.4638.54+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.3&saveData=false&tzo=0&w=therecord_world&source=LI&pl=null&tr=null&st=2928&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fnews%2Fworld%2Fus%2F2021%2F10%2F30%2Fno-covid-19-test-needed-for-fully-vaccinated-canadians-entering-us-after-nov-8-lawmaker-says.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fnews%2Fworld%2F2021%2F10%2F30%2Fdonald-trumps-shadow-hangs-over-virginias-race-for-governor.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fnews%2Fworld%2Fus%2F2021%2F10%2F30%2Fspacex-delays-astronaut-flight-due-to-rough-wind-waves.html%22%5D&sdk=bc-pixel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 01:08:50 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
clear
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/__activity.gif?e=widget_shown&ct=Waterloo+Region+News+-+Latest+Daily+Breaking+News+Stories+%7C+TheRecord.com&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=2935&blst=1164&ist=1885&iet=1891&bdst=1164&bdet=1258&bcttt=83&jsfv=nbc&ts=1635642529893&jsk=9rju8in71pm9336q&jsv=20210816&cu=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&uid=1fa639b2-22a7-4ed9-c118-16dbdfdd5cab&sid=6e31c792-a54c-499d-ba98-c3d528438f02&pvid=cdae99c8-4c7b-42c0-ec06-c81cb0782ba0&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F95.0.4638.54+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.3&saveData=false&tzo=0&w=therecord_politics&source=LI&pl=null&tr=null&st=2934&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fpolitics%2Fpolitical-opinion%2F2021%2F10%2F29%2Fthe-three-messages-of-justin-trudeaus-cabinet-shuffle.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fpolitics%2Fprovincial%2F2021%2F10%2F29%2Fjudge-throws-out-former-conservative-mps-lawsuit-against-premier-doug-fords-tories.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fpolitics%2F2021%2F10%2F29%2Fstar-trek-actor-wishes-bc-premier-warp-speed-recovery-after-biopsy-surgery.html%22%5D&sdk=bc-pixel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 01:08:50 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
clear
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/__activity.gif?e=widget_shown&ct=Waterloo+Region+News+-+Latest+Daily+Breaking+News+Stories+%7C+TheRecord.com&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=2942&blst=1164&ist=1885&iet=1891&bdst=1164&bdet=1258&bcttt=86&jsfv=nbc&ts=1635642529900&jsk=9rju8in71pm9336q&jsv=20210816&cu=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&uid=1fa639b2-22a7-4ed9-c118-16dbdfdd5cab&sid=6e31c792-a54c-499d-ba98-c3d528438f02&pvid=cdae99c8-4c7b-42c0-ec06-c81cb0782ba0&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F95.0.4638.54+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.3&saveData=false&tzo=0&w=therecord_recommended_for_you&source=LI&pl=null&tr=null&st=2941&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Flocal-guelph%2Fnews%2F2021%2F10%2F29%2Fguelph-man-known-for-living-rough-in-wooded-areas-reported-missing.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fnews%2Fcanada%2F2021%2F10%2F30%2Fis-this-my-life-forever-the-unexpected-and-frightening-impact-of-long-covid-on-young-canadians.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fnews%2Fcanada%2F2021%2F10%2F29%2Fspeed-limit-changes-approved-for-huron-county-locations.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Flife%2Frelationships%2Fadvice%2F2021%2F10%2F30%2Fmy-wife-has-become-more-of-roommate-and-our-marriage-needs-fixing-ask-ellie.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2F2021%2F10%2F28%2Fpivot-airlines-flights-to-ottawa-montreal-from-waterloo-region-to-begin-early-next-year.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fopinion%2Fletters-to-the-editors%2F2021%2F10%2F28%2Fflair-airlines-is-excited-for-waterloo-region-for-the-long-haul.html%22%5D&sdk=bc-pixel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 01:08:50 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
clear
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/9rju8in71pm9336q/1fa639b2-22a7-4ed9-c118-16dbdfdd5cab/__activity.gif?e=widget_shown&ct=Waterloo+Region+News+-+Latest+Daily+Breaking+News+Stories+%7C+TheRecord.com&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=2962&blst=1164&ist=1885&iet=1891&bdst=1164&bdet=1258&bcttt=90&jsfv=nbc&ts=1635642529919&jsk=9rju8in71pm9336q&jsv=20210816&cu=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&uid=1fa639b2-22a7-4ed9-c118-16dbdfdd5cab&sid=6e31c792-a54c-499d-ba98-c3d528438f02&pvid=cdae99c8-4c7b-42c0-ec06-c81cb0782ba0&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F95.0.4638.54+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.3&saveData=false&tzo=0&w=therecord_canada&source=LI&pl=null&tr=null&st=2960&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fnews%2Fcanada%2F2021%2F10%2F30%2Fis-this-my-life-forever-the-unexpected-and-frightening-impact-of-long-covid-on-young-canadians.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fnews%2Fcanada%2F2021%2F10%2F29%2Fa-109-container-cargo-spill-has-put-first-nations-at-risk-and-is-highlighting-worries-about-canadas-coast-guard-capacity.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fnews%2Fcanada%2F2021%2F10%2F30%2Fnorthern-lights-may-be-visible-in-much-of-the-country-this-weekend-after-solar-storm.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fnews%2Fcanada%2F2021%2F10%2F29%2Fmore-onions-recalled-due-to-possible-salmonella-contamination.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fnews%2Fcanada%2F2021%2F10%2F30%2Fhealth-officials-report-two-more-covid-19-related-deaths-in-new-brunswick.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fts%2Fnews%2Fcanada%2F2021%2F10%2F29%2Fontario-reports-419-new-covid-19-cases-no-deaths-on-friday.html%22%5D&sdk=bc-pixel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 01:08:50 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
