Submitted URL: http://therecord.com/whatson/artsentertainment/article/302309--theatre-veteran-domini-blythe-dies-in-montreal-at-age-63
Effective URL: https://www.therecord.com/
Submission: On December 24 via api from AU — Scanned from AU

Summary

This website contacted 66 IPs in 7 countries across 54 domains to perform 324 HTTP transactions. The main IP is 192.104.182.109, located in United States and belongs to LEE-ASN, US. The main domain is www.therecord.com.
TLS certificate: Issued by R3 on December 11th 2023. Valid for: 3 months.
This is the only time www.therecord.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 8 192.104.182.109 10668 (LEE-ASN)
66 104.16.133.24 13335 (CLOUDFLAR...)
18 142.250.66.194 15169 (GOOGLE)
12 142.251.221.65 15169 (GOOGLE)
16 13.227.74.97 16509 (AMAZON-02)
1 172.64.146.86 13335 (CLOUDFLAR...)
3 142.250.204.10 15169 (GOOGLE)
1 152.199.39.108 15133 (EDGECAST)
4 18.67.111.76 16509 (AMAZON-02)
12 172.217.167.72 15169 (GOOGLE)
3 18.67.92.138 16509 (AMAZON-02)
1 150.136.157.133 31898 (ORACLE-BM...)
1 18.67.111.56 16509 (AMAZON-02)
8 142.250.67.3 15169 (GOOGLE)
1 35.241.9.51 15169 (GOOGLE)
6 9 103.43.89.4 29990 (ASN-APPNEX)
8 34.107.254.252 396982 (GOOGLE-CL...)
1 104.22.60.90 13335 (CLOUDFLAR...)
3 3.89.167.202 14618 (AMAZON-AES)
5 188.240.13.2 39572 (ADVANCEDH...)
1 2 104.16.122.175 13335 (CLOUDFLAR...)
6 142.250.204.14 15169 (GOOGLE)
1 18.67.114.43 16509 (AMAZON-02)
5 3.25.18.8 16509 (AMAZON-02)
32 35.190.14.224 15169 (GOOGLE)
2 63.140.56.117 16509 (AMAZON-02)
1 1 54.255.30.10 16509 (AMAZON-02)
3 142.250.76.97 15169 (GOOGLE)
2 10 52.46.130.91 16509 (AMAZON-02)
4 18.67.89.160 16509 (AMAZON-02)
1 142.250.66.206 15169 (GOOGLE)
2 157.240.8.23 32934 (FACEBOOK)
1 18.67.101.75 16509 (AMAZON-02)
1 18.67.97.57 16509 (AMAZON-02)
1 35.163.144.222 16509 (AMAZON-02)
2 216.239.34.181 15169 (GOOGLE)
3 74.125.200.155 15169 (GOOGLE)
1 2 142.251.221.70 15169 (GOOGLE)
3 142.250.76.98 15169 (GOOGLE)
1 3 18.67.93.39 16509 (AMAZON-02)
2 4 54.79.148.68 16509 (AMAZON-02)
4 172.217.167.70 15169 (GOOGLE)
2 172.217.24.34 15169 (GOOGLE)
2 142.250.204.6 15169 (GOOGLE)
6 18.244.214.125 16509 (AMAZON-02)
1 157.240.8.35 32934 (FACEBOOK)
1 44.242.33.86 16509 (AMAZON-02)
1 172.217.167.98 15169 (GOOGLE)
10 15 142.250.204.2 15169 (GOOGLE)
4 8 172.64.151.101 13335 (CLOUDFLAR...)
2 172.217.24.36 15169 (GOOGLE)
6 52.74.189.155 16509 (AMAZON-02)
1 6 35.244.159.8 396982 (GOOGLE-CL...)
2 23.204.65.234 16625 (AKAMAI-AS)
14 19 69.173.158.64 26667 (RUBICONPR...)
1 151.101.193.229 54113 (FASTLY)
1 103.229.10.192 16509 (AMAZON-02)
4 4 3.33.220.150 16509 (AMAZON-02)
1 1 211.120.53.203 4694 (IDCF IDC ...)
2 2 13.224.181.71 16509 (AMAZON-02)
1 107.23.71.155 14618 (AMAZON-AES)
1 1 54.174.79.84 14618 (AMAZON-AES)
12 54.149.20.216 16509 (AMAZON-02)
1 1 8.43.72.98 26667 (RUBICONPR...)
1 67.220.226.233 16509 (AMAZON-02)
1 13.107.42.14 8068 (MICROSOFT...)
1 1 54.255.26.62 16509 (AMAZON-02)
2 2 18.180.45.14 16509 (AMAZON-02)
3 3 35.84.163.233 16509 (AMAZON-02)
1 23.1.240.43 20940 (AKAMAI-ASN1)
1 131.153.206.100 59210 (PHOENIXNA...)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
1 1 13.227.254.41 16509 (AMAZON-02)
1 2 18.67.93.44 16509 (AMAZON-02)
1 2 209.191.163.210 32475 (SINGLEHOP...)
324 66
Apex Domain
Subdomains
Transfer
66 townnews.com
bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 21370
736 KB
33 petametrics.com
cdn.petametrics.com — Cisco Umbrella Rank: 12958
query.petametrics.com — Cisco Umbrella Rank: 13972
234 KB
30 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
12987815.fls.doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
ad.doubleclick.net — Cisco Umbrella Rank: 139
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
236 KB
29 googlesyndication.com
a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
175 KB
22 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
29 KB
22 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 900
static.adsafeprotected.com — Cisco Umbrella Rank: 602
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
345 KB
16 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
84 KB
16 thestar.com
resources.thestar.com — Cisco Umbrella Rank: 244784
110 KB
12 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
905 KB
10 therecord.com
therecord.com
www.therecord.com
s.therecord.com
112 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
7 KB
8 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
5 KB
8 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2205
929 B
6 openx.net
u.openx.net — Cisco Umbrella Rank: 672
us-u.openx.net — Cisco Umbrella Rank: 491
jp-u.openx.net — Cisco Umbrella Rank: 15595
2 KB
6 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
2 KB
6 google.com
ampcid.google.com — Cisco Umbrella Rank: 2783
analytics.google.com — Cisco Umbrella Rank: 152
adservice.google.com — Cisco Umbrella Rank: 93
www.google.com — Cisco Umbrella Rank: 2
3 KB
6 cityspark.com
cdn.cityspark.com — Cisco Umbrella Rank: 31601
cdn-p.cityspark.com — Cisco Umbrella Rank: 22257
19 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 344691
officeworks.demdex.net
6 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
5 gstatic.com
fonts.gstatic.com
185 KB
4 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
1 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
2 KB
4 google.com.au
www.google.com.au — Cisco Umbrella Rank: 29909
ampcid.google.com.au
1 KB
4 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1681
35 KB
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 13913
i.viafoura.co — Cisco Umbrella Rank: 13734
4 KB
4 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 13686
212 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 835
1 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 846
sync1.intentiq.com — Cisco Umbrella Rank: 2869
2 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1010
523 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
1 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25818
1 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
120 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
129 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3052
p1.parsely.com — Cisco Umbrella Rank: 2300
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
89 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 857
3 KB
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1398
557 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
451 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 866
649 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
514 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
1 KB
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
857 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 1011
373 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
40 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1340
175 B
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1110
517 B
1 prmutv.co
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co — Cisco Umbrella Rank: 440057
386 B
1 gscontxt.net
torstar.gscontxt.net — Cisco Umbrella Rank: 315687
419 B
1 permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app — Cisco Umbrella Rank: 331634
129 KB
1 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
10 KB
324 54
Domain Requested by
66 bloximages.chicago2.vip.townnews.com www.therecord.com
bloximages.chicago2.vip.townnews.com
32 query.petametrics.com cdn.petametrics.com
www.therecord.com
16 resources.thestar.com www.therecord.com
resources.thestar.com
15 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
u.openx.net
s.amazon-adsystem.com
15 pagead2.googlesyndication.com www.therecord.com
a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
13 pixel.rubiconproject.com 9 redirects s.amazon-adsystem.com
12 dt.adsafeprotected.com a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
www.therecord.com
12 www.googletagmanager.com www.therecord.com
www.googletagmanager.com
11 tpc.googlesyndication.com www.therecord.com
a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
10 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
match.sharethrough.com
9 ib.adnxs.com 6 redirects be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
googleads.g.doubleclick.net
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
8 api.permutive.com be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
7 www.therecord.com 1 redirects www.therecord.com
6 token.rubiconproject.com 5 redirects eus.rubiconproject.com
6 match.sharethrough.com s.amazon-adsystem.com
match.sharethrough.com
6 static.adsafeprotected.com fw.adsafeprotected.com
a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
www.therecord.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 cdn-p.cityspark.com cdn.cityspark.com
cdn-p.cityspark.com
5 fonts.gstatic.com fonts.googleapis.com
4 match.adsrvr.org 4 redirects
4 ad.doubleclick.net www.therecord.com
4 fw.adsafeprotected.com 2 redirects www.therecord.com
4 cdn.segment.com www.therecord.com
cdn.segment.com
4 cdn.viafoura.net www.therecord.com
cdn.viafoura.net
3 ups.analytics.yahoo.com 3 redirects
3 sb.scorecardresearch.com 1 redirects www.therecord.com
3 googleads.g.doubleclick.net www.googletagmanager.com
a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
3 www.google.com.au www.therecord.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 api.viafoura.co cdn.viafoura.net
3 c.amazon-adsystem.com www.therecord.com
c.amazon-adsystem.com
3 fonts.googleapis.com www.therecord.com
cdn-p.cityspark.com
3 securepubads.g.doubleclick.net www.therecord.com
securepubads.g.doubleclick.net
2 ce.lijit.com 1 redirects
2 capi.connatix.com 1 redirects
2 match.prod.bidr.io 2 redirects
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 us-u.openx.net u.openx.net
2 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 www.google.com www.therecord.com
tpc.googlesyndication.com
2 officeworks.demdex.net a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
2 s0.2mdn.net a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
2 www.googletagservices.com a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
2 12987815.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 analytics.google.com www.googletagmanager.com
2 connect.facebook.net www.therecord.com
connect.facebook.net
2 s.therecord.com resources.thestar.com
www.therecord.com
2 dpm.demdex.net resources.thestar.com
www.therecord.com
2 unpkg.com 1 redirects www.therecord.com
1 sync1.intentiq.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 prebid.a-mo.net
1 hb.yahoo.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 px.ads.linkedin.com s.amazon-adsystem.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 i.viafoura.co cdn.viafoura.net
1 tg.socdm.com 1 redirects
1 pixel.quantserve.com cdn.cityspark.com
1 cdn.jsdelivr.net cdn.cityspark.com
1 adservice.google.com 12987815.fls.doubleclick.net
1 p1.parsely.com www.therecord.com
1 www.facebook.com www.therecord.com
1 ampcid.google.com.au www.google-analytics.com
1 api.segment.io cdn.segment.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 d1z2jf7jlzjs58.cloudfront.net www.therecord.com
1 ampcid.google.com www.google-analytics.com
1 cm.everesttech.net 1 redirects
1 torontostarnewspaperslimited.demdex.net resources.thestar.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.petametrics.com bloximages.chicago2.vip.townnews.com
1 be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 torstar.gscontxt.net www.therecord.com
1 cdn.cityspark.com www.therecord.com
1 be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app www.therecord.com
1 cdn.ampproject.org www.therecord.com
1 therecord.com 1 redirects
324 86
Subject Issuer Validity Valid
therecord.com
R3
2023-12-11 -
2024-03-10
3 months crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS RSA CA G1
2023-03-13 -
2024-04-12
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.thestar.com
Amazon RSA 2048 M02
2023-05-29 -
2024-06-26
a year crt.sh
permutive.app
Cloudflare Inc ECC CA-3
2023-11-06 -
2024-02-04
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
sni0f49gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-24 -
2024-08-23
a year crt.sh
viafoura.com
Amazon RSA 2048 M02
2023-08-08 -
2024-09-06
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.gscontxt.net
DigiCert TLS RSA SHA256 2020 CA1
2023-11-09 -
2024-12-09
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2023-02-20 -
2024-03-20
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.prmutv.co
R3
2023-11-29 -
2024-02-27
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
api.permutive.com
R3
2023-12-15 -
2024-03-14
3 months crt.sh
cdn.petametrics.com
R3
2023-11-18 -
2024-02-16
3 months crt.sh
cdn-p.cityspark.com
R3
2023-12-15 -
2024-03-14
3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2024-10-26
a year crt.sh
*.liftigniter.com
R3
2023-12-08 -
2024-03-07
3 months crt.sh
s.therecord.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-13 -
2024-09-12
a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-03 -
2024-02-19
a year crt.sh
*.segment.com
Amazon RSA 2048 M03
2023-11-14 -
2024-12-13
a year crt.sh
*.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-10-02 -
2023-12-31
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
*.parsely.com
Amazon RSA 2048 M02
2023-05-06 -
2024-06-03
a year crt.sh
*.segment.io
Amazon RSA 2048 M03
2023-12-13 -
2025-01-11
a year crt.sh
*.google.com.au
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA
2023-12-11 -
2024-12-10
a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02
2023-03-29 -
2024-04-27
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2023-07-07 -
2024-08-04
a year crt.sh
www.google.com
GTS CA 1C3
2023-11-27 -
2024-02-19
3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M02
2023-09-23 -
2024-10-20
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
quantserve.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01
2023-05-09 -
2024-06-06
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2023-06-21 -
2024-03-02
8 months crt.sh

This page contains 21 frames:

Primary Page: https://www.therecord.com/
Frame ID: 9AE39E8C4F5552420A1E922E074EB147
Requests: 206 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: E280BBA935FE375A3FDFECB18D1C768B
Requests: 1 HTTP requests in this frame

Frame: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 90972B12D8619A7B00D88BCE810441B4
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_ox-db5_an-db5&dcc=t
Frame ID: F8D8095FE8C6BDC91D3C333B3E405928
Requests: 1 HTTP requests in this frame

Frame: https://12987815.fls.doubleclick.net/activityi;dc_pre=CPj9xpbFp4MDFcBHwgUdAXcJ7A;src=12987815;type=invmedia;cat=there0;ord=4767749337761;auiddc=1475064986.1703402598;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.therecord.com%2F
Frame ID: E950ADFB38FBB75D8325D09F404AACFD
Requests: 2 HTTP requests in this frame