clear
content-length
35
content-type
image/gif
RC2c755b7ef3ef4f3882b1ae8279370b69-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/3c9f569cbf2c/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/3c9f569cbf2c/RC2c755b7ef3ef4f3882b1ae8279370b69-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-123.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20923c2ed08327bc9eee91589822bb8cd6a40546312b950e998fe3ef80ea8b71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:32:09 GMT
content-encoding
gzip
last-modified
Sun, 31 Oct 2021 00:31:38 GMT
server
AmazonS3
age
2202
etag
W/"7b229469f345667229cb17f0db6f0861"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
pO4y05XESlSrL8al_WL17RdNGgnq3ISS
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
AjItC6p99j1GwgO8nwrwwFgTqB6Ho4LBban1QhUKNyoy0-d61RPFpg==
state
api.permutive.com/v1.0/ 		0
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:08:50 GMT
content-encoding
gzip
server
Permutive
vary
Origin,Access-Control-Request-Method
access-control-allow-methods
POST
access-control-allow-origin
https://www.therecord.com
access-control-max-age
86400
access-control-allow-credentials
true
alt-svc
clear
content-length
20
via
1.1 google
access-control-expose-headers
*
RC304342cd3a9f487980371091639a8dc3-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/3c9f569cbf2c/ 		813 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/3c9f569cbf2c/RC304342cd3a9f487980371091639a8dc3-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-123.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79add708a5b90bef550f8f0402457a6deebe9a221250c3478ab602db13ce6e54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:32:11 GMT
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified
Sun, 31 Oct 2021 00:31:38 GMT
server
AmazonS3
age
2200
etag
"a8bbbd67d04eb90cd0c480106c8a3060"
x-cache
Hit from cloudfront
x-amz-version-id
s1ml1L4GZH8Zw1O5MM7.s7ZaQcUDW3AT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/javascript
content-length
813
x-amz-cf-id
6AtgD485BlzcKc7uzOEqdW8sva67eHO2HUu9T67njkS7s7N9S4XtMg==
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
af467d4e3138c51e524ebe5c9a2957186b8d2a9a437963b59fcba814879aba42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 01:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8631
x-xss-protection
0
RC2891d2d665d541aabb71224e5304fdff-source.min.js
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/3c9f569cbf2c/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/3c9f569cbf2c/RC2891d2d665d541aabb71224e5304fdff-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-123.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b68f1d8a03015faa2cbf5a8ccfe570d76ff2ff587b0ad86e38052a00bcf5cd72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:32:10 GMT
content-encoding
gzip
last-modified
Sun, 31 Oct 2021 00:31:38 GMT
server
AmazonS3
age
2201
etag
W/"1363119855658448c22c807df752af67"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
El4YWcVtlXt7nfWu13AumYYtnVlbNsSm
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
4B5VYRGyn2n-WL6lhSLxp7nKoAUE2fzG5BKNm78zK6gGPFn26Wk7Wg==
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012110042008000/ 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134572
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55667
x-xss-protection
0
server
sffe
date
Fri, 29 Oct 2021 11:45:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11904075b70ba1a0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Oct 2022 11:45:58 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134572
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4996
x-xss-protection
0
server
sffe
date
Fri, 29 Oct 2021 11:45:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"01e91d40c144b6bf"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Oct 2022 11:45:58 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134572
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28494
x-xss-protection
0
server
sffe
date
Fri, 29 Oct 2021 11:45:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a5e24beaf7c9a504"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Oct 2022 11:45:58 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134572
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1635
x-xss-protection
0
server
sffe
date
Fri, 29 Oct 2021 11:45:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"dff2522b082c9ee5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Oct 2022 11:45:58 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134572
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12816
x-xss-protection
0
server
sffe
date
Fri, 29 Oct 2021 11:45:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6a05f1a8ea5ea134"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Oct 2022 11:45:58 GMT
truncated
/ 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6b2c4e844e006b899384e010af5a487f671bcc0dc8e4953608714c22a9a53fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
12688229624636001290
tpc.googlesyndication.com/simgad/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12688229624636001290?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm4VwJfKKEi_391P2NbiFEdvnhFOg
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
268ddbbf9416cb12c7819fdd32ed8e08b437b24d6aac4b528515f11de9af6643
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 04:01:26 GMT
x-content-type-options
nosniff
age
248844
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46457
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 16:38:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 28 Oct 2022 04:01:26 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Oct 2021 13:18:13 GMT
x-content-type-options
nosniff