Frame: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6E7940A8A2B9FF3F8CB0E52F842E7A60
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLUDEOvo8AIY9fXQ-AEwAQ&v=APEucNVkzwawfvVajvEQEJP5edZCylJi-cl8GTUerjgqkV9FnvDBoMZ2vFPanQ4iOpsdNd02fwIJ8OITqDAM6tMOBb-bE5LZ3Q
Frame ID: 3E04768F32CF5CE24A94BCA8FB8CD2BB
Requests: 5 HTTP requests in this frame

Frame: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CA72A87EB0D1AB7FFE289747C14D0000
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLUDEOvo8AIYue_Q-AEwAQ&v=APEucNUO4pc3XTOX2Dj65g7tOmQBuQum41-KpKO9T3L8WLD606rowGDIZup7TDHAZhV4Kt9dtLlzr6KFZ_75fowQ5268MGYCuA
Frame ID: 4ABB5828ECEE303DB8A1C6E3E54ED528
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 9521B69EDB66840CE11BB03E9065F371
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A9B9119BE430A1630F04FA000D17AC20
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A989B65B626055BD97A3D8AC8E0FE4B2
Requests: 3 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 6B7BC8BA1819D04C377E5DF3C062925A
Requests: 6 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: DC941264DC59B28142AE575782CDF45E
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: A3580A0B18C40C688CA54FA9BD537037
Requests: 20 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=7721964774499555086&ex=appnexus.com
Frame ID: DD3F6793C93D07606788252A24DF5D48
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Frame ID: 058A3D7F5C76E4ECE0F137A95812ECF1
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: EE612A14B0BC2BC5F16ADB15D34C2B7D
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 1CCF55FE9DB8660FAC2598973E485CFA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7AFDC4FC67F777E2052E2ED881925A3A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0C0E8E6CA900C057891D2C79C409765D
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

therecord.com

Page URL History Show full URLs

  1. http://therecord.com/whatson/artsentertainment/article/302309--theatre-veteran-domini-blythe-dies... HTTP 301
    https://www.therecord.com/whatson/artsentertainment/article/302309--theatre-veteran-domini-blythe-dies... HTTP 301
    https://www.therecord.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Overall confidence: 100%
Detected patterns
  • tracker\.js

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

324
Requests

88 %
HTTPS

0 %
IPv6

54
Domains

86
Subdomains

66
IPs

7
Countries

3998 kB
Transfer

11923 kB
Size

86
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://therecord.com/whatson/artsentertainment/article/302309--theatre-veteran-domini-blythe-dies-in-montreal-at-age-63 HTTP 301
    https://www.therecord.com/whatson/artsentertainment/article/302309--theatre-veteran-domini-blythe-dies-in-montreal-at-age-63/ HTTP 301
    https://www.therecord.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@3.5.0/dist/web-vitals.iife.js
Request Chain 122
  • https://cm.everesttech.net/cm/dd?d_uuid=55199463295850422351607168902819030798 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYfcZgAAALBSywN-
Request Chain 125
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_ox-db5_an-db5 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_ox-db5_an-db5&dcc=t
Request Chain 176
  • https://12987815.fls.doubleclick.net/activityi;src=12987815;type=invmedia;cat=there0;ord=4767749337761;auiddc=1475064986.1703402598;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.therecord.com%2F HTTP 302
  • https://12987815.fls.doubleclick.net/activityi;dc_pre=CPj9xpbFp4MDFcBHwgUdAXcJ7A;src=12987815;type=invmedia;cat=there0;ord=4767749337761;auiddc=1475064986.1703402598;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.therecord.com%2F
Request Chain 195
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703402598887&ns_c=UTF-8&c7=https%3A%2F%2Fwww.therecord.com%2F&c8=therecord.com&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703402598887&ns_c=UTF-8&c7=https%3A%2F%2Fwww.therecord.com%2F&c8=therecord.com&c9=
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcdRxHvRRMExDXGd-FTJHM&google_cver=1
Request Chain 217
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYfcZ3bkFRWVIpw1Lo7ppAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcdRxHvRRMExDXGd-FTJHM&google_cver=1
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPHZaP6_506UFUMBcQoAwTI&google_cver=1
Request Chain 219
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMDM4OTczOTAzNTU2NzIwNg%3D%3D
Request Chain 220
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcdRxHvRRMExDXGd-FTJHM&google_cver=1
Request Chain 221
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYfcZ3bkFRWVIpw1Lo7ppAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcdRxHvRRMExDXGd-FTJHM&google_cver=1
Request Chain 222
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPHZaP6_506UFUMBcQoAwTI&google_cver=1
Request Chain 223
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMDM4OTczOTAzNTU2NzIwNg%3D%3D
Request Chain 237
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 239
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=7721964774499555086&ex=appnexus.com
Request Chain 251
  • https://match.adsrvr.org/track/cmf/openx?oxid=d5c9f63a-ab51-35f2-6d73-512d35f08004&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=d5c9f63a-ab51-35f2-6d73-512d35f08004&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=233b9c63-060b-4312-961b-642f1fa96fdd&ttd_puid=d5c9f63a-ab51-35f2-6d73-512d35f08004&gdpr=0&gdpr_consent=
Request Chain 252
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYfcZ8Co5s8AAJFQRjgAAAAA
Request Chain 253
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ASGmiil13DFuks8AED41viTYBs8AAAGMmrT12w
Request Chain 255
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPggUi7rPA5X2b1YASkmKyU&google_cver=1
Request Chain 267
  • https://fw.adsafeprotected.com/rfw/st/1678003/76662699/skeleton.js?adsafe_url=https%3A%2F%2Fwww.therecord.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.therecord.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:b235abd9-925e-061d-39eb-db5b1a07ffb0,c:xJc5zR,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-6f6d68999-p6dlg,rg:au,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:1020,mot:0,app:0,maw:0,fm:tZl5I67+11%7C12%7C1311%7C1312%7C1313%7C1314%7C14%7C15*.1678003-76662699%7C151%7C152%7C161%7C162%7C17,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:1057,oid:4fab2bc3-a22d-11ee-a749-42a294fdfa34,v:19.8.466,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=MjQyNWQyYTctOGYxMC00ZDRjLWI3NGItZTZkYjcwYzRiMmQ4 HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 271
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=233b9c63-060b-4312-961b-642f1fa96fdd&gdpr=0&gdpr_consent=
Request Chain 272
  • https://sync.srv.stackadapt.com/sync?nid=15&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-b5741e3a-2fb1-50ea-7fd0-adaa454b4b1f$ip$66.203.112.168&gdpr=0&gdpr_consent=
Request Chain 273
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQJ5XEJH-V-3EA&gdpr=0
Request Chain 277
  • https://fw.adsafeprotected.com/rfw/st/1678003/76662696/skeleton.js?adsafe_url=https%3A%2F%2Fwww.therecord.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.therecord.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e7536173-348d-2001-5e87-46de5d4c16b1,c:xJc5BC,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-6f6d68999-zl6jk,rg:au,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:1031,mot:0,app:0,maw:0,fm:tZl5I88+11%7C12%7C1311%7C1312%7C1313%7C1314%7C14%7C151%7C152%7C153%7C16*.1678003-76662696%7C161%7C162%7C17,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:1041,oid:4fbba6db-a22d-11ee-a572-3a2df3d1fa68,v:19.8.466,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 283
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LQJ5XE5R-15-BRU0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQJ5XE5R-15-BRU0&ex=d-rubiconproject.com&status=ok
Request Chain 286
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFKNVhFNVItMTUtQlJVMA== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJW11XptlsnqubILnYHa2eg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFKNVhFNVItMTUtQlJVMA==&google_push=
Request Chain 287
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2quoDjWjRFCoHmL8g9rOMA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2quoDjWjRFCoHmL8g9rOMA
Request Chain 288
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQJ5XE5R-15-BRU0
Request Chain 289
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=233b9c63-060b-4312-961b-642f1fa96fdd&gdpr=0&gdpr_consent=&expires=30
Request Chain 290
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjNhYjMzODZhN2RjMDQyYmI3NTlmMWQ3OGZjNzc3YzIyM2ViMjUyZQ
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMmtKEbbKQ_rCxYY1oM83O0&google_cver=1
Request Chain 292
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQJ5XE5R-15-BRU0&ex=d-rubiconproject.com&status=ok
Request Chain 293
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/kSZLGGPtPFUV4cJEmvp5ycn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kf9lA8dE2oJLyiP3F97DsEwBuvBDcqkgwgPddQ--~A
Request Chain 294
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADqNE7LD7kAABYutNUDiQ&expires=30
Request Chain 295
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQJ5XE5R-15-BRU0&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQJ5XE5R-15-BRU0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQJ5XE5R-15-BRU0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1ESnpBcXJoRTJ1SEZTTmp3d2ozLmhVYWpZZW9lXzI4d35B&ovsid=LQJ5XE5R-15-BRU0&dpid=58160
Request Chain 296
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQJ5XE5R-15-BRU0
Request Chain 297
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQJ5XE5R-15-BRU0
Request Chain 298
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQJ5XE5R-15-BRU0&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQJ5XE5R-15-BRU0&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 299
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQJ5XE5R-15-BRU0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ5XE5R-15-BRU0 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ5XE5R-15-BRU0&ckls=true&ci=vLrj3mSL0U&nc=false&trid=1626405410
Request Chain 300
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQJ5XEJH-V-3EA HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQJ5XEJH-V-3EA&dnr=1

324 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.therecord.com/
Redirect Chain
  • http://therecord.com/whatson/artsentertainment/article/302309--theatre-veteran-domini-blythe-dies-in-montreal-at-age-63
  • https://www.therecord.com/whatson/artsentertainment/article/302309--theatre-veteran-domini-blythe-dies-in-montreal-at-age-63/
  • https://www.therecord.com/
526 KB
75 KB
Document
General
Full URL
https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
d203389fc33691e8051b6439102babc1253ee574b5d06d4af280504c2b0c3470
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
2736
cache-control
public, max-age=10
content-encoding
gzip
content-length
74890
content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 06:37:39 GMT
etag
W/8e47d22bc8003f91fe0d6eeeb251446e
last-modified
Sun, 24 Dec 2023 06:37:36 GMT
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy
strict-origin-when-cross-origin
vary
X-IPCountry, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.72.3; app5; 3.27s; 6.6M
x-ua-compatible
IE=edge
x-vcache
HIT
x-xrds-location
https://www.therecord.com/tncms/xrds/
x-xss-protection
1; mode=block

Redirect headers

age
0
cache-control
public, max-age=300
content-encoding
gzip
content-length
1462
content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 07:23:16 GMT
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
location
/
referrer-policy
strict-origin-when-cross-origin
vary
X-IPCountry, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.72.3; app9; 0.02s; 3.2M
x-vcache
MISS
x-xss-protection
1; mode=block
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/
98 KB
34 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Wed, 07 Jul 2021 20:09:22 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60e609f2-1882c"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc40572c-SYD
expires
Thu, 28 Nov 2024 08:36:06 GMT
user.js
www.therecord.com/shared-content/art/tncms/user/
3 KB
2 KB
Script
General
Full URL
https://www.therecord.com/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:18:55 GMT
content-encoding
gzip
last-modified
Wed, 20 Dec 2023 20:34:37 GMT
x-vcache
HIT
age
260
etag
W/"65834fdd-c46"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
1437
service-worker-allowed
/
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/
39 KB
11 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5d726a23-9bd8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc39572c-SYD
expires
Thu, 28 Nov 2024 08:36:06 GMT
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/
33 KB
13 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:06 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284e-841f"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc3d572c-SYD
expires
Sat, 30 Nov 2024 09:09:06 GMT
tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/
11 KB
4 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:13 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a921-2d77"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc38572c-SYD
expires
Thu, 28 Nov 2024 10:09:37 GMT
application.3c64d611e594b45dd35b935162e79d85.js
bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/
4 KB
2 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Fri, 27 Oct 2023 21:37:38 GMT
x-vcache
MISS
server
cloudflare
etag
W/"653c2da2-1102"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc3a572c-SYD
expires
Fri, 01 Nov 2024 06:14:41 GMT
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/
2 KB
951 B
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf0-9b8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc3f572c-SYD
expires
Wed, 27 Nov 2024 06:52:01 GMT
bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/
107 KB
18 KB
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:12 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a920-1ac2e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915bc26572c-SYD
expires
Thu, 28 Nov 2024 09:57:04 GMT
layout.9509b461cedc7767649ee83a5b35c177.css
bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/
154 KB
28 KB
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.9509b461cedc7767649ee83a5b35c177.css
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd2c680964b28dc283f3518e21720cd2f886e7bdb8d2f5b47809ef836c337d52
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:16 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a924-26683"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc27572c-SYD
expires
Thu, 28 Nov 2024 08:25:42 GMT
flex-utility-promo-designer.a27bf5e332f0dd667184ad38b7bf1638.css
bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/
8 KB
2 KB
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-designer.a27bf5e332f0dd667184ad38b7bf1638.css
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1139a764a2eae949ca1358aa7a387a7d6812f277016c070e28279f2639da412
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:08 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65662850-2021"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc28572c-SYD
expires
Sat, 30 Nov 2024 06:28:46 GMT
access.d7adebba498598b0ec2c.js
www.therecord.com/shared-content/art/tncms/api/
70 KB
29 KB
Script
General
Full URL
https://www.therecord.com/shared-content/art/tncms/api/access.d7adebba498598b0ec2c.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365