server
cafe
age
42637
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 31 Oct 2021 13:18:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ 		295 B
756 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Oct 2021 23:42:59 GMT
x-content-type-options
nosniff
server
cafe
age
5151
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 31 Oct 2021 23:42:59 GMT
l
www.google.com/ads/measurement/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGylKgep1rHCEnGRSeMpi3qEwb6_Lz5v3MRs2TNV0pVUc_H4czZrbTUu5tE7ZVeCXB7JRM
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cn0J7oex9Yc2zN6mV7_UP3sSOWPzPuepli_ms_soO8p7coNQBEAEgx-v2HmCV4pCCoAegAb-1xrwCyAECqQKyMXtfFve2PuACAKgDAcgDCKoElQJP0GDBTtA7TrVMRTJDNKQ9ATtruYdZfJTQe3VNSTASAXeEouxpzLu-OnF6bNsJATfMo1hvaN_00tyG37lZqVudQqyhGOLoTRpJALUwdukTj9IL4uGIw02NHlJCoygquXVny98FYATUNCXAhXI3OUL--n8gWedJfI0TZ13Zhwnsq2WDczdOt_JZ9bY2_bckKTmIXeEWGNIvIQg3Ub8jVTtuYMzN14GvbVFh1PJ6jGEif2a9rCW7xJanxGlgU8fn42Idp9ww5ZVd0P1BuCTO3JxgeSuFKHU-D4WETuINHQCiyKfvnvNCGFND0cxw2tsU7T4FJM4McsXN5ApDRaDBgNURPYoAXX7115BA-GDCLhj7AJLG9QDywATW44LZ1APgBAGSBQQIBBgBkgUECAUYBKAGAoAHqcq5wwGoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwMQ8C7SCAkIiOGAcBABGB2ACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItODE4ODQzMTQyNTUwOTk5NxiUmRQ&sigh=DR7OAV8iBXQ&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c69508dfb58596ad4fe52e17e55b22a4d14b86220770213102d2c0b6e16524a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
1399416646783745723
tpc.googlesyndication.com/simgad/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1399416646783745723?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmqaba7nI4WSoOfLS2cIJzwUw6A7Q
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
18ab1fab2a8a6c5339c314a3072f50d0f7e93ca06bf374cafd2f941568ead41a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 00:03:35 GMT
x-content-type-options
nosniff
age
263115
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27084
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 16:38:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 28 Oct 2022 00:03:35 GMT
l
www.google.com/ads/measurement/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQgi9X83E-WaoVvoVRn6Ss_YV8xp9Ce6Vt32zmCl5KxCWg2jwGCEe8ZR-P6DZ_MlxMrY1eE
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cpl5toex9YcyzN6mV7_UP3sSOWPzPueplo_us_soO8p7coNQBEAEgx-v2HmCV4pCCoAegAb-1xrwCyAECqQKyMXtfFve2PuACAKgDAcgDCKoElAJP0Djd4zoS_bs4fEIdl46wpaTRGqakTv1uqYWigobJO4XhULT60SHtDdIJ3oaYh9Xng-jxQ9I2LLIKLNJmKQyshAYGO4KwAzIgL12ybYcpj_XMEWM1Ye8sWxOGNYG2maWCmw7okr5B5yx03I33RkvtfAZkCk4XugqJpDUF174wAmyEu8zhcDXBUnd1LwpXg4ZNwo6h_aA5hSd-Nyt02ZBPS30Bcz29czQy4Vu7i6SJTZT9oIfjl8zdJLngjmPx3w7-48NI1HauoGgHiVJUBjuCzEXgS5qvARWA0NJc4400Yv6AYTS7R9eG58fbqKWUrA1d7jfYFdlHswnI-mR8LQCciGwtxkvllNcrxzw_cOWy-EhHj5rABNbjgtnUA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAepyrnDAagH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHAxDwLtIICQiI4YBwEAEYHYAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi04MTg4NDMxNDI1NTA5OTk3GJSZFA&sigh=D3080aWg_Dw&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a411802f466a1913bc5607a5c848ff04336fff8a236ff169b7b0d280c80d429d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
l
www.google.com/ads/measurement/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdT-xbftkulUtiipYHWS7J8JNX5cfDUNsoXKjEEpiKJbIkB8u8bjRrYhtjKfgciql6bIcA
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ClQTRoex9Yc6zN6mV7_UP3sSOWPzPuepli_ms_soO8p7coNQBEAEgx-v2HmCV4pCCoAegAb-1xrwCyAECqQKyMXtfFve2PuACAKgDAcgDCKoEgQJP0LQ_CjUOzmVHIBbl9tGnHrIhv2Jci7wkWpJYAwQ2o029ZWAcqbQEKOxgKO8Xv3dGBMOKwSlXDBY6rwc8WY0kQ7B86nUFwDfmRfph2_P-8SS4arHeudK2aR_CeRFeTniCsMAQP8IheoU4VTTHZp4d2HsLrODBDRPOZ9gZOGvC7clZW0Aql1OqsGRdUCywVKwFHd0yWVDq645bLSEdPxowOuOEwgdwfwbRC6FbkviHBhPKyZr66hB1js6wMFN4kVvh7-tl6KzGo11JttCsNTXlZ9_IIGiaqInHpNYFdhaM3MMWbP83LP_-ncDWkFyQw_rpU8ljEG2VT8jRU0P9FmWbB8AE1uOC2dQD4AQBkgUECAQYAZIFBAgFGASgBgKAB6nKucMBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcDEPAu0ggJCIjhgHAQARgdgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTgxODg0MzE0MjU1MDk5OTcYlJkU&sigh=zknj0-jk4ok&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ 		0
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=822231141&t=pageview&_s=1&dl=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAAABAAAAAC~&jid=&gjid=&cid=808863817.1635642529&tid=UA-30378177-1&_gid=870537367.1635642529&gtm=2wgar0M8B3VW&z=1368127322
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Oct 2021 05:06:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72142
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=822231141&t=pageview&_s=1&dl=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAAABAAAAAC~&jid=&gjid=&cid=808863817.1635642529&tid=UA-73335503-1&_gid=870537367.1635642529&gtm=2wgar0M8B3VW&z=3390198
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Oct 2021 05:06:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72142
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
188
bc.therecord.com/DG/DEFAULT/rest/rpc/ 		50 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.therecord.com/DG/DEFAULT/rest/rpc/188?referer=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&bcsessionid=1136a49c-d72f-47d8-a0f9-6197aa9a295a&bctempid=&overruleReferrer=&time=2021-10-31T01%3A08%3A50%2B00%3A00&ts=1635642530204
Requested by
Host: bc.therecord.com
URL: https://bc.therecord.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-129.fra50.r.cloudfront.net
Software
- /
Resource Hash
d6fb4673cd26de784b19c1edc2307116bdf07e36997c04d439dce2e4aee4041f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
8482
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.therecord.com
server
-
content-type
application/json; charset=utf-8
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