Request headers

Referer
https://www.therecord.com/
Origin
https://www.therecord.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:18:54 GMT
content-encoding
gzip
last-modified
Wed, 06 Dec 2023 17:55:11 GMT
x-vcache
HIT
age
262
etag
W/"6570b57f-1164b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
29242
service-worker-allowed
/
footer.nav.js
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/
2 KB
616 B
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/footer.nav.js?_dc=1702482774
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3e8f1eb1391780e4d77b2b47e6b25799bfccf566138ce3c3838989065a2776f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Wed, 13 Dec 2023 15:52:54 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6579d356-8f5"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc3c572c-SYD
expires
Thu, 12 Dec 2024 15:58:05 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
89 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
f712b6018254bbc628602217428af6ce6fb83c2a71db2053ff287330bc0fbcc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29112
x-xss-protection
0
server
cafe
etag
330 / 19715 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 07:23:17 GMT
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/
207 B
277 B
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:55 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf3-cf"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc3b572c-SYD
expires
Wed, 27 Nov 2024 13:42:09 GMT
tracking.js
www.therecord.com/shared-content/art/tncms/
3 KB
1 KB
Script
General
Full URL
https://www.therecord.com/shared-content/art/tncms/tracking.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:18:55 GMT
content-encoding
gzip
last-modified
Wed, 20 Dec 2023 20:34:37 GMT
x-vcache
HIT
age
261
etag
W/"65834fdd-a3a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
1157
service-worker-allowed
/
fontawesome.568f3d1ab17b33ce05854081baadadac.js
bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/
268 KB
98 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.568f3d1ab17b33ce05854081baadadac.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12288
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:53 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf1-43130"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71917ddf7572c-SYD
expires
Tue, 12 Nov 2024 14:00:10 GMT
amp-iframe-0.1.js
cdn.ampproject.org/v0/
25 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
4223e8178440140140accbdde18d9472237ea1c30d037e7b10547c0377a1c450
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8936
x-xss-protection
0
server
sffe
etag
"983117833e8e8e62"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 24 Dec 2023 07:23:17 GMT
launch-9387fe3a1e9f.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/
346 KB
79 KB
Script
General
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-97.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24148128a2798f06838595df2311ca2819a12886fa4b851f34fa25ce61a0735f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 06:36:04 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Sun, 24 Dec 2023 06:33:37 GMT
server
AmazonS3
via
1.1 5ecb1870eacf5c5cd4ef9910916dfe9e.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO20-C1
etag
W/"bd5083c679c19a4bfd42ae7491c88825"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
2834
x-amz-cf-id
ffrBcKvFtQL693hnAwW9aIL3zskS9PLbiE0BQpiaq_QjBj2gZPNngg==
be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/
517 KB
129 KB
Script
General
Full URL
https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b3cf42134c7069baf8bb3becde86e4198002c05ebe928d46feb451238d19ed6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
be54a597-6b6d-4e2d-9d31-642310a8db25
age
0
x-guploader-uploadid
ABPtcPpmFyPfCSCu1MaU8zKyFBwhxyVtCs6kOCmD_rVThxD11B5RCRzjddaK4OgBYpjRIbNyDLdxrzavYvC1eDiQuFT-
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
131206
last-modified
Mon, 04 Dec 2023 18:59:04 GMT
server
cloudflare
etag
"4214f8e67313465490e9ea8d6e67d4b7"
vary
Accept-Encoding
x-goog-generation
1701716344208732
content-type
application/javascript
x-goog-hash
crc32c=kOqrmg==, md5=QhT45nMTRlSQ6eqNbmfUtw==
cache-control
public, max-age=900
x-goog-stored-content-length
131206
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83a71919ca075539-SYD
expires
Sun, 24 Dec 2023 07:38:17 GMT
css2
fonts.googleapis.com/
36 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=STIX+Two+Text:ital,wght@0,500;0,600;0,700;1,500;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;500;600;700;800;900&family=Merriweather+Sans:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&display=swap
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f10.1e100.net
Software
ESF /
Resource Hash
85e1ef3c0d8442b0131cdc81c03f99a175a6b6cd326c8166a5867d1bf15a37d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Dec 2023 07:23:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 07:23:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Dec 2023 07:23:17 GMT
navigation.css
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/
10 KB
2 KB
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/navigation.css?_dc=1702482772
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d063ab8701f5932753a12e9b302d8345ed7ba488f2f3ca6d46912fb60ce2815
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Wed, 13 Dec 2023 15:52:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6579d354-28b1"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc30572c-SYD
expires
Thu, 12 Dec 2024 15:57:56 GMT
pages.css
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/
198 B
435 B
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/pages.css?_dc=1702482772
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4353442b296c53f51d82efc2617406d68cc278bd08c2ce4ca96daa9fcc2c77e3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Wed, 13 Dec 2023 15:52:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6579d354-c6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc2a572c-SYD
expires
Thu, 12 Dec 2024 15:57:56 GMT
blocks.css
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/
5 KB
1 KB
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/blocks.css?_dc=1702482772
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02d4a3e3bc55fb2c10464afa89e283d1d017f6a309634709009f0e3ec5455e26
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
75488
cross-origin-resource-policy
cross-origin
last-modified
Wed, 13 Dec 2023 15:52:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6579d354-12e6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc2c572c-SYD
expires
Fri, 13 Dec 2024 17:58:36 GMT
utilities.css
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/
628 B
436 B
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/utilities.css?_dc=1702482772
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68684d4e091795123c7797a602e056cac24a3355a95b3b198e4fbd65822afcd2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Wed, 13 Dec 2023 15:52:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6579d354-274"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc2e572c-SYD
expires
Thu, 12 Dec 2024 15:57:56 GMT
global.css
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/
34 KB
7 KB
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1702482772
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
640ffe794ffc6f498c928232b6433adfc359c060698f38d2eed5f88fe88f9cf6
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Wed, 13 Dec 2023 15:52:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6579d354-8894"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc32572c-SYD
expires
Thu, 12 Dec 2024 15:57:56 GMT
stn.css
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/
3 KB
779 B
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/stn.css?_dc=1702482772
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595550d27cabf0dad36e8ddae06a223716e7067ff08607b60e91adab5e06c748
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Wed, 13 Dec 2023 15:52:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6579d354-ded"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc33572c-SYD
expires
Thu, 12 Dec 2024 15:57:56 GMT
nonstar.css
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/
83 B
145 B
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/nonstar.css?_dc=1702482772
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
097d6bfb57ac60b2fa50fbd5aac8043e922fd7add70eed50d8f53c596c2219e6
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Wed, 13 Dec 2023 15:52:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6579d354-53"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc29572c-SYD
expires
Thu, 12 Dec 2024 15:57:56 GMT
storypacks.css
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/
52 KB
5 KB
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/storypacks.css?_dc=1702482772
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e51d53b4513a76861c42a278ecb208963d19159bd9077c004a980393cb858c9
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Wed, 13 Dec 2023 15:52:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6579d354-cf92"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc2d572c-SYD
expires
Thu, 12 Dec 2024 15:57:56 GMT
utilities.css
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/
32 KB
7 KB
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/utilities.css?_dc=1702482772
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f86eeb6f3a8265f926b028aee9f8b16aa92df48984fb86734f1e207ae8098f1c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Wed, 13 Dec 2023 15:52:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6579d354-80d5"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc31572c-SYD
expires
Thu, 12 Dec 2024 15:57:56 GMT
user-controls.css
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/
6 KB
2 KB
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/user-controls.css?_dc=1702482772
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53426bb3fb09b76cd18d82e241a6b581cd187e3c2c355abda74a072b46a68b95
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Wed, 13 Dec 2023 15:52:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6579d354-1839"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc2b572c-SYD
expires
Thu, 12 Dec 2024 15:57:56 GMT
icons.css
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/
11 KB
992 B
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1702482772
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b22acf3b276d3f419653cda2fcd12b7a8c87d2b0b34e44511b60a23ab72d7e6
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Wed, 13 Dec 2023 15:52:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6579d354-2dda"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc34572c-SYD
expires
Thu, 12 Dec 2024 15:57:56 GMT
site.css
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/site/resources/styles/
339 B
305 B
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/site/resources/styles/site.css?_dc=1672948891
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5348904074ca7f09e3078c2afcabad0f0c9cafcfc751566e93d90ceaa75b887
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Thu, 05 Jan 2023 20:01:31 GMT
x-vcache
MISS
server
cloudflare
etag
W/"63b72c9b-153"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71915cc36572c-SYD
expires
Thu, 28 Nov 2024 10:03:38 GMT
tracker.js
www.therecord.com/shared-content/art/stats/common/
9 KB
3 KB
Script
General
Full URL
https://www.therecord.com/shared-content/art/stats/common/tracker.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:21:33 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 14:44:35 GMT
x-vcache
HIT
age
103
etag
W/"64b94853-2200"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
3224
service-worker-allowed
/
a0e8d788-2006-11ee-9bfc-e39eaba5e978.png
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/custom/image/
7 KB
8 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/custom/image/a0e8d788-2006-11ee-9bfc-e39eaba5e978.png?resize=640%2C168
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25c579fb18405b859b9cb5e7ddc426edd1b75e5876d5f2fe32225901115cd6af
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
59583
cf-polished
origFmt=png, origSize=10866
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="a0e8d788-2006-11ee-9bfc-e39eaba5e978.webp"
content-length
7474
cf-bgj
imgq:85,h2pri
last-modified
Tue, 11 Jul 2023 16:18:53 GMT
server
cloudflare
x-vcache
MISS
etag
"51a70073b389381df9128cb4bb6ef54e"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a719169cb8572c-SYD
expires
Wed, 20 Nov 2024 20:48:38 GMT
6f4f885e-c992-11ed-b48d-47279ee70221.png
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/custom/image/
4 KB
5 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/custom/image/6f4f885e-c992-11ed-b48d-47279ee70221.png
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
010ce0e0393929c9224322da1c491e969fbf826ad87fc2b6329598a6c36ef6c0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
240189
cf-polished
origFmt=png, origSize=5944
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="6f4f885e-c992-11ed-b48d-47279ee70221.webp"
content-length
4538
cf-bgj
imgq:85,h2pri
last-modified
Thu, 23 Mar 2023 15:50:28 GMT
server
cloudflare
x-vcache
MISS
etag
"641c7544-1738"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a719169cba572c-SYD
expires
Wed, 20 Nov 2024 17:12:42 GMT
00ce6d10-200d-11ee-94a1-eb80dd45a33e.png
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/custom/image/
14 KB
14 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/custom/image/00ce6d10-200d-11ee-94a1-eb80dd45a33e.png
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3afca58941f1dd62cb55952af401eced7cf384800a9b48b378fc0f6d2f9036f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
43309
cf-polished
origFmt=png, origSize=18951
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="00ce6d10-200d-11ee-94a1-eb80dd45a33e.webp"
content-length
14372
cf-bgj
imgq:85,h2pri
last-modified
Tue, 11 Jul 2023 17:04:31 GMT
server
cloudflare
x-vcache
MISS
etag
"64ad8b9f-4a07"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a71916bce8572c-SYD
expires
Thu, 12 Dec 2024 16:38:46 GMT
aa449258-9f73-11ee-8607-ab6c62287767.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/custom/image/
2 KB
2 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/custom/image/aa449258-9f73-11ee-8607-ab6c62287767.jpg
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19d7568c9410ea5b1c6ff29d5327be3ddbead9da65f9c1830dce5d95a79fdb5a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
75488
cf-polished
qual=85, origFmt=jpeg, origSize=2973
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="aa449258-9f73-11ee-8607-ab6c62287767.webp"
content-length
2306
cf-bgj
imgq:85,h2pri
last-modified
Wed, 20 Dec 2023 20:09:22 GMT
server
cloudflare
x-vcache
MISS
etag
"658349f2-b9d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a71916bcec572c-SYD
expires
Thu, 19 Dec 2024 20:28:56 GMT
get.js
cdn.cityspark.com/wid/
2 KB
1 KB
Script
General
Full URL
https://cdn.cityspark.com/wid/get.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7D0) /
Resource Hash
2e4346aa7f0340066dfb5aa361ff449a438a172d5432719cd405e876a0d7b439

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 07:23:17 GMT
content-encoding
gzip
content-md5
8ouzdXeMpGxUBMAUF/mhkg==
age
130854
x-cache
HIT
content-length
1002
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 10 Mar 2023 18:25:29 GMT
server
ECAcc (nwa/E7D0)
etag
"0x8DB2194D3ACD75C+gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a1db617b-301e-00d6-1b09-35f6e4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
53bc41e4-c371-11ed-b48d-4f8c3261ff96.png
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/custom/image/
430 B
647 B
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/custom/image/53bc41e4-c371-11ed-b48d-4f8c3261ff96.png
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23fa8efe2f0f0055c5d2292e5358af1952aa38bb3bd98b0f18d338e3c3236134
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
1397786
cf-polished
origFmt=png, origSize=704
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="53bc41e4-c371-11ed-b48d-4f8c3261ff96.webp"
content-length
430
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Mar 2023 20:38:22 GMT
server
cloudflare
x-vcache
HIT
etag
"64122cbe-2c0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a71916ccff572c-SYD
expires
Sat, 30 Nov 2024 07:54:42 GMT
subscription-landing.css
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/
11 KB
2 KB
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/subscription-landing.css?_dc=1702482772
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fccb27bed15422298100f23773bbc262d36964eb5381ed360e06799db31b48f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Wed, 13 Dec 2023 15:52:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6579d354-2b4b"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71916cd0e572c-SYD
expires
Thu, 12 Dec 2024 15:58:09 GMT
tnt.ads.core.70d412172f30735865838caa3d6f42a0.js
bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/
13 KB
5 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.70d412172f30735865838caa3d6f42a0.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a23c44de48fb21cbcd562cdf009d5d3049c6e064dea597c2e00f4539487909d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:55 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf3-35a7"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71916dd1b572c-SYD
expires
Sat, 09 Nov 2024 06:53:37 GMT
sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/
4 KB
2 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:06 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284e-1010"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71916ed2a572c-SYD
expires
Fri, 29 Nov 2024 07:06:49 GMT
tnt.regions.b44801b45845a81b995eeaad12f4f276.js
bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/
4 KB
2 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.b44801b45845a81b995eeaad12f4f276.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c4711683ed6f2d79b7aebeb5f9d00be743a943159bdb57faf129412ed1de94c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf0-1021"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71916fd42572c-SYD
expires
Tue, 26 Nov 2024 07:03:56 GMT
liftigniter.min.js
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/
14 KB
5 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/liftigniter.min.js?_dc=1702482774
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
980c8780366c4be3d8e14ac0a98833e357313bd0c55e9cec1b5f16deec75c049
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:16 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Wed, 13 Dec 2023 15:52:54 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6579d356-37b0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a719171d60572c-SYD
expires
Thu, 12 Dec 2024 15:58:06 GMT
promo_popup.min.js
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/
3 KB
911 B
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/promo_popup.min.js?_dc=1702482774
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
516743678b07edcf236561fed911dd419248fe4e6ae651c201b2fbd90f2572b9
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Wed, 13 Dec 2023 15:52:54 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6579d356-a04"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a719172d68572c-SYD
expires
Thu, 12 Dec 2024 16:00:56 GMT
save.asset.js
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/
2 KB
712 B
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/save.asset.js?_dc=1702482774
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ac86cfcd875307be77577d580d25f3e0868dfeebd12080b3fe1044c378dbb9
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12288
cross-origin-resource-policy
cross-origin
last-modified
Wed, 13 Dec 2023 15:52:54 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6579d356-721"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71917ddf4572c-SYD
expires
Thu, 12 Dec 2024 15:58:06 GMT
vf-v2.js
cdn.viafoura.net/
860 KB
201 KB
Script
General
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-76.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2196688d207f9a82188db611ae912978d9c8216c2b4315784871bce6d42846d8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
YlbS_G4WAW7t_ds3W.YeUbIaDvXXT1Jm
content-encoding
br
via
1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
date
Sun, 24 Dec 2023 07:21:07 GMT
x-amz-cf-pop
SYD62-P2
age
130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:26 GMT
server
AmazonS3
etag
W/"70684489be37a1b0f601e0e4dcb4baad"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
83cPmWTXPFmiU_owIm-y0X3XIdAtV3La6MZ0Qj-yw5V83xFe65REAA==
gtm.js
www.googletagmanager.com/
232 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4e9aa22f92f889e6b0cce071e347e19f4e1ff2bb5aa4005f0827abb6317b6f9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79486
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Dec 2023 07:23:17 GMT
apstag.js
c.amazon-adsystem.com/aax2/
282 KB
70 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:02:47 GMT
content-encoding
gzip
via
1.1 9910b161083ec8200ad24e6d6beec168.cloudfront.net (CloudFront), 1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:12 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1, SYD62-P1
age
1231
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
oLIOD__G9QHlWQBkzwBTsqdYAbDT98sYNeRrXLcFCsLKi2godDucFA==
channels.cgi
torstar.gscontxt.net/main/
341 B
419 B
Script
General
Full URL
https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.therecord.com%2F
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.136.157.133 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
b3f63db6c4154448093f2d4642737e0aa755510c3fd698c833c0e22a8b628149