GTreDb40LXs0HjX8mUUPtixXE7jjs--pluIYchEg-jmdijI3dN51bg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/?redirect=true
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date
Sun, 31 Oct 2021 01:08:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
188
bc.therecord.com/DG/DEFAULT/rest/rpc/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.therecord.com/DG/DEFAULT/rest/rpc/188?referer=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&bcsessionid=1136a49c-d72f-47d8-a0f9-6197aa9a295a&bctempid=&overruleReferrer=&time=2021-10-31T01%3A08%3A50%2B00%3A00&ts=1635642530324
Requested by
Host: bc.therecord.com
URL: https://bc.therecord.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-129.fra50.r.cloudfront.net
Software
- /
Resource Hash
4c8b7527c51bc8264cf623d3f17444f0972b6435bfafa5973c4f5d2aebb80fde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
660
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.therecord.com
server
-
content-type
application/json; charset=utf-8
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
uTno4Nf0X7qkLtTCeVbztHWFtitr5HbUDc_UbpuDV5IPaXM_mi9xPg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
s86053675918375
s.therecord.com/b/ss/torontodnnlocal/1/JS-2.22.2-LBWB/ 		43 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.therecord.com/b/ss/torontodnnlocal/1/JS-2.22.2-LBWB/s86053675918375
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/3c9f569cbf2c/hostedLibFiles/EP6326e4d6b32f4a71ad5204459cc57d66/AppMeasurement.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 31 Oct 2021 01:08:50 GMT
x-content-type-options
nosniff
x-c
main-1540.I13d07b.M0-522
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 01 Nov 2021 01:08:50 GMT
server
jag
xserver
anedge-b4c7fdd79-bcbsq
etag
3512515587325231104-4619667381182789393
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
https://www.therecord.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Sat, 30 Oct 2021 01:08:50 GMT
188
bc.therecord.com/DG/DEFAULT/rest/rpc/ 		140 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.therecord.com/DG/DEFAULT/rest/rpc/188?referer=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&bcsessionid=1136a49c-d72f-47d8-a0f9-6197aa9a295a&bctempid=&overruleReferrer=&time=2021-10-31T01%3A08%3A50%2B00%3A00&ts=1635642530705
Requested by
Host: bc.therecord.com
URL: https://bc.therecord.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-129.fra50.r.cloudfront.net
Software
- /
Resource Hash
ef75934e256d3bc4a5f86f9990b8a9ddde9623f7041380c69e9caca768005889
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
142
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.therecord.com
server
-
content-type
application/json; charset=utf-8
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
hbwN80-PFBfQlOCOBpTIxt5Omb7I_mfILMJP4Ync3_MJHlhpZIadQw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxYSDRmX303tgMrOkuBkEKHBi3EkprBL4GPkLNqH1uvpwlTe77T5gugB2QaO6SVKILmjLQ0flgq3ZvpVP_cGJITD1VadN_UyO7b621Gtx_40g15hAuAQ&sai=AMfl-YThN0NntQsI0u9K4tTrvpuduhiKsdME8wQqfbQbeccolSCF7bAzuvU5Gb8DQPMkn3RyF-madra9vSI7axhMAqkb1W1dKD_LnQEUSYOTYv7SkLAKsqWZe6X9Tb-h8mQTEqDWstcEHhCxJ8VAD4r97y-A&sig=Cg0ArKJSzFd98rTA1RnXEAE&cid=CAASPeRoQje2F13VEPv0BGwOY1DHVOL46YkQZmOcmwSDhUmUSMmGsFi-JF-dI8c7s4sQ5jRqsOD7BmvVHlWo_bc&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=94&tls=1094&g=100&h=100&tt=1094&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=444331335
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:08:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attention-event
sr.studiostack.com/track/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.therecord.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:08:53 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
attention-event
sr.studiostack.com/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.therecord.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Allow
POST
Content-Length
4
Content-Type
text/html; charset=utf-8
Expires
0
ETag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Date
Sun, 31 Oct 2021 01:08:54 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-RKwZAXPHBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-lWWj2Zz1Kg7M0g%3D%3D&sc=1&os=1-Jg%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&pcode=torontoprebidheader623296055317&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=1200&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=9236&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1635642527895&de=59293954765&rx=955519318122&cu=1635642527895&m=6581&ar=fb6a7277fce-clean&iw=89e7fd2&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1155%3A1852%3A2425%3A1166&im=0&in=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5043&cd=0&ah=5043&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=therecord.com%3AWaterloo%20Region%20News%20-%20Latest%20Daily%20Breaking%20News%20Stories%20%7C%20TheRecord.com%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=194999&na=1776143641&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:08:54 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 31 Oct 2021 01:08:54 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| blueConicPreListeners function| BCClass object| blueConicClient object| permutive object| googletag object| __PRELOADED_CONFIG_DATA__ object| __PRELOADED_STATE__ object| __APOLLO_STATE__ object| gs_channels function| receiveMessage object| dataLayer string| url undefined| meta number| _vis_opt_account_id string| _vis_opt_protocol object| bc_json189 number| _vwo_acc_id object| _vwo_exp_ids object| _vwo_exp boolean| _vis_opt_settings_loaded string| _vwo_cookieDomain string| _vwo_uuid string| _vwo_lib_cb string| _vwo_mt string| _vwo_tm object| vwo_iehack_queue object| VWO object| _vwo_pa string| _vwo_opa_cb string| _vwo_worker_cb undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_47510593 