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
341
Content-Type
application/javascript
gtm.js
www.googletagmanager.com/
218 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WRSZQF8&gtm_auth=74eL4wQLYRNQ18AwQITlNA&gtm_preview=env-1&gtm_cookies_win=x
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2da6d9e0a402729a755699aece9f95df62f5f8dfa82744c697e0154cc838b64f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76096
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
5028
config.aps.amazon-adsystem.com/configs/
532 B
808 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/5028
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-56.syd62.r.cloudfront.net
Software
CloudFront /
Resource Hash
e649d736c29d48d189f98539b41cd359c2d0750296436741781c9f9656a2cea6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 06:46:25 GMT
via
1.1 0cd8fe15d9bdb168de9cd5f22954d220.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD62-P2
age
2212
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
K8hla1VUQNXpnxm-Nv4dOng8dRW0b_n_FQmyO0C53LfEx0HfjB82PA==
config
c.amazon-adsystem.com/cdn/prod/
557 B
915 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.therecord.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
Server /
Resource Hash
a880a40d0ffac150e2de4939d7e96cf7c24cf7215d539b2bb6bae44a5f1ea27e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:46:29 GMT
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P1
age
13007
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.therecord.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
557
x-amz-cf-id
KuM2xo0TDIt1Oe0arIJrmU2JQGeGHUPte39dTF3FSqjUp_HJ5mhpng==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 212ddd6c8eb82cf3007eedad5f05dca8.cloudfront.net (CloudFront)
date
Sat, 23 Dec 2023 21:38:07 GMT
x-amz-cf-pop
SYD62-P1
age
35110
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ISVR6EBEa5k5qdPHnawgpn_6xTtTJLpiV_cDGkrJu950rgYRVa1LZw==
tracker.gif
www.therecord.com/shared-content/art/stats/common/
0
145 B
Image
General
Full URL
https://www.therecord.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=170340259727416001200966533611352&tnms_dt=therecord.com&tnms_upage=1&tnms_do=www.therecord.com&tnms_uri=/&tnms_ref=&rt=1703402597278
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
x-vcache
MISS
age
0
etag
"48f79fed-0"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
0
guest.svg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/
662 B
541 B
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/guest.svg
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1702482772
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0acff355a123d849b520cf5a94fba9e18840b78a57f67e7ff984ad7272821d48
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1702482772
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Tue, 14 Nov 2023 18:59:26 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6553c38e-296"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a719190edd572c-SYD
expires
Thu, 28 Nov 2024 12:57:18 GMT
nbetting.png
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/
6 KB
6 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/nbetting.png
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1702482772
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2c767ec61f3ecd854a3b3aab3ed23168707aa1fc9cee0009643a72362d6bfdd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1702482772
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
12286
cf-polished
origFmt=png, origSize=11103
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="nbetting.webp"
content-length
6086
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Nov 2023 19:04:07 GMT
server
cloudflare
x-vcache
MISS
etag
"65678b27-2b5f"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a719190ede572c-SYD
expires
Thu, 28 Nov 2024 23:25:26 GMT
2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v26/
37 KB
38 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweathersans/v26/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=STIX+Two+Text:ital,wght@0,500;0,600;0,700;1,500;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;500;600;700;800;900&family=Merriweather+Sans:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
sffe /
Resource Hash
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.therecord.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 22:28:47 GMT
x-content-type-options
nosniff
age
32070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38268
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:13:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Dec 2024 22:28:47 GMT
truncated
/
73 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
indicator-icon-aggregation.svg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/
703 B
513 B
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/indicator-icon-aggregation.svg
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1702482772
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1702482772
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Wed, 13 Dec 2023 15:52:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6579d354-2bf"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a719193f0a572c-SYD
expires
Fri, 13 Dec 2024 18:42:31 GMT
chevron.svg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/
347 B
357 B
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/chevron.svg
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1702482772
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cefee4c660d3fc32a9c8957e4e5a464fde600f95d50d64e533e9c2b73d7ad2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1702482772
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Thu, 02 Nov 2023 14:59:12 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6543b940-15b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a719193f10572c-SYD
expires
Sat, 09 Nov 2024 10:34:15 GMT
warning-updated.svg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/
383 B
362 B
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/warning-updated.svg
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1702482772
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39af5bc38f03afb9bbcacadacdf8ce2adc5f6745217ef8868696c6cb38e2bfe0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1702482772
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12287
cross-origin-resource-policy
cross-origin
last-modified
Tue, 14 Nov 2023 18:59:26 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6553c38e-17f"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a719193f11572c-SYD
expires
Wed, 27 Nov 2024 07:18:59 GMT
j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
fonts.gstatic.com/s/frankruhllibre/v20/
43 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/frankruhllibre/v20/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=STIX+Two+Text:ital,wght@0,500;0,600;0,700;1,500;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;500;600;700;800;900&family=Merriweather+Sans:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
sffe /
Resource Hash
fbc774cb96be46cab2c4f68a761ba7f4b5cfa0bd2d7a9487e1fbed4b60e547c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.therecord.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 20:43:02 GMT
x-content-type-options
nosniff
age
470415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44476
x-xss-protection
0
last-modified
Thu, 22 Jun 2023 15:33:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Dec 2024 20:43:02 GMT
6585e88f54a18.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/8/3d/83df2ab7-c61f-5f1d-b19b-8ee39a8833e4/
31 KB
31 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/8/3d/83df2ab7-c61f-5f1d-b19b-8ee39a8833e4/6585e88f54a18.image.jpg?crop=1662%2C1108%2C0%2C69&resize=400%2C267&order=crop%2Cresize
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb3bd3346239075a2d2d6fb32897f25aaa7b855e443c401117a7edd1a0f12468
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
43357
cf-polished
origSize=31693, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Dec 2023 19:50:40 GMT
server
cloudflare
x-vcache
MISS
etag
"5da66bca462d53a8774593424e61fbcb"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a719196f38572c-SYD
expires
Sun, 22 Dec 2024 11:09:13 GMT
6586fc96dd5e6.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/b/be/bbed47d7-8688-5192-b9cd-1dbf201c1c58/
6 KB
6 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/b/be/bbed47d7-8688-5192-b9cd-1dbf201c1c58/6586fc96dd5e6.image.jpg?crop=1589%2C1059%2C184%2C0&resize=150%2C100&order=crop%2Cresize
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d88f7eb998b1aa3de53ff1b381370d98ed72233c6a5b97ca3f1dbdfba240bc23
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
43351
cf-polished
origSize=5978, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
5864
cf-bgj
imgq:85,h2pri
last-modified
Sat, 23 Dec 2023 15:28:23 GMT
server
cloudflare
x-vcache
MISS
etag
"b638e2fdcebe55d3f3c89ddef3e03f76"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a719196f39572c-SYD
expires
Sun, 22 Dec 2024 15:37:32 GMT
65872ecb7f872.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/d/c0/dc043ec7-5570-5257-99e8-7135ccd5f140/
11 KB
12 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/d/c0/dc043ec7-5570-5257-99e8-7135ccd5f140/65872ecb7f872.image.jpg?crop=1175%2C783%2C0%2C489&resize=300%2C200&order=crop%2Cresize
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
499619c7647a44fbdebe2ad9d4d43cd2e339e089b449a829ff3fea709067f14e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=11810, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Sat, 23 Dec 2023 19:02:36 GMT
server
cloudflare
x-vcache
MISS
etag
"1b908398155f8815945da1f7f0916d6a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a719196f3a572c-SYD
expires
Sun, 22 Dec 2024 19:07:05 GMT
6585e88f54a18.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/8/3d/83df2ab7-c61f-5f1d-b19b-8ee39a8833e4/
10 KB
10 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/8/3d/83df2ab7-c61f-5f1d-b19b-8ee39a8833e4/6585e88f54a18.image.jpg?resize=200%2C150
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adab1ef5df8c4a0133a66d8ea95c3ee1a43ca015cfad5599c55267de6743d318
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=10469, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
10322
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Dec 2023 19:50:40 GMT
server
cloudflare
x-vcache
MISS
etag
"b02af293bc7ad59726792e89764a2285"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a719197f43572c-SYD
expires
Sun, 22 Dec 2024 11:05:03 GMT
6586fc96dd5e6.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/b/be/bbed47d7-8688-5192-b9cd-1dbf201c1c58/
8 KB
8 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/b/be/bbed47d7-8688-5192-b9cd-1dbf201c1c58/6586fc96dd5e6.image.jpg?resize=200%2C108
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556f08234184ee5efa19a1284989bd7c260b964ca4cd189fdc8862d438c63113
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=8040, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
7893
cf-bgj
imgq:85,h2pri
last-modified
Sat, 23 Dec 2023 15:28:23 GMT
server
cloudflare
x-vcache
MISS
etag
"c15f017a5272ff499474af774878435d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a719197f44572c-SYD
expires
Sun, 22 Dec 2024 15:32:10 GMT
65872ecb7f872.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/d/c0/dc043ec7-5570-5257-99e8-7135ccd5f140/
12 KB
13 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/d/c0/dc043ec7-5570-5257-99e8-7135ccd5f140/65872ecb7f872.image.jpg?resize=200%2C300
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa9a4941dbb2401b267dfc0ec934246a0b8232ed45cdfb39f0f8e09113ca8d0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=12871, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Sat, 23 Dec 2023 19:02:36 GMT
server
cloudflare
x-vcache
MISS
etag
"ff9cfb1048e08cc8a4bddf88d1df6861"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a719197f45572c-SYD
expires
Sun, 22 Dec 2024 19:03:42 GMT
6585dd73c32b3.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/0/e6/0e634b1c-a5bc-5117-b99b-2e114aedcbb5/
5 KB
5 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/0/e6/0e634b1c-a5bc-5117-b99b-2e114aedcbb5/6585dd73c32b3.image.jpg?resize=200%2C120
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e89e6e59f1839ee2fb0a9a8395735db5ccbfa176e22e23ea50f26f83674c047
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=5585
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="6585dd73c32b3.webp"
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Dec 2023 19:03:16 GMT
server
cloudflare
x-vcache
MISS
etag
"1b8295d468bc7ae0b9082510d5665a2f"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a719197f46572c-SYD
expires
Sat, 21 Dec 2024 20:08:12 GMT
6584a34aab190.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/9/68/9684a743-c603-5cc6-98f7-bcd29f8f9f97/
7 KB
8 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/9/68/9684a743-c603-5cc6-98f7-bcd29f8f9f97/6584a34aab190.image.jpg?resize=200%2C132
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b100b3a77d34b56a56838aeff0bbfdaa3f5c17c3be9c1e3ca5238d6c2e40e1f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=7725, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
7598
cf-bgj
imgq:85,h2pri
last-modified
Thu, 21 Dec 2023 20:42:51 GMT
server
cloudflare
x-vcache
MISS
etag
"dae2b8244cd8eb7f6f61888950db5d4a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a719197f47572c-SYD
expires
Sat, 21 Dec 2024 11:01:30 GMT
48ead284-a1cb-11ed-8115-5cb9017b77dc.4f00f9fe7da1c28b08a7c8f25d9b1048.png
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/avatars/4/8e/ad2/
9 KB
9 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/avatars/4/8e/ad2/48ead284-a1cb-11ed-8115-5cb9017b77dc.4f00f9fe7da1c28b08a7c8f25d9b1048.png?_dc=1675213001
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3905b07f1e5d0b11aa1c97a11eefe6fb1a72edd021033b0c5111cd89ece7e1c8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
75489
cf-polished
origFmt=png, origSize=13774
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="48ead284-a1cb-11ed-8115-5cb9017b77dc.webp"
content-length
9500
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Feb 2023 00:56:41 GMT
server
cloudflare
x-vcache
MISS
etag
"63d9b8c9-35ce"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a719197f49572c-SYD
expires
Sat, 30 Nov 2024 06:59:29 GMT
fc8d884e-951e-11ee-8b92-83801fc3323b.706b3ba770ddb15a8d6590a03c2f7fce.png
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/avatars/f/c8/d88/
94 KB
94 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/avatars/f/c8/d88/fc8d884e-951e-11ee-8b92-83801fc3323b.706b3ba770ddb15a8d6590a03c2f7fce.png?_dc=1701967116
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bb07a412c67aaeab605cf9bda5f8f60b6d652b16a13c18dbc28adde74cb4f39
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
43358
cf-polished
origFmt=png, origSize=132424
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="fc8d884e-951e-11ee-8b92-83801fc3323b.webp"
content-length
95760
cf-bgj
imgq:85,h2pri
last-modified
Thu, 07 Dec 2023 16:38:36 GMT
server
cloudflare
x-vcache
MISS
etag
"6571f50c-20548"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a719197f4a572c-SYD
expires
Sun, 22 Dec 2024 12:07:52 GMT
1b257a8c-a2cc-11ed-98c9-8f310e9ab38b.784b653fa494d1b84d4bf6df570ed4b7.png
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/avatars/1/b2/57a/
420 B
614 B
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/avatars/1/b2/57a/1b257a8c-a2cc-11ed-98c9-8f310e9ab38b.784b653fa494d1b84d4bf6df570ed4b7.png?_dc=1675323303
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d683c982077343a5bff3cb148b821aedc8ed3d22b6d34a852f486b2b6e76484c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
43357
cf-polished
origFmt=png, origSize=642
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="1b257a8c-a2cc-11ed-98c9-8f310e9ab38b.webp"
content-length
420
cf-bgj
imgq:85,h2pri
last-modified
Thu, 02 Feb 2023 07:35:03 GMT
server
cloudflare
x-vcache
MISS
etag
"63db67a7-282"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a719197f4b572c-SYD
expires
Sat, 21 Dec 2024 15:12:16 GMT
6585e8cdd8b5f.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/3/de/3dec52e6-b1ff-566c-9a90-37ab78b309cb/
7 KB
8 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/3/de/3dec52e6-b1ff-566c-9a90-37ab78b309cb/6585e8cdd8b5f.image.jpg?resize=200%2C133
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61119328a3232091ad58db3511445742780be38b16a0e06283b9c4dbaf69de97
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:18 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=7638, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
7490
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Dec 2023 19:51:42 GMT
server
cloudflare
x-vcache
MISS
etag
"6a1c971dc424995ba49e2e749fa35b78"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a719197f4d572c-SYD
expires
Sat, 21 Dec 2024 19:59:43 GMT
6584abf448972.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/c/9f/c9ff8ff9-ed55-59e2-8087-ab83814e4e13/
5 KB
5 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/c/9f/c9ff8ff9-ed55-59e2-8087-ab83814e4e13/6584abf448972.image.jpg?resize=200%2C120
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e0b54025fb5b7d338494a01ba90750c0bf6825ba8f1efc1f14e5a56c8552dd3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=5206, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
4999
cf-bgj
imgq:85,h2pri
last-modified
Thu, 21 Dec 2023 21:19:48 GMT
server
cloudflare
x-vcache
MISS
etag
"52455ec5670971b99be26342076cad50"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a719197f4e572c-SYD
expires
Fri, 20 Dec 2024 21:26:39 GMT
658324890dd41.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/1/a8/1a8aa6db-b47d-5a7f-94a1-d8e79fdd4e4c/
7 KB
7 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/1/a8/1a8aa6db-b47d-5a7f-94a1-d8e79fdd4e4c/658324890dd41.image.jpg?resize=200%2C139
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d92a9dca3b40cf5ab2b8dac0136b389bcb989d8fd3a681d45a43deada776cbf6
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=6847, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
6694
cf-bgj
imgq:85,h2pri
last-modified
Wed, 20 Dec 2023 17:29:45 GMT
server
cloudflare
x-vcache
MISS
etag
"137306d0ff91fd3bb52cedc6f0763117"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a719197f4f572c-SYD
expires
Thu, 19 Dec 2024 17:35:23 GMT
6585e5d77e46c.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/0/1c/01c46126-5e6d-58fe-a9a9-3fdd586c4781/
5 KB
5 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/0/1c/01c46126-5e6d-58fe-a9a9-3fdd586c4781/6585e5d77e46c.image.jpg?resize=200%2C267
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56f952668f2715f2437df37dd9cb3528cd5e7bcf2c4af40c4b98713c3b829a6c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=6043
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="6585e5d77e46c.webp"
content-length
5310
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Dec 2023 19:39:03 GMT
server
cloudflare
x-vcache
MISS
etag
"466f3f9eba1a2b2c39f9fcb4cf1ec949"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a719197f50572c-SYD
expires
Sat, 21 Dec 2024 19:45:54 GMT
2-c79IRs1JiJN1FRAMjTN5zd9vgsFHXwcjfj9w.woff2
fonts.gstatic.com/s/merriweathersans/v26/
37 KB
37 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweathersans/v26/2-c79IRs1JiJN1FRAMjTN5zd9vgsFHXwcjfj9w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=STIX+Two+Text:ital,wght@0,500;0,600;0,700;1,500;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;500;600;700;800;900&family=Merriweather+Sans:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
sffe /
Resource Hash
2736d55a4da2c1d7e1cec02b86d6432aabe15a41f5f86803b5fa5fbe3cae8a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.therecord.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 22:29:55 GMT
x-content-type-options
nosniff
age
32002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37848
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:30:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Dec 2024 22:29:55 GMT
pxid
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/
46 B
386 B
XHR
General
Full URL
https://be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/pxid?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
88d96e2e4a87b3606620b406a19aafb67a0dc17d03331e07311d9d9649934103

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/
11 B
575 B
XHR
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:17 GMT
an-x-request-uuid
ab2be922-eda1-48ad-abd0-449e0bb28934
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.therecord.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.168; 66.203.112.168; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
f13b93bf-5191-478b-9237-ced7abaa4207
https://www.therecord.com/
225 KB
0
Other
General
Full URL
blob:https://www.therecord.com/f13b93bf-5191-478b-9237-ced7abaa4207
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72956fed691627b50461a9176d096dbfdebe035fab5f653b8b8098d869919d7f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
230409
Content-Type
0a75654f-7209-40db-93ac-6014847cf168
https://www.therecord.com/
225 KB
0
Other
General
Full URL
blob:https://www.therecord.com/0a75654f-7209-40db-93ac-6014847cf168
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72956fed691627b50461a9176d096dbfdebe035fab5f653b8b8098d869919d7f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
230409
Content-Type
geoip
api.permutive.com/v2.0/
255 B
364 B
XHR
General
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
db6a5237d278444f70bd3bdd2deb68c9ffc094eabada956c4141693aaadd837b

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177
watson
api.permutive.com/v2.0/
2 B
78 B
XHR
General
Full URL
https://api.permutive.com/v2.0/watson?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
ihiintppnq09v2ke-nbc.js
cdn.petametrics.com/
178 KB
51 KB
Script
General
Full URL
https://cdn.petametrics.com/ihiintppnq09v2ke-nbc.js?ts=473167
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/liftigniter.min.js?_dc=1702482774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.60.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
363a68f72d541a0a73e23f029b00fc9b8a7d1208c3b06717025b88658cfa56da

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
content-encoding
gzip
via
1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront)
x-amz-version-id
1azqHUrGEowdCzxvJZRGoEv12uu30a8E
cf-cache-status
HIT
x-amz-cf-pop
SYD62-P1
age
2533873
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 16 Nov 2023 21:16:08 GMT
server
cloudflare
etag
W/"c12388fe5f207947ef154e1630be6d38"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=691200, s-maxage=31536000
cf-ray
83a7191d6d03571a-SYD
x-amz-cf-id
6b902G-BioKpU0t0CmmXIt7m4SdELXXgRVnf-VpKDc5S1lhKG-iSbw==
v2
api.viafoura.co/v2/www.therecord.com/bootstrap/
7 KB
3 KB
XHR
General
Full URL
https://api.viafoura.co/v2/www.therecord.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-167-202.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f7a7effa7c9dc38a649a6570b37716e1dd18730e00500af2cc5bd2495025ef13

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-0343858b0f6c5814a
pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.therecord.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sun, 24 Dec 2023 07:23:19 GMT
v2
api.viafoura.co/v2/www.therecord.com/bootstrap/ Frame
0
0
Preflight
General
Full URL
https://api.viafoura.co/v2/www.therecord.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-167-202.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.therecord.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.therecord.com
access-control-max-age
1728000
cache-control
max-age=0
date
Sun, 24 Dec 2023 07:23:18 GMT
expires
Sun, 24 Dec 2023 07:23:18 GMT
server
nginx/1.18.0 (Ubuntu)
10913.jsx
cdn-p.cityspark.com/wid/
44 KB
7 KB
Script
General
Full URL
https://cdn-p.cityspark.com/wid/10913.jsx?b=1703402597692&on=aHR0cHM6Ly93d3cudGhlcmVjb3JkLmNvbS8=&callback=jsonp10913
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
54fa8102460d66365c29c5696d4340eae2ad2a74ccf56f93dc5e61a5cde3271d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 24 Dec 2023 09:23:19 GMT
date
Sun, 24 Dec 2023 07:23:19 GMT
content-encoding
gzip
strict-transport-security
max-age=0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=7200
x-proxy-cache
HIT
6585dd73c32b3.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/0/e6/0e634b1c-a5bc-5117-b99b-2e114aedcbb5/
4 KB
4 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/0/e6/0e634b1c-a5bc-5117-b99b-2e114aedcbb5/6585dd73c32b3.image.jpg?crop=1673%2C1115%2C93%2C0&resize=150%2C100&order=crop%2Cresize
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
385d4463baee9183ec7502890835d49c962272f0c9faa3878df54ce66974ea99
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=4087
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="6585dd73c32b3.webp"
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Dec 2023 19:03:16 GMT
server
cloudflare
x-vcache
MISS
etag
"7553cbc7a29899638eee1ccc67da50ad"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a7191bd94e572c-SYD
expires
Sat, 21 Dec 2024 20:20:34 GMT
6584a34aab190.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/9/68/9684a743-c603-5cc6-98f7-bcd29f8f9f97/
5 KB
5 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/9/68/9684a743-c603-5cc6-98f7-bcd29f8f9f97/6584a34aab190.image.jpg?crop=1754%2C1169%2C9%2C0&resize=150%2C100&order=crop%2Cresize
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d38d2b1846e1d3737c31c32674fe74a132a536ec779f634563e84b7dd169903
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
75480
cf-polished
origSize=5074, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Thu, 21 Dec 2023 20:42:51 GMT
server
cloudflare
x-vcache
MISS
etag
"ca6dce7200d0ad30240faf72dc508b09"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a7191bd94f572c-SYD
expires
Sat, 21 Dec 2024 11:30:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/
431 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 23:59:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
26657
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 22 Dec 2024 23:59:00 GMT
web-vitals.iife.js
unpkg.com/web-vitals@3.5.0/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@3.5.0/dist/web-vitals.iife.js
7 KB
3 KB
Script
General
Full URL
https://unpkg.com/web-vitals@3.5.0/dist/web-vitals.iife.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Server
104.16.122.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7688a97a3cf3ee4a4f04f8b3596ca5c89d63f4e57280907e688dcdd8dd52b49f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
248765
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HJ5Y25GWXS9QNFWZ7R61HYBB-syd
server
cloudflare
etag
W/"1c0d-zW8RvTlYH7YAF4tIT+4z8RfNaCg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
83a7191ec94fa86b-SYD

Redirect headers

date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HJDB3DMHF64V9NPSN49QXVS4-syd
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
211
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@3.5.0/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
83a7191ea941a86b-SYD
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 07:16:38 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
400
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 24 Dec 2023 09:16:38 GMT
gtm.js
www.googletagmanager.com/
180 KB
64 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e6f3e919b3a4d9fda8276639eb7563250584432f748ef174975637eb744e09eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65171
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Dec 2023 07:23:17 GMT
gtm.js
www.googletagmanager.com/
223 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
5c3e2ff5b33db716b29c77a7188b70d1af7372236112f4fb0bd3643d3349c197
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71029
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Dec 2023 07:23:18 GMT
bid
aax.amazon-adsystem.com/e/dtb/
127 B
462 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.therecord.com%2F&pid=qskPKlc3zd4S8&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-2834916%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F58580620%2Fthe_record%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-2834886%22%2C%22s%22%3A%5B%222x1%22%5D%2C%22sn%22%3A%22%2F58580620%2Fthe_record%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-2834892%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F58580620%2Fthe_record%2Fhomepage%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.114.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-114-43.syd62.r.cloudfront.net
Software
Server /
Resource Hash
1b29af82ad757fab4ab348e30008412ea6380c49637bff2366212fbd7d6ea236

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:17 GMT
via
1.1 f10eedb52fc0d82204e85d20112deafa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
127
x-amz-cf-id
-4gbViI0_f5DQlBrSgsRhYHaz69qk0NpZVIFS78K13_HGZ7ErCCbkQ==
id
dpm.demdex.net/
387 B
932 B
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1703402597976
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.25.18.8 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-25-18-8.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
2fac51b566a2fc858b007274ce2800f2b778d7fb0bb1f33973b0b870caab6f91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-apse2-1-v054-019168096.edge-apse2.demdex.com 2 ms
pragma
no-cache
date
Sun, 24 Dec 2023 07:23:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
nOAr7fZjQ/c=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://www.therecord.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
325
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/
34 KB
13 KB
Script
General
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-97.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 06:36:05 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Sun, 24 Dec 2023 06:33:21 GMT
server
AmazonS3
via
1.1 5ecb1870eacf5c5cd4ef9910916dfe9e.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO20-C1
etag
W/"208eb534ea01036a4fca64e6715ccf3f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
2834
x-amz-cf-id
sKgNj6cHf9iId5YxhgoktXv4QNRjNz1BZx0-dfBsfBxTuOf0pi7O-g==
AppMeasurement_Module_ActivityMap.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/
3 KB
2 KB
Script
General
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/hostedLibFiles/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-97.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 06:36:05 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Sun, 24 Dec 2023 06:33:21 GMT
server
AmazonS3
via
1.1 5ecb1870eacf5c5cd4ef9910916dfe9e.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO20-C1
etag
W/"f1e098a5dd836ea5fc9726c429c8d71d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
2834
x-amz-cf-id
KdN5Dbr4I7VmS62amz4IX5yrSESmCgYEzy2ScBU1UQB5CN30hHJuiA==
RC9f725ac8963342e9b34d5612ce298a81-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/
440 B
803 B
Script
General
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/RC9f725ac8963342e9b34d5612ce298a81-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-97.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02e406be3baa8bc806c3cd234922e40bba42fa77a527b3e110036f387bc5308e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 06:36:05 GMT
x-amz-version-id
null
via
1.1 5ecb1870eacf5c5cd4ef9910916dfe9e.cloudfront.net (CloudFront)
last-modified
Sun, 24 Dec 2023 06:33:20 GMT
server
AmazonS3
x-amz-cf-pop
SFO20-C1
age
2834
etag
"8d247933f76a02b58ae3c3c80a91bf2f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
440
x-amz-cf-id
x7-uX_2zi8FGoqQ1aQ7gZvj0_M2Okbw45XDAu7bT6dM38w2qr0lhyg==
model
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
152 KB
25 KB
XHR
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/model
Requested by
Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/ihiintppnq09v2ke-nbc.js?ts=473167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
5239bcfb6ee7d8e7ef57e9e2f099e25ff815623b9f0720e26eabf00c7002e64f