object| Moat#PML#26#1.2 boolean| Moat#EVA object| moatPrebidApi string| _vis_opt_file_name function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev object| _vwo_t object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_editorOperationTracker function| _vwo_handleMutations number| _vis_opt_experiment_id boolean| canRunAds boolean| adBlock string| theStarSAccount object| twttr function| fbq function| _fbq object| _comscore boolean| comScoreFirstLoad number| scrollIncrement object| PARSELY function| trackScroll object| referrerHistory string| $igniter_var function| $p object| apstag number| ___vwo object| __nls object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| google_tag_manager object| headertag function| headertag_render object| pbjs undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 object| MoatContent object| __LOADABLE_LOADED_CHUNKS__ function| setImmediate function| clearImmediate function| Buffer object| AWS object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb object| smg number| curY number| curDepthRatio object| TheStar function| theStarLinkClick object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady function| udm_ object| ns_p object| COMSCORE object| webpackChunkli_browser_client boolean| apstagLOADED function| pbq function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s string| keyLinkTrackVars function| _typeof object| gaplugins object| gaGlobal object| gaData object| _bcp object| ggeac object| google_js_reporting_queue object| mdc object| pbProcessor boolean| msgData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing function| $ function| RuleService object| justDetectAdblock object| bcConnectionUtil function| BlueConicDataLayerUtil object| JSONPath function| md5 object| jsonpath boolean| bcUrlListenerActive object| bc_datalayer object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| bc_json190 object| campaignData object| adobeTokens function| trackFB string| fbPixelId string| pageType string| template string| twitterPixelId object| GoogleGcLKhOms object| AMP object| AMP_CONFIG object| __AMP_LOG object| __AMP_ERRORS function| __AMP_REPORT_ERROR object| __AMP_MODE object| __AMP_TOP object| __AMP_SERVICES object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS boolean| __AMP_TAG function| FormProxy number| x object| s_i_torontodnnlocal

55 Cookies

Domain/Path Name / Value
bc.therecord.com/DG/DEFAULT Name: BCSessionID
Value: 1136a49c-d72f-47d8-a0f9-6197aa9a295a
torstar.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 1136a49c-d72f-47d8-a0f9-6197aa9a295a
therecord.com/ Name: selectedCity
Value: thestar
www.therecord.com/ Name: selectedCity
Value: thestar
.therecord.com/ Name: bc_tstgrp
Value: 1
.therecord.com/ Name: permutive-id
Value: 21c33f40-d2f1-4da9-9995-e063e81986e5
.therecord.com/ Name: permutive-session
Value: %7B%22session_id%22%3A%22cd5597f8-bd08-41b7-a88a-42da836b7327%22%2C%22last_updated%22%3A%222021-10-31T01%3A08%3A47.672Z%22%7D
.be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/ Name: pxid
Value: 3670f927-a9ca-4d91-aaec-5bb2f80fec8b
.therecord.com/ Name: _vwo_uuid_v2
Value: D93745F23EE0146750A138B59800F44A7|67c7e0bbdc8d0ed3e9c19ea0a2826c71
.therecord.com/ Name: _vis_opt_s
Value: 1%7C
.therecord.com/ Name: _vis_opt_test_cookie
Value: 1
.therecord.com/ Name: _vwo_uuid
Value: D93745F23EE0146750A138B59800F44A7
.therecord.com/ Name: _vwo_sn
Value: 0%3A1
.therecord.com/ Name: _vwo_ds
Value: 3%3Aa_0%2Ct_0%3A-1%241635642527%3A89.20197618%3A%3A%3A3_0%2C2_0%3A0
www.therecord.com/ Name: userSegmentLogin
Value: false
.twitter.com/ Name: personalization_id
Value: "v1_+Pg8ZpVm7STZXqDuinwT9g=="
.demdex.net/ Name: demdex
Value: 91920720387835992241093056373646475360
.adsrvr.org/ Name: TDID
Value: 796cb175-b4fc-4ef1-a941-3e15e34b028b
www.therecord.com/ Name: AccessToken
Value: idv2kvejbw92cfn7ap9qjotxijbehb6zlm
www.therecord.com/ Name: latestContentTier
Value: 0
www.therecord.com/ Name: rememberMeML
Value: https://www.therecord.com/?redirect=true
.scorecardresearch.com/ Name: UID
Value: 1VJND2CKJUQMDKAUTHURM9g1635642529
.therecord.com/ Name: _igt
Value: 6e31c792-a54c-499d-ba98-c3d528438f02
.therecord.com/ Name: _ig
Value: 1fa639b2-22a7-4ed9-c118-16dbdfdd5cab
.therecord.com/ Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg
Value: 1
.therecord.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.therecord.com/?redirect=true%22%2C%22sref%22:%22%22%2C%22sts%22:1635642528968%2C%22slts%22:0}
.therecord.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=885f76760b73209fcfc75c1006e647ab%22%2C%22session_count%22:1%2C%22last_session_ts%22:1635642528968}
.therecord.com/ Name: s_ecid
Value: MCMID%7C91957278122818991221091654050303023722
.therecord.com/ Name: _ga
Value: GA1.2.808863817.1635642529
.therecord.com/ Name: _gid
Value: GA1.2.870537367.1635642529
.therecord.com/ Name: _gat_UA-30378177-1
Value: 1
.therecord.com/ Name: _gat_UA-73335503-1
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YX3soQAAAHo4kAQS
.therecord.com/ Name: _fbp
Value: fb.1.1635642529052.1102663117
.dpm.demdex.net/ Name: dpm
Value: 91920720387835992241093056373646475360
.therecord.com/ Name: __psid
Value: 1635642529092
.therecord.com/ Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C18932%7CMCMID%7C91957278122818991221091654050303023722%7CMCAAMLH-1636247328%7C6%7CMCAAMB-1636247328%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1635649729s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18939%7CvVersion%7C5.2.0
.facebook.com/ Name: fr
Value: 04F9dQIxEuN5Ikuso..Bhfeyh...1.0.Bhfeyh.
www.therecord.com/ Name: BCSessionID
Value: 1136a49c-d72f-47d8-a0f9-6197aa9a295a
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2E>8j/2Eq!]tbP6j2F-XstGt!@D_8$jY0?
.adnxs.com/ Name: icu
Value: ChgIy5pSEAoYASABKAEwodn3iwY4AUABSAEQodn3iwYYAA..