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
gzip
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
model
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
143 KB
24 KB
XHR
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/model
Requested by
Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/ihiintppnq09v2ke-nbc.js?ts=473167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
4f13f8403a51b44b1334c8d01fe1deaf89f1bd621ba1e87eb1e71ee67055e291

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
gzip
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
model
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
124 KB
20 KB
XHR
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/model
Requested by
Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/ihiintppnq09v2ke-nbc.js?ts=473167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
046a5a8aa6195f51f064fa5ab11fcb04f724205196756cd0f0651a4f864e51ba

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
gzip
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
model
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
156 KB
26 KB
XHR
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/model
Requested by
Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/ihiintppnq09v2ke-nbc.js?ts=473167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
2c103c14935cc049090fcaf4ce464b17f62be2011cdedb42cfcebe477b801d87

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
gzip
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
model
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
107 KB
22 KB
XHR
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/model
Requested by
Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/ihiintppnq09v2ke-nbc.js?ts=473167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
c50a3f44acc6f9ca8699a3450e42fab0b63adeff20a44006072a4665d81e6ab8

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
gzip
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
model
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
133 KB
22 KB
XHR
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/model
Requested by
Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/ihiintppnq09v2ke-nbc.js?ts=473167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
0cf4519425b5ee5582d49d5287424ac977bbe5275d6fe4895caf068e7b86e23a

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
gzip
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
model
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
102 KB
21 KB
XHR
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/model
Requested by
Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/ihiintppnq09v2ke-nbc.js?ts=473167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
97889ad7ba2e93b0913df62ef0daaa81f7270ee51f6f184f97a58b0bb854f006

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
gzip
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
model
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
134 KB
22 KB
XHR
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/model
Requested by
Host: cdn.petametrics.com
URL: https://cdn.petametrics.com/ihiintppnq09v2ke-nbc.js?ts=473167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
f50f458808a55f20250fcd9972d2aee37823e1177d081f2432e69a25e6f9b8c5

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
gzip
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
identify
api.permutive.com/v2.0/
50 B
88 B
XHR
General
Full URL
https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
0d66cb7714bbebbd2e86cabd0a01bdcb38f5f3fd6b7df4aef5ef0c92af90c5b5

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
segment
api.permutive.com/adv/v2/
14 B
69 B
XHR
General
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
RC0f1bdacccb3649fa8889eca3a0358cc8-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/
1 KB
1 KB
Script
General
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/RC0f1bdacccb3649fa8889eca3a0358cc8-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-97.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89934847c372d12ce50d2dfc8c65830943897609ca1cd786afa4561c8b345f4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 06:36:05 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Sun, 24 Dec 2023 06:33:19 GMT
server
AmazonS3
via
1.1 5ecb1870eacf5c5cd4ef9910916dfe9e.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO20-C1
etag
W/"f5979fd45382e347a9c45cd0b3aea42f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
2834
x-amz-cf-id
Id8EcEtmoXbhIsSbvSyXaxAvMlfd5xtkpkehg6h6grB1qkgnhplCOA==
RC3d6958a6993a47ebb321af62b90ee76e-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/
1 KB
988 B
Script
General
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/RC3d6958a6993a47ebb321af62b90ee76e-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-97.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a32d1b07af89513f45e0c8e201411e4adfe0b332b96739131dc3d77f736691a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 06:36:05 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Sun, 24 Dec 2023 06:33:19 GMT
server
AmazonS3
via
1.1 5ecb1870eacf5c5cd4ef9910916dfe9e.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO20-C1
etag
W/"1791d6c7c634657ac60c27a7091e527a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
2834
x-amz-cf-id
DDtdmizc9jWakQ1fhafWkRG2eEeP5B7NyUG3NuRVmWqxbdEKyqjoeQ==
RCe44b456ffefb4108827a305381ec57a0-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/
1 KB
938 B
Script
General
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/RCe44b456ffefb4108827a305381ec57a0-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-97.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38f8f0159d3a0413f14a75d0074c1d8a1ffca1fa8acb818b86684bb11628e3b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 06:36:05 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Sun, 24 Dec 2023 06:33:21 GMT
server
AmazonS3
via
1.1 5ecb1870eacf5c5cd4ef9910916dfe9e.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO20-C1
etag
W/"bd22bd4e3198be5452e588cf0970375f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
2834
x-amz-cf-id
6fHomu1NTOyIgNFL9BAbmwdlawoJ8Y6MKfV2JbavlXbzMkV7YfQqtw==
RC4f709fe392744b9c91df4e7f62a857cf-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/
1002 B
953 B
Script
General
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/RC4f709fe392744b9c91df4e7f62a857cf-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-97.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d33e95af1d7e00a025851cc0fe96c45bc900e06724afb79b28f078592fdf5c2c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 06:36:05 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Sun, 24 Dec 2023 06:33:19 GMT
server
AmazonS3
via
1.1 5ecb1870eacf5c5cd4ef9910916dfe9e.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO20-C1
etag
W/"48646c55337daacc21d363b335ff5d1d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
2834
x-amz-cf-id
1YAjcOcmfSZNz21_a9PhGaEqiBJvmE1PXQmJrKQlizHAZWowX4WrPg==
RCcfe6b6b53be2406fbe89ae856e611799-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/
962 B
1 KB
Script
General
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/RCcfe6b6b53be2406fbe89ae856e611799-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-97.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63e160a19d39f11cbf010500b638b69f89cd5414158b7e65c50d419c26a4dfb4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 06:36:05 GMT
x-amz-version-id
null
via
1.1 5ecb1870eacf5c5cd4ef9910916dfe9e.cloudfront.net (CloudFront)
last-modified
Sun, 24 Dec 2023 06:33:20 GMT
server
AmazonS3
x-amz-cf-pop
SFO20-C1
age
2834
etag
"e11fc42557017641a773cea5c9fc037b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
962
x-amz-cf-id
MNSET6tl7JMBTZB6tLCwn3mGde6UCISHBMwQUgHwaCd1Jj3-NeEqFA==
RC69deb665ae0842ac9db79297e1f79c71-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/
1 KB
902 B
Script
General
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/RC69deb665ae0842ac9db79297e1f79c71-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-97.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96f7e30a4cc5df94843a8087d01d17d7bbcbf4b771da582a763c8b92f3f35890

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 06:36:05 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Sun, 24 Dec 2023 06:33:20 GMT
server
AmazonS3
via
1.1 5ecb1870eacf5c5cd4ef9910916dfe9e.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO20-C1
etag
W/"0ce4f57af6ac139a5e5cdfd57898f772"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
2834
x-amz-cf-id
oNdHx51XTE_DbIP09Cfoz8nWhQzswLCMA8605n-VDXdDt0eQmHruzw==
RC46b3c3a10db94f02990aa403a742b5bb-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/
965 B
1 KB
Script
General
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/RC46b3c3a10db94f02990aa403a742b5bb-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-97.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f12019df132ad610b28cc02da1b21b792d534213143536ce09d5b8b9433cc99

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 06:36:05 GMT
x-amz-version-id
null
via
1.1 5ecb1870eacf5c5cd4ef9910916dfe9e.cloudfront.net (CloudFront)
last-modified
Sun, 24 Dec 2023 06:33:19 GMT
server
AmazonS3
x-amz-cf-pop
SFO20-C1
age
2834
etag
"15370db4865f2d362d83965bf50783e9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
965
x-amz-cf-id
rbqEFqZrZ0rUqwdfY3pwT1LPjO0l-ggvnqaTX4UsViRRlI71N7k5cg==
RC1c8b567dd1b141a5989c8315908f6d83-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/
953 B
1 KB
Script
General
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/RC1c8b567dd1b141a5989c8315908f6d83-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-97.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fdd8374a779e06a48d7a3f42ffe46ff6776908cba3f2f01fd341fcb1338cd4e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 06:36:05 GMT
x-amz-version-id
null
via
1.1 5ecb1870eacf5c5cd4ef9910916dfe9e.cloudfront.net (CloudFront)
last-modified
Sun, 24 Dec 2023 06:33:19 GMT
server
AmazonS3
x-amz-cf-pop
SFO20-C1
age
2834
etag
"437e174817d1249d56864f103c0555dc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
953
x-amz-cf-id
N-r0stnCEJZLDxGUJLUd-114RNm3lHPR7zPJpCTPXLFcyJmX0BxArg==
RCc3b7404652e8424481a4953e40b04aeb-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/
4 KB
1 KB
Script
General
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/RCc3b7404652e8424481a4953e40b04aeb-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-97.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ffbc359dbfd6b0fe03fc4fe7e521951903c34322e2ef47a2f1216e965e6124d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 06:36:05 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Sun, 24 Dec 2023 06:33:20 GMT
server
AmazonS3
via
1.1 5ecb1870eacf5c5cd4ef9910916dfe9e.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO20-C1
etag
W/"28afab2fe4453f0c53e7f6007e85dbbf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
2834
x-amz-cf-id
ePQ4AaaYXfdmUGQ9RFIT1PDl1nHQgPOUq3VIGuC_9hn8kbg4RsONJw==
dest5.html
torontostarnewspaperslimited.demdex.net/ Frame E280
7 KB
3 KB
Document
General
Full URL
https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.25.18.8 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-25-18-8.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.therecord.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 24 Dec 2023 07:23:18 GMT
dcs
dcs-prod-apse2-2-v054-0c2b49d20.edge-apse2.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Fri, 3 Nov 2023 21:17:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
1i7DWUj7Trs=
id
s.therecord.com/
48 B
460 B
XHR
General
Full URL
https://s.therecord.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=55191048256226655211603504608910802180&ts=1703402598196
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.56.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-56-117.data.adobedc.net
Software
jag /
Resource Hash
2415eca9065c5c386c960c79007e793470fdb3bbb9f855097b64723b3e6639dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 24 Dec 2023 07:23:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.therecord.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZYfcZgAAALBSywN-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=55199463295850422351607168902819030798
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYfcZgAAALBSywN-
42 B
718 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYfcZgAAALBSywN-
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Server
3.25.18.8 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-25-18-8.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs
dcs-prod-apse2-1-v054-01d15901a.edge-apse2.demdex.com 2 ms
pragma
no-cache
date
Sun, 24 Dec 2023 07:23:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
aPRWimZ1Qvg=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYfcZgAAALBSywN-
Date
Sun, 24 Dec 2023 07:23:18 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
ads
securepubads.g.doubleclick.net/gampad/
208 KB
66 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3665510631057375&correlator=3685605709772403&eid=31080125&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=58580620%2Cthe_record%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%2C2x1%2C300x600%7C300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1703402598232&lmt=1703399856&adxs=436%2C799%2C1055&adys=21%2C145%2C1171&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.therecord.com%2F&vis=1&psz=728x-1%7C1600x-1%7C300x600&msz=728x-1%7C1600x-1%7C300x600&fws=516%2C516%2C4&ohw=1600%2C1600%2C1600&ga_vid=2050425142.1703402598&ga_sid=1703402598&ga_hid=1621792161&ga_fc=false&dlt=1703402596507&idt=1406&prev_scp=pos%3D1%26amznbid%3D2%26amznp%3D2%7Cpos%3Dimpact-top%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26amznbid%3D2%26amznp%3D2&cust_params=browser%3DChrome%26k%3Dthe%2520record%26page%3Dhomepage%252Capp-editorial%26environment%3Dprod%26cutpoint%3Dlarge%26permutive%3Drts%26gs_channels%3Dpr_ts_pl_nws_lctns_cnd_ntnl%252Cts_pl_nws_lctns_cnd_ntnl%252Cgs_home%252Cgt_mixed%252Cgv_crime%252Cgs_food%252Cgs_home_property%252Cgs_politics%252Cgs_event_christmas%252Cgb_crime_high_med_low%252Cts_bz_ndstry_gnrl%252Cts_pl_pltcl_sss_crm%252Cts_pl_vt_prpnsty_cnd_ndp%252Cts_fmly_prntng_gnrl%252Cts_rtl_fshn_pprl_fshn%252Cgs_politics_misc%252Cgs_food_misc%26prmtvsdk%3Dweb&adks=1973118403%2C1669040282%2C425138753&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
b15f740de44f05503a6fb527b885d6ceeeabd68fbca137e5095f367557a739d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66735
x-xss-protection
0
google-lineitem-id
-1,-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.therecord.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9097
6 KB
3 KB
Document
General
Full URL
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.therecord.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 07:23:18 GMT
expires
Mon, 23 Dec 2024 07:23:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iu3
s.amazon-adsystem.com/ Frame F8D8
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_ox-db5_an-db5
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_ox-db5_an-db5&dcc=t
297 B
1 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_ox-db5_an-db5&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
b3e7087e228be3a58b28db80acc7ba4d178749326af5386b4b754f1160b6b44a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.therecord.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
297
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 24 Dec 2023 07:23:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
2SADM9Z4Y1WE4P2PSZDV

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 24 Dec 2023 07:23:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_ox-db5_an-db5&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Q3MA68PDDQ3DHT9EWXC4
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/
108 KB
29 KB
Script
General
Full URL
https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.89.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-89-160.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dac08fd3eb7d2adf333d36ea5e35d4f4dc25c7dd705cbf99682707b2d95f9031

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
v4gxLFp6LN_bb5C9d7c7Yd6l6kCPxU1z
content-encoding
br
via
1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront)
date
Sun, 24 Dec 2023 07:21:57 GMT
x-amz-cf-pop
SYD62-P1
age
94
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 05 Dec 2023 14:57:24 GMT
server
AmazonS3
etag
W/"b2b7a401bd4f0de0145925b43c4e7c21"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
7_g5HhOkcrLpw3wHZFV0iXuCUDRcgIl3-DK1_Y4ZfZZcoFf8XjwSrQ==
destination
www.googletagmanager.com/gtag/
256 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
65cea9994e7b6fd59923543cd349b4086ff4391badb603d3980413f5e878b2df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89110
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 24 Dec 2023 07:23:18 GMT
publisher:getClientId
ampcid.google.com/v1/
78 B
444 B
XHR
General
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
19c592819d340656421a0ca296e9564cbfbcb69228f56cef708c529fc16217ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.therecord.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 24 Dec 2023 07:23:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
JxONvjaVGX6lXFLn4kdk3FMVUdohDPq/uJhjRKQXTwQD1+wCWX0mElxmGu1dvc+q2UHfBBSg3OEDTa3JlCOiSg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/
205 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11101175418
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f6b92019659bb7d54117af7574fff793e7cf64509ac74e1d80a9796ab8d853ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75328
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Dec 2023 07:23:18 GMT
js
www.googletagmanager.com/gtag/
205 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11101175418&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSZQF8&gtm_auth=74eL4wQLYRNQ18AwQITlNA&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ec2edb32aedc6b8e6e50eab063ec81816abfa198deebf423caae3522298a3b92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75353
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Dec 2023 07:23:18 GMT
js
www.googletagmanager.com/gtag/
180 KB
66 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-12987815
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
591464df814b6fcf6cdfe1d440a3b849efc1e0c320b070788831cac958342828
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67482
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Dec 2023 07:23:18 GMT
js
www.googletagmanager.com/gtag/
180 KB
66 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-12987815&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSZQF8&gtm_auth=74eL4wQLYRNQ18AwQITlNA&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
13d7a4d806b6857730a2766ae4ca513fe48735eb6c4082d7e11aab5f5f0ffb32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67427
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Dec 2023 07:23:18 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/
930 B
1 KB
Script
General
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.101.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-101-75.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 13:10:04 GMT
Via
1.1 4bfeb1eae9544366893e37b97eee8e6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SYD62-P1
Age
65594
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
ze_BWJ7KGFRxsCK5z39edbY9FesHnTXUmjFrW08zQvdifg4AgJgeMA==
Expires
Sun, 24 Dec 2023 13:10:04 GMT
RC8217f02947be421192d2acbcfdd02c80-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/
733 B
1 KB
Script
General
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/RC8217f02947be421192d2acbcfdd02c80-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-97.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
48afdb2dec2cb40047f3f7d0b4f0a22e168fba6d299be08bed11e1221b082aa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 06:36:06 GMT
x-amz-version-id
null
via
1.1 5ecb1870eacf5c5cd4ef9910916dfe9e.cloudfront.net (CloudFront)
last-modified
Sun, 24 Dec 2023 06:33:20 GMT
server
AmazonS3
x-amz-cf-pop
SFO20-C1
age
2833
etag
"7b16d93f8ac6ef16552375639a79fd3d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
733
x-amz-cf-id
bpiZgzHTo0hi93po50VmOn9Z5RJvuIYC_fN9SLkvkYd-qDF0_LTVIw==
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/
4 KB
1 KB
Fetch
General
Full URL
https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.89.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-89-160.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eec1d339b9dac9ef9991e418a6fd71c2cf953d77ed1597ed68f82fcc12bf7767