.adnxs.com/ Name: uuid2
Value: 2888282993700105105
torstar.blueconic.net/ Name: AWSALBCORS
Value: HWuvGgxDrBYBYnBOwHqd4ERfV5+aZyxtaVK3/43qy87jQv8+ExY1V7/tanfbFwpiK0wPImFeDsC52b8HSTMxpMfCTpKATeaSO1InLwjJJ6pinvQ9FgoKg26TrXGH
www.therecord.com/ Name: digitalAccessOverlayStatus
Value: nextPage
www.therecord.com/ Name: digitalAccessOverlaySubscriberStatus
Value: nextPage
.www.therecord.com/ Name: ts_s_ecid
Value: MCMID%7C91957278122818991221091654050303023722
.therecord.com/ Name: __gads
Value: ID=a941864cc64e19b5-223046bf05cb0053:T=1635642529:S=ALNI_MYXgKhYPAVjm9as8B1lbFDu2nGfwQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnhMp0_k6GnE6lMri3W4m2SDDcyy_SA4EnlI-0tX3krU26WsrL2I8cC9IKHiTs
www.therecord.com/ Name: last_visit_bc
Value: 1635642530200
.doubleclick.net/ Name: DSID
Value: NO_DATA
.therecord.com/ Name: s_nr
Value: 1635642530575-New
.therecord.com/ Name: s_nr2
Value: 1635642530576-New
.therecord.com/ Name: s_cc
Value: true
bc.therecord.com/ Name: AWSALB
Value: ip0n+K/kEpZfWhfIuRyHyH+6onvx2131kG3pyWiB9tnEOMIC78ORNNKcPsROYIiL60n33WHUheKfUkPvIka4Y4SJ6cUG1ZuyIdyMKW1I1qSphfjiqXJYcSib7AUx
bc.therecord.com/ Name: AWSALBCORS
Value: ip0n+K/kEpZfWhfIuRyHyH+6onvx2131kG3pyWiB9tnEOMIC78ORNNKcPsROYIiL60n33WHUheKfUkPvIka4Y4SJ6cUG1ZuyIdyMKW1I1qSphfjiqXJYcSib7AUx

15 Console Messages

Source Level URL
Text
javascript warning URL: https://www.therecord.com/?redirect=true(Line 193)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&random=0.42636228168044976, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.therecord.com/?redirect=true(Line 193)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&random=0.42636228168044976, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&random=0.42636228168044976(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-9d6ac57dbcbba3321dd904e6ee78b647.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&random=0.42636228168044976(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-9d6ac57dbcbba3321dd904e6ee78b647.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.therecord.com%2F%3Fredirect%3Dtrue&random=0.42636228168044976(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.therecord.com/?redirect=true(Line 211)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.therecord.com/?redirect=true(Line 211)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-9d6ac57dbcbba3321dd904e6ee78b647.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-9d6ac57dbcbba3321dd904e6ee78b647.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://resources.eyereturn.com/dt/6291/generic.js
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338(Line 5)
Message:
Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338(Line 5)
Message:
Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102601.js?31063338(Line 5)
Message:
Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other warning URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

57dd74cd5beedab9e4bfac92d6cc8910.safeframe.googlesyndication.com
adserver.pressboard.ca
adservice.google.com
adservice.google.de
analytics.twitter.com
api.permutive.com
api.rlcdn.com
api.thestar.com
as-sec.casalemedia.com
bc.therecord.com
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
cdn.ampproject.org
cdn.parsely.com
cdn.petametrics.com
cm.everesttech.net
connect.facebook.net
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d5phz18u4wuww.cloudfront.net
dev.visualwebsiteoptimizer.com
dmx.districtm.io
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hb.districtm.io
htlb.casalemedia.com
ib.adnxs.com
images.thestar.com
js-sec.indexww.com
match.adsrvr.org
mb.moatads.com
p1.parsely.com
pagead2.googlesyndication.com
platform.twitter.com
px.moatads.com
query.petametrics.com
resources.eyereturn.com
resources.thestar.com
s.therecord.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
sejs.moatads.com
sr.studiostack.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
therecord.com
torontostarnewspaperslimited.demdex.net
torstar.blueconic.net
torstar.gscontxt.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.therecord.com
z.moatads.com
tpc.googlesyndication.com
104.111.239.215
104.16.190.66
104.18.5.81
104.244.42.131
104.244.42.133
108.128.92.179
13.36.218.177
142.250.181.225
142.250.181.228
142.250.184.200
142.250.184.226
142.250.184.238
142.250.185.225
142.250.185.226
142.250.185.67
142.250.185.97
142.250.185.98
142.250.186.138
142.250.186.98
143.204.101.2
143.204.101.224
143.204.101.28
143.204.103.127
143.204.95.188
143.204.98.112
143.204.98.114
143.204.98.123
143.204.98.125
143.204.98.129
143.204.98.97
146.88.138.85
157.240.221.16
157.240.221.35
158.101.193.98
172.217.16.130
173.194.76.157
18.134.72.135
184.31.84.150
185.33.220.241
185.33.220.243
199.232.136.157
2.18.234.21
2.18.235.40
3.213.205.83
34.107.254.252
34.120.133.55
34.96.102.137
35.190.14.224
35.241.9.51
51.104.28.77
52.205.167.202
52.223.40.198
52.28.203.152
52.51.58.216
52.51.88.158
93.184.220.66
02e1c4508320ee6bc6b884c4de9a0d73e541b6735fa139cbd957a27f42c72140
04b77125e19df15788b0879fc6c6ba217958f5f49ff3e39223e77c1a3e1f2e04
059a877a7b9142b5a4ce9d51ccba5e870e213b200226cff5bc1413bc34e75f20
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
079c9087367df7a04c37758edeb7c4c144c68b3e8cf81f6acbda4822cf659ec1
08978e03db8ac78af1f563de3e6c6ca10b9c170cf8a7b31d0e499614309e4129
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
0a96841f66e6b9c9421ce336b18b39a5e1310c833fce81aa6f373e61f488206c
0b288855d753a6f35de1ad5d63f66fb3e455a1066f4fc980899b64b1f9163713
0c2c69ba33a4d4eb53419c912ea55131208d76852cc632e2544833497d165bc3
0d057f68aa7caa9c4ad930fdccc2924d6719af8d5aa0f53de21e823e6c8df033
0f1cf8159e8556270c7bce1f1184b1b488806e479e798508684f7275594727fa
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1147271d437a8ada6e32368f3cd8c3d453cb210c281abca37444784942d1379b
1223d568601507bdd1c205ff9db52edb4c60b0421448aaf96f019b3d2458b09a
133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e
16d7b9eb3ab0b5172ea43d111c914aef27f863f5310240a045cbe701393b7abc
181848fbffebcab78e98be4a0b8fe9d18fc802eac7c492056305849cd5ee92e0
18ab1fab2a8a6c5339c314a3072f50d0f7e93ca06bf374cafd2f941568ead41a
1a2d8b1bb1f6e7444aa05a80f50f4d393da6fb19457fac31be5a07e99bba831a
1b723e0d0e0276b6164551f0f25b5e9a0fa13a1cbbc06a5e2be4ec4a510f0b12
1d6cbbaa1f67f3a0bd51cf2f85fc36c444372023ead4f136c440e0c3f122644a
1df25bb2fc9596679198b86639d4e714fa13b7cf0ffe64a67045d1d507afd009
1f1946e2d87846cbceb83d8e2a9a7137c5b5cdaa1bc90f6acd652a62ed04a3a5
20923c2ed08327bc9eee91589822bb8cd6a40546312b950e998fe3ef80ea8b71
22bf8f301983af4a61692d5002d4258dbe50ba36622578f1189fb56ec26a3146
268ddbbf9416cb12c7819fdd32ed8e08b437b24d6aac4b528515f11de9af6643
27c30b288016abeb6fbf86cd24a410b7d89a8567348b4ca917ad56c8c80455af
2a72d93a888cb738600df74e40a1acaa765117d354232c682320a65d7e15b03c
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
2f9c4bd78c85e2c9482838b96c9460543e70a99e4a822c11eb01e0a1f8b3f73b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3396e072885bf6734096be74c3a9153c9234eae594d45fc273822e1f3563414e
33f20fa1fedc80e5ac3a2887af44e76a445497357e50d8b3dd8e47c0f19e4bbe
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
39b22117e39903ddf411626a0f7ba1d81e6b5f97935ebe2a6c2ac243235f68dc
3a0102f6b88616a31065318392e6bc61a6a753d66eacfdfd905b161567a8699d
3a3a2b7dd118839cff6879aa8b56de6c9e56aa0d55cff69a794caf86cf7c906e
3c265536042feb4749d5cb80372914ac943bf1afed48024ef59c3a0044429522
3c69508dfb58596ad4fe52e17e55b22a4d14b86220770213102d2c0b6e16524a
40a082956ed988861f9b57ce91f06eb686c164ede67334b00714306f6e0b03d5
44422576be25a3211b86c0614206a0875d1acf762262eaf88ae7538d4054dbfa
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
472d911ab15eef1cce741f8c4996c9786aa540b53a18068afe9d4fd6a5f2f2f2
4787257f2b5422a35a59697faad40da2634e95814eff1434110e9ac556069e7e
49fa91c0db5de8b9aaead13954ca2d58fa99d90f2c1e48c4cd77e3e1c269fa10
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
4c52fd733f9e050706e73b27145aa20b13215064f5f7595b86d327218f0a9237
4c8b7527c51bc8264cf623d3f17444f0972b6435bfafa5973c4f5d2aebb80fde
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
54e588d3c440e8fc3c401bdb9e231000555287d79add2dbf1703f8bf13802021
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
583a8735e8714c413ee3ef9baa78afe76f3df8b9c0f8c787f29e78f8f388eb06
58a6e36d9b9032be70052ebf42201b8dfab1ae87a0040082565900dcd521bfce
5a247496bc74eccc2f2ecacd48f8698976ebda9d2717d0ea8bb162a605572464
5b8b1cbb1bacb265ecd2affc0ab76c3819cfb68789c68aaa3e0e9ddd9975aad4
5bcb40e5f899c1a6d9f0c0765e76a0b6c0040434443283f2f608b7dd22a05257
5d2d8a15d02e9ad316cab103613356d476688607d91dddf79decd8b03ffd8352
5da4fd106c0579a3a3ed3d8c27bb0123c8aa31ebcb1262357ee20d338ac8d12f
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
610e357d4e37f6df2a9447ed9ebae41bdbbec9b8ec08a1d560f3f258f71a04c3
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
700f63ad216bea81b52bfd641294d0775834c38a008ef420d7edfd5f239ddd69
714834ed861c34dedeb55337322da3d74ee0a11c7f51163bd80277e5dd8a11de
73e944306ea136a27c9f7d362c0054b2a1e7178a9afcaa4b60f0b5d38a6ea69e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
767151dcee5897c6cf0a32de1d38e8d62083da83c933a5d170d9d12e74c980a9
771206b4871f340480acf99faf7d23c1ccfecfc3083f99254c98a987122fed9b
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
79add708a5b90bef550f8f0402457a6deebe9a221250c3478ab602db13ce6e54
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ebfbdf032326a8b39a95857cb2decb79471f034f37f2bd19115226a558a84ef
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8156274be416705f770f8d4e0338e9886f99a863f433e105dc497f2e998f1812
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8341c908ba52daf5de9fa2bb358f23832891d7e41498c23efce3f06a88d25790
83491eeaf857d21126712ed9d207bb9e25d35db023038c1162a9eb3c92d8200c
84d7f246c627e1dace32be9718823468baa37312c810ba75735ed8818e596fe9
89630bcc5819b44a10c049ccdcd4e7a593ae22591b6b8015b4d5087eecdaa9c7
8b9a8b7f4e0eacfff24af681e1225070e2b4ca196af7575f4f9ee7abf2e5b75b
8e8574026a04195a694ec12f088d744eed6c3210ee15fe84a3c04ed8308badea
92a9a2965b5d8aba642aab11278902a43e02935175599f11e810db1024051992
934cdac05eac50eb48403aeb2b6f2430d1e34ba4c49173d198d0d748841c9bfb
9474557b14923e78c9b0b7b44bccd0d7018187fb0150095946932a071f155933
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd
97a8cb323b800e312421b5f10b9292a19c964f2de15e15703bbed583e1d78639
98c3f052b72e7bd0d9797e054a0817794b9814bf34f2e8489fbeded175bee5b5
9a5ffd3735db2940b6f1b24b6628d40f2a8f4e6ba591865356dabbfbf7038d66
9af3151ce4d53c18ac2ac1bd12d6107775327326b352cebef24204b1f1f8ca5c
9c893ea312e7b567157b2d2471db0a0929e04b13b642b7b3fedf378855fb6b79
9cdfde961deefbcee674fd865940cc32922fe2a710420d2f87e2e66b4ea3e1cc
9d72dece8ed48f4ba9c11e021a9cec5bc4e698ff95da7e378d71bca8a18c5667
9ff2daf17db56f877ab13c10078f5c7c796b3464b5d0049f15d9ddb4db39924b
a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c
a176b44662d7eb55562527b7df840e6eb620d9f326989674a16f0765dc94f360
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a411802f466a1913bc5607a5c848ff04336fff8a236ff169b7b0d280c80d429d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa1ab264509ebb2923a84401b245319c48e1df406c17c5283f19b3e4b408de51
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae2f0da1d60556bd1e069bce2947590416839d4a3c3627c544e5d7b8b6ec36b7
af467d4e3138c51e524ebe5c9a2957186b8d2a9a437963b59fcba814879aba42
b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b302c188cc0aa21788901fb82c0011525ed35f77d8b26593fea57e850ec94079
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
b68f1d8a03015faa2cbf5a8ccfe570d76ff2ff587b0ad86e38052a00bcf5cd72
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
bd54d3dc95cf10c02ae9f22ec9e0d584284f02c241478074e4caadf5a8f49e6c
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
bef0b1129a23d6614b2914c9a5a1de8d4f2746cdf732181a3e01c0b4a4e80ea0
c6b2c4e844e006b899384e010af5a487f671bcc0dc8e4953608714c22a9a53fb
c9dad2e85ed4eabdd82b80174503fa8a56fed29da4713e0a080167b568b54e10
c9eef508a48855ddd0b36c98368f8f0cecc1ae6f316156703da4934eb3508d5d
cc21d5a9e609b2997b4f9c3a5b520216e5ef6522c656b81b6105c9b62a8fcc5b
cd832e09f93c9a48b3d738b1b6eefdee43c8ec90727310fcac5d02fca94b29de
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe210b9b960e92d867cb501ba3cb9b03c4c66b816dd2427566bed986fb1c00f
d3a268afe2578871f64d50a68127bf60d0f0524b369b97f56e7ce3cde730c110
d4aa257db18f6063c542136a1a45a9ac6ce1026cffe0f27cb2cb9a80e4d78c1a
d5094ecf4fa2afa6ef227fb4e945fe80c96a9125ee5b52b6c407c91aee660e7f
d6fb4673cd26de784b19c1edc2307116bdf07e36997c04d439dce2e4aee4041f
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a
d979815884f1c8becf25ae063836bf14728151f9c1633862af0250402302eda4
d998d5d41de30d3427d2aea25fca650619b25779bf0ba68a8102b4be2aa75a7a
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9cbf4615f62b850b21aae2c75e454fc915d28158ed15d4868305405589b62a
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df69ab6b5ace74afe676ea122d35ccdcfed400622b7ee4c574cc55562fbda5c7
dfe8f7f111b5e1229765302dccfedd695ec7ff32a83a34c80f9bb0ac74fdc917
dfee47f9a3460117df8b06284ef577f78956381a2e3303d344f3e12b01b845ec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c1b74f537f7fafc5cf77ebe0830a7e0020e26ab9390b346eee562d5007d690
e4169e96e542de70eb426c71b029165f55a8e718215ac069f0c656e469197d0f
e6cff966cf6b1b9374e6ac5a130b896c1a23742530fb44bb102ac55f956eac75
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861
ea374bda0d2e2a3b395464a87e827e8c5a71ef188f30293b89e199ac85b11267
ea91e46624febbfc01c1a1623c45aba51aa8bccda2a8dc2cd11427fc3f0c101b
ebabc8ebcb1e84a5a8072d05a76d9528a3aa692a0761c07d977c410412cc4fd4
ecd8c075589e9d41cbdd3ccaa6b5646aac7c2d4bb66b6982110d36cf1d2a0ca7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef43fac43f5b5032094f86e525d294098afa03c035f6564ad5e611d7b75684b5
ef75934e256d3bc4a5f86f9990b8a9ddde9623f7041380c69e9caca768005889
f1b8801bfd16cd242166b1a4a1ed918bb2b650a496640dd3ecc8fa11c743f449
f1e39c99cbce0f004507b520ec7d70439089a505f0dc702698400e3340191115
f4d5e38853c97e6ce404c1915524d0c9f90f414d6c0e68be986a3f13b8a1e8e8
f6d28e78a70a55a2d131d8de9a18ec5157608a4aa274605e37ef0d5af7410b94
fc36052cbcf725cc0524ee51eb8f467d6d11ea4a5a48cfbf1bd119c57ac517f2
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd2d3727e2bf056b8f108414c53312119bb882738579b003c4c2fa699e99a6b2