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
8wBdC1fvjthSTrFspxDO4VzVvdAFdrfL
content-encoding
gzip
via
1.1 c2fff340a6d5f4b9c17041a88b37f0f4.cloudfront.net (CloudFront)
date
Sun, 24 Dec 2023 05:57:36 GMT
x-amz-cf-pop
SYD62-P1
age
5149
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 09 Oct 2023 16:01:47 GMT
server
AmazonS3
etag
W/"b1f2fbddf3135863ad45acc993d27497"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
0yydVspVYckjBQoDdC7Md3thPmr0cwH1VbrepG1QYmrk85hRcP8m8w==
p.js
cdn.parsely.com/keys/therecord.com/
56 KB
21 KB
Script
General
Full URL
https://cdn.parsely.com/keys/therecord.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.97.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-97-57.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
ab199ce8cd92ab1eeb95bf0f6a55070369f96065341f777d56347e8c5a2d62a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sun, 24 Dec 2023 07:23:19 GMT
content-encoding
gzip
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
last-modified
Fri, 24 Jun 2022 01:41:35 GMT
server
nginx
x-amz-cf-pop
SYD62-P1
etag
W/"62b5164f-df4c"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
fs90DN1g_tk07GfDRMR1s-vCdV3TX35e3gzhOeaA0fgN6CMbc1FmfA==
expires
Mon, 25 Dec 2023 07:23:19 GMT
ajs-destination.bundle.13362ca512563a10e34d.js
cdn.segment.com/analytics-next/bundles/
9 KB
3 KB
Script
General
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.89.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-89-160.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 15:25:54 GMT
x-amz-version-id
1zRCYnTqT7b5Sp5inLUGARXloL6P112m
content-encoding
br
via
1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
835045
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 11 Dec 2023 23:39:44 GMT
server
AmazonS3
etag
W/"0dec480089dae7da1834489f95aca4e7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
jXzQl9fyDs-fFnQd2NDL-eHrrL6fEEvwWkisNCJ31AvVQNQLQydu0Q==
schemaFilter.bundle.f63551a29dc1697f71b6.js
cdn.segment.com/analytics-next/bundles/
2 KB
1 KB
Script
General
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.89.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-89-160.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 14:41:26 GMT
x-amz-version-id
Cj5RE9x0WySTbVJtnwQumAziMT2di.4o
content-encoding
br
via
1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
837713
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 11 Dec 2023 23:39:43 GMT
server
AmazonS3
etag
W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
QfSInjPi7yoTut0rBikWh3dlxrZNfU1_rZoVPM-GSPxdBixxFylv6A==
p
api.segment.io/v1/
21 B
175 B
Fetch
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.144.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-144-222.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.therecord.com
date
Sun, 24 Dec 2023 07:23:18 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_response&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3765&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=9&jsfv=nbc&ts=1703402598526&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&fst=1703402598029&fstr=3321&pt=1&cl=440&w=recommended&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Fprovincial%2Fwhy-doug-fords-gingerbread-house-making-christmas-video-is-drawing-swift-reactions-online%2Farticle_e9656313-801b-5cf1-a391-5f0e7067b8f2.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Ffederal%2Fshe-fought-off-online-attacks-as-the-face-of-canadas-covid-19-response-now-theresa%2Farticle_0f7ff331-d3d9-5fe4-90f2-0ce6f9aeaaa9.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fprime-minister-justin-trudeau-heading-to-jamaica-for-post-christmas-vacation%2Farticle_de1fa37a-7145-522a-b87d-3e7b0d8114f4.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2F1-still-missing-a-week-after-st-louis-largest-nursing-home-closed-abrubtly%2Farticle_8a5e11d4-5325-53e0-b837-7190137a0861.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Ftime-to-replace-your-car-how-to-tell-when-repair-bills-are-no-longer-worth%2Farticle_c4703330-00fd-59be-a7fe-28ac2349fab9.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Frelationships%2Fmy-friends-were-talking-about-how-often-they-have-sex-and-i-was-shocked-what%2Farticle_32a55358-90be-5d87-a950-038e4216d444.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fflash-from-the-past-same-queen-street-south-property-cleared-in-1923-and-2023%2Farticle_ce7bf28c-d2ce-586b-a0a3-a53f873ed7ad.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Ffederal%2Fwe-listened-to-10-of-pierre-poilievres-year-end-interviews-heres-what-we-learned-about%2Farticle_c4a29a64-4a99-5049-8440-f67a0db65d13.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2Fa-voter-pushed-nikki-haley-to-call-donald-trump-a-grave-danger-to-the-us%2Farticle_a3881f2e-30bb-5694-9f6b-2e1c904f2cd4.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Fhockey%2Fkyle-dubas-had-a-chance-to-tell-his-side-of-the-maple-leafs-breakup-story%2Farticle_7ef6dbc5-6779-5a15-ba6a-ad3a9f8590e4.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Fsome-manufacturers-are-intentionally-making-appliances-and-electronics-more-expensive-to-repair-heres-why-that%2Farticle_b49ca522-0860-519d-8ab6-7698855243e4.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fclothing-shop-folding-up%2Farticle_fa9c332a-6237-52f7-9191-2aeec4434a91.html%22%5D&usedJS=19300000&totalJS=26000000&jsLimit=3760000000&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_tracking_items_mismatch&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3775&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=9&jsfv=nbc&ts=1703402598529&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&w=recommended&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Fprovincial%2Fwhy-doug-fords-gingerbread-house-making-christmas-video-is-drawing-swift-reactions-online%2Farticle_e9656313-801b-5cf1-a391-5f0e7067b8f2.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Ffederal%2Fshe-fought-off-online-attacks-as-the-face-of-canadas-covid-19-response-now-theresa%2Farticle_0f7ff331-d3d9-5fe4-90f2-0ce6f9aeaaa9.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fprime-minister-justin-trudeau-heading-to-jamaica-for-post-christmas-vacation%2Farticle_de1fa37a-7145-522a-b87d-3e7b0d8114f4.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2F1-still-missing-a-week-after-st-louis-largest-nursing-home-closed-abrubtly%2Farticle_8a5e11d4-5325-53e0-b837-7190137a0861.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Ftime-to-replace-your-car-how-to-tell-when-repair-bills-are-no-longer-worth%2Farticle_c4703330-00fd-59be-a7fe-28ac2349fab9.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Frelationships%2Fmy-friends-were-talking-about-how-often-they-have-sex-and-i-was-shocked-what%2Farticle_32a55358-90be-5d87-a950-038e4216d444.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Fprovincial%2Fwhy-doug-fords-gingerbread-house-making-christmas-video-is-drawing-swift-reactions-online%2Farticle_e9656313-801b-5cf1-a391-5f0e7067b8f2.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Ffederal%2Fshe-fought-off-online-attacks-as-the-face-of-canadas-covid-19-response-now-theresa%2Farticle_0f7ff331-d3d9-5fe4-90f2-0ce6f9aeaaa9.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fprime-minister-justin-trudeau-heading-to-jamaica-for-post-christmas-vacation%2Farticle_de1fa37a-7145-522a-b87d-3e7b0d8114f4.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2F1-still-missing-a-week-after-st-louis-largest-nursing-home-closed-abrubtly%2Farticle_8a5e11d4-5325-53e0-b837-7190137a0861.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Ftime-to-replace-your-car-how-to-tell-when-repair-bills-are-no-longer-worth%2Farticle_c4703330-00fd-59be-a7fe-28ac2349fab9.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Frelationships%2Fmy-friends-were-talking-about-how-often-they-have-sex-and-i-was-shocked-what%2Farticle_32a55358-90be-5d87-a950-038e4216d444.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fflash-from-the-past-same-queen-street-south-property-cleared-in-1923-and-2023%2Farticle_ce7bf28c-d2ce-586b-a0a3-a53f873ed7ad.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Ffederal%2Fwe-listened-to-10-of-pierre-poilievres-year-end-interviews-heres-what-we-learned-about%2Farticle_c4a29a64-4a99-5049-8440-f67a0db65d13.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2Fa-voter-pushed-nikki-haley-to-call-donald-trump-a-grave-danger-to-the-us%2Farticle_a3881f2e-30bb-5694-9f6b-2e1c904f2cd4.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Fhockey%2Fkyle-dubas-had-a-chance-to-tell-his-side-of-the-maple-leafs-breakup-story%2Farticle_7ef6dbc5-6779-5a15-ba6a-ad3a9f8590e4.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Fsome-manufacturers-are-intentionally-making-appliances-and-electronics-more-expensive-to-repair-heres-why-that%2Farticle_b49ca522-0860-519d-8ab6-7698855243e4.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fclothing-shop-folding-up%2Farticle_fa9c332a-6237-52f7-9191-2aeec4434a91.html%22%5D&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_shown&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3775&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=9&jsfv=nbc&ts=1703402598529&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&w=recommended&source=LI&st=3775&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Fprovincial%2Fwhy-doug-fords-gingerbread-house-making-christmas-video-is-drawing-swift-reactions-online%2Farticle_e9656313-801b-5cf1-a391-5f0e7067b8f2.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Ffederal%2Fshe-fought-off-online-attacks-as-the-face-of-canadas-covid-19-response-now-theresa%2Farticle_0f7ff331-d3d9-5fe4-90f2-0ce6f9aeaaa9.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fprime-minister-justin-trudeau-heading-to-jamaica-for-post-christmas-vacation%2Farticle_de1fa37a-7145-522a-b87d-3e7b0d8114f4.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2F1-still-missing-a-week-after-st-louis-largest-nursing-home-closed-abrubtly%2Farticle_8a5e11d4-5325-53e0-b837-7190137a0861.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Ftime-to-replace-your-car-how-to-tell-when-repair-bills-are-no-longer-worth%2Farticle_c4703330-00fd-59be-a7fe-28ac2349fab9.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Frelationships%2Fmy-friends-were-talking-about-how-often-they-have-sex-and-i-was-shocked-what%2Farticle_32a55358-90be-5d87-a950-038e4216d444.html%22%5D&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_response&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3780&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=16&jsfv=nbc&ts=1703402598529&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&fst=1703402598029&fstr=3321&pt=1&cl=457&w=politics&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Fprovincial%2Fwhy-doug-fords-gingerbread-house-making-christmas-video-is-drawing-swift-reactions-online%2Farticle_e9656313-801b-5cf1-a391-5f0e7067b8f2.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Ffederal%2Fwe-listened-to-10-of-pierre-poilievres-year-end-interviews-heres-what-we-learned-about%2Farticle_c4a29a64-4a99-5049-8440-f67a0db65d13.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Fpolitical-opinion%2Fthe-end-of-the-beer-store-i-ll-drink-to-that%2Farticle_867d1294-ef4c-5092-8462-d9a4bc1a03cb.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Ffederal%2Fis-that-justin-trudeau-buying-batteries-in-canadian-tire%2Farticle_1d128793-7bd8-53c2-8e16-40bef18c1c7a.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Fpolitical-opinion%2Fmps-are-acting-out-for-one-reason-and-it-s-the-ugly-truth-few-want%2Farticle_6b1dc8d7-5238-5bc3-8058-3231d40626ea.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Ffederal%2Fjustin-trudeau-criticizes-toronto-sun-newspaper-over-antisemitic-content%2Farticle_03e547ee-67b6-5c14-b095-cc9dbfbd399a.html%22%5D&usedJS=19300000&totalJS=26000000&jsLimit=3760000000&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_tracking_items_mismatch&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3782&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=16&jsfv=nbc&ts=1703402598529&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&w=politics&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Fprovincial%2Fwhy-doug-fords-gingerbread-house-making-christmas-video-is-drawing-swift-reactions-online%2Farticle_e9656313-801b-5cf1-a391-5f0e7067b8f2.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Ffederal%2Fwe-listened-to-10-of-pierre-poilievres-year-end-interviews-heres-what-we-learned-about%2Farticle_c4a29a64-4a99-5049-8440-f67a0db65d13.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Fpolitical-opinion%2Fthe-end-of-the-beer-store-i-ll-drink-to-that%2Farticle_867d1294-ef4c-5092-8462-d9a4bc1a03cb.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Fprovincial%2Fwhy-doug-fords-gingerbread-house-making-christmas-video-is-drawing-swift-reactions-online%2Farticle_e9656313-801b-5cf1-a391-5f0e7067b8f2.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Ffederal%2Fwe-listened-to-10-of-pierre-poilievres-year-end-interviews-heres-what-we-learned-about%2Farticle_c4a29a64-4a99-5049-8440-f67a0db65d13.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Fpolitical-opinion%2Fthe-end-of-the-beer-store-i-ll-drink-to-that%2Farticle_867d1294-ef4c-5092-8462-d9a4bc1a03cb.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Ffederal%2Fis-that-justin-trudeau-buying-batteries-in-canadian-tire%2Farticle_1d128793-7bd8-53c2-8e16-40bef18c1c7a.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Fpolitical-opinion%2Fmps-are-acting-out-for-one-reason-and-it-s-the-ugly-truth-few-want%2Farticle_6b1dc8d7-5238-5bc3-8058-3231d40626ea.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Ffederal%2Fjustin-trudeau-criticizes-toronto-sun-newspaper-over-antisemitic-content%2Farticle_03e547ee-67b6-5c14-b095-cc9dbfbd399a.html%22%5D&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_shown&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3782&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=16&jsfv=nbc&ts=1703402598529&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&w=politics&source=LI&st=3782&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Fprovincial%2Fwhy-doug-fords-gingerbread-house-making-christmas-video-is-drawing-swift-reactions-online%2Farticle_e9656313-801b-5cf1-a391-5f0e7067b8f2.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Ffederal%2Fwe-listened-to-10-of-pierre-poilievres-year-end-interviews-heres-what-we-learned-about%2Farticle_c4a29a64-4a99-5049-8440-f67a0db65d13.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fpolitics%2Fpolitical-opinion%2Fthe-end-of-the-beer-store-i-ll-drink-to-that%2Farticle_867d1294-ef4c-5092-8462-d9a4bc1a03cb.html%22%5D&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_response&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3784&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=18&jsfv=nbc&ts=1703402598529&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&fst=1703402598029&fstr=3321&pt=1&cl=462&w=canada&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fukrainian-watchmaker-fixes-newfoundland-clock-tower-that-hasnt-told-time-in-decades%2Farticle_687ea3a6-84b0-55f2-ba46-3ce206e4c394.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fprime-minister-justin-trudeau-heading-to-jamaica-for-post-christmas-vacation%2Farticle_de1fa37a-7145-522a-b87d-3e7b0d8114f4.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fleaders-of-two-quebec-teachers-unions-approve-partial-deal-with-provincial-government%2Farticle_36bfe03e-03d4-5ea6-a87e-47eb25c29c11.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fcanadian-death-toll-in-cantaloupe-salmonella-outbreak-rises-to-seven%2Farticle_a8ea2253-332a-5b51-8c9a-b3d69029fcb0.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Farrest-made-in-case-where-woman-was-allegedly-beaten-tied-and-left-in-dumpster%2Farticle_bc9eeeee-be42-5ff6-aeef-ed7f6ef20ded.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fcanterbury-fire-department-ladies-auxiliary-presents-firefighters-with-aed%2Farticle_ae80d3eb-7305-52bc-9cfb-f920221e5675.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fnewfoundland-and-labrador-hockey-body-axes-post-game-handshakes-citing-issues%2Farticle_0edad353-ab35-5ecf-b128-2e12539af9b5.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fvintage-gun-for-teachers-presentation-triggers-police-lockdown-at-vancouver-school%2Farticle_f2919054-b284-5caa-83d8-45abb7accab3.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fcanada-faces-green-christmas-as-el-nino-follows-warm-summer-head-climatologist-says%2Farticle_00d673bf-0ac4-5f4c-86bc-b7924209764c.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Flabour-shortage-noted-in-the-regions-oil-and-gas-industry%2Farticle_85b47701-0cbf-5f45-b7d2-138af599b4de.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fstudent-dies-playing-hide-and-seek-at-school-on-manitoba-hutterite-colony%2Farticle_3493ddea-e91b-5788-85dc-d8fbec67c9cb.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fontario%2Fshe-lived-for-her-family-woman-killed-minutes-from-home-in-brampton-crash-remembered-as%2Farticle_ed22cc0e-40c6-5e24-90af-ddd5688457f0.html%22%5D&usedJS=19300000&totalJS=26000000&jsLimit=3760000000&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_tracking_items_mismatch&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3788&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=18&jsfv=nbc&ts=1703402598530&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&w=canada&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fukrainian-watchmaker-fixes-newfoundland-clock-tower-that-hasnt-told-time-in-decades%2Farticle_687ea3a6-84b0-55f2-ba46-3ce206e4c394.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fprime-minister-justin-trudeau-heading-to-jamaica-for-post-christmas-vacation%2Farticle_de1fa37a-7145-522a-b87d-3e7b0d8114f4.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fleaders-of-two-quebec-teachers-unions-approve-partial-deal-with-provincial-government%2Farticle_36bfe03e-03d4-5ea6-a87e-47eb25c29c11.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fcanadian-death-toll-in-cantaloupe-salmonella-outbreak-rises-to-seven%2Farticle_a8ea2253-332a-5b51-8c9a-b3d69029fcb0.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Farrest-made-in-case-where-woman-was-allegedly-beaten-tied-and-left-in-dumpster%2Farticle_bc9eeeee-be42-5ff6-aeef-ed7f6ef20ded.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fcanterbury-fire-department-ladies-auxiliary-presents-firefighters-with-aed%2Farticle_ae80d3eb-7305-52bc-9cfb-f920221e5675.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fukrainian-watchmaker-fixes-newfoundland-clock-tower-that-hasnt-told-time-in-decades%2Farticle_687ea3a6-84b0-55f2-ba46-3ce206e4c394.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fprime-minister-justin-trudeau-heading-to-jamaica-for-post-christmas-vacation%2Farticle_de1fa37a-7145-522a-b87d-3e7b0d8114f4.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fleaders-of-two-quebec-teachers-unions-approve-partial-deal-with-provincial-government%2Farticle_36bfe03e-03d4-5ea6-a87e-47eb25c29c11.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fcanadian-death-toll-in-cantaloupe-salmonella-outbreak-rises-to-seven%2Farticle_a8ea2253-332a-5b51-8c9a-b3d69029fcb0.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Farrest-made-in-case-where-woman-was-allegedly-beaten-tied-and-left-in-dumpster%2Farticle_bc9eeeee-be42-5ff6-aeef-ed7f6ef20ded.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fcanterbury-fire-department-ladies-auxiliary-presents-firefighters-with-aed%2Farticle_ae80d3eb-7305-52bc-9cfb-f920221e5675.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fnewfoundland-and-labrador-hockey-body-axes-post-game-handshakes-citing-issues%2Farticle_0edad353-ab35-5ecf-b128-2e12539af9b5.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fvintage-gun-for-teachers-presentation-triggers-police-lockdown-at-vancouver-school%2Farticle_f2919054-b284-5caa-83d8-45abb7accab3.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fcanada-faces-green-christmas-as-el-nino-follows-warm-summer-head-climatologist-says%2Farticle_00d673bf-0ac4-5f4c-86bc-b7924209764c.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Flabour-shortage-noted-in-the-regions-oil-and-gas-industry%2Farticle_85b47701-0cbf-5f45-b7d2-138af599b4de.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fstudent-dies-playing-hide-and-seek-at-school-on-manitoba-hutterite-colony%2Farticle_3493ddea-e91b-5788-85dc-d8fbec67c9cb.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fontario%2Fshe-lived-for-her-family-woman-killed-minutes-from-home-in-brampton-crash-remembered-as%2Farticle_ed22cc0e-40c6-5e24-90af-ddd5688457f0.html%22%5D&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_shown&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3788&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=18&jsfv=nbc&ts=1703402598530&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&w=canada&source=LI&st=3788&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fukrainian-watchmaker-fixes-newfoundland-clock-tower-that-hasnt-told-time-in-decades%2Farticle_687ea3a6-84b0-55f2-ba46-3ce206e4c394.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fprime-minister-justin-trudeau-heading-to-jamaica-for-post-christmas-vacation%2Farticle_de1fa37a-7145-522a-b87d-3e7b0d8114f4.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fleaders-of-two-quebec-teachers-unions-approve-partial-deal-with-provincial-government%2Farticle_36bfe03e-03d4-5ea6-a87e-47eb25c29c11.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fcanadian-death-toll-in-cantaloupe-salmonella-outbreak-rises-to-seven%2Farticle_a8ea2253-332a-5b51-8c9a-b3d69029fcb0.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Farrest-made-in-case-where-woman-was-allegedly-beaten-tied-and-left-in-dumpster%2Farticle_bc9eeeee-be42-5ff6-aeef-ed7f6ef20ded.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fcanada%2Fcanterbury-fire-department-ladies-auxiliary-presents-firefighters-with-aed%2Farticle_ae80d3eb-7305-52bc-9cfb-f920221e5675.html%22%5D&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_response&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3791&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=20&jsfv=nbc&ts=1703402598530&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&fst=1703402598029&fstr=3321&pt=1&cl=468&w=world&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2F1-still-missing-a-week-after-st-louis-largest-nursing-home-closed-abrubtly%2Farticle_8a5e11d4-5325-53e0-b837-7190137a0861.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Feurope%2F3-foreign-nationals-are-among-the-wounded-after-a-prague-university-shooting-in-which-14%2Farticle_9b8b77c4-6c4f-58d9-9d5e-e244a6628dc8.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Fmiddle-east%2Fisrael-strikes-2-homes-and-kills-more-than-90-palestinians-as-troops-expand-south-gaza%2Farticle_0f459448-70ec-5428-9675-aefef41640f8.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Feurope%2Fa-court-in-romania-rejects-andrew-tates-request-to-visit-his-ailing-mother-in-the%2Farticle_78b9c718-bfa6-558d-8be2-32a2a7445821.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2Fcontrary-to-politicians-claims-offshore-wind-farms-dont-kill-whales-heres-what-to-know%2Farticle_8f6ccbd9-fc37-501b-9f6f-e4a86e7446d3.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2Fnew-migrants-face-fear-and-loneliness-a-town-on-the-great-plains-has-a-storied%2Farticle_c67388b3-b99f-5c18-bd33-c218a350728c.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Fasia%2Fpray-for-us-eyewitnesses-reveal-first-clues-about-a-missing-boat-with-up-to-200%2Farticle_ff6d1ae7-2d4a-5758-97c7-98df6cce9040.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Fat-a-church-rectory-in-boston-haitian-migrants-place-their-hopes-on-hard-work-and%2Farticle_4c0158f4-c35b-5c7c-9be1-9d4754c85ccd.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2Fpost-flight-feast-study-suggests-reindeer-vision-evolved-to-spot-favorite-food%2Farticle_9063c858-1114-55d3-997d-02d5575ef106.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Feurope%2Fpolish-president-says-hell-veto-a-spending-bill-in-a-blow-to-the-new-government%2Farticle_10c2aab8-bb9c-5bfb-ace9-1a1033938af8.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2Fmother-of-a-child-punished-by-a-court-for-urinating-in-public-refuses-to-sign%2Farticle_f09e7c9f-f530-5c41-a44c-c208efa46442.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2Fpastors-suicide-brings-grief-warnings-of-the-dangers-of-outing-amid-erosion-of-lgbtq-rights%2Farticle_178a25fd-31e5-5c72-9b34-88321678d0cf.html%22%5D&usedJS=19300000&totalJS=26000000&jsLimit=3760000000&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_tracking_items_mismatch&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3796&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=20&jsfv=nbc&ts=1703402598530&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&w=world&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2F1-still-missing-a-week-after-st-louis-largest-nursing-home-closed-abrubtly%2Farticle_8a5e11d4-5325-53e0-b837-7190137a0861.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Feurope%2F3-foreign-nationals-are-among-the-wounded-after-a-prague-university-shooting-in-which-14%2Farticle_9b8b77c4-6c4f-58d9-9d5e-e244a6628dc8.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Fmiddle-east%2Fisrael-strikes-2-homes-and-kills-more-than-90-palestinians-as-troops-expand-south-gaza%2Farticle_0f459448-70ec-5428-9675-aefef41640f8.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Feurope%2Fa-court-in-romania-rejects-andrew-tates-request-to-visit-his-ailing-mother-in-the%2Farticle_78b9c718-bfa6-558d-8be2-32a2a7445821.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2Fcontrary-to-politicians-claims-offshore-wind-farms-dont-kill-whales-heres-what-to-know%2Farticle_8f6ccbd9-fc37-501b-9f6f-e4a86e7446d3.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2Fnew-migrants-face-fear-and-loneliness-a-town-on-the-great-plains-has-a-storied%2Farticle_c67388b3-b99f-5c18-bd33-c218a350728c.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2F1-still-missing-a-week-after-st-louis-largest-nursing-home-closed-abrubtly%2Farticle_8a5e11d4-5325-53e0-b837-7190137a0861.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Feurope%2F3-foreign-nationals-are-among-the-wounded-after-a-prague-university-shooting-in-which-14%2Farticle_9b8b77c4-6c4f-58d9-9d5e-e244a6628dc8.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Fmiddle-east%2Fisrael-strikes-2-homes-and-kills-more-than-90-palestinians-as-troops-expand-south-gaza%2Farticle_0f459448-70ec-5428-9675-aefef41640f8.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Feurope%2Fa-court-in-romania-rejects-andrew-tates-request-to-visit-his-ailing-mother-in-the%2Farticle_78b9c718-bfa6-558d-8be2-32a2a7445821.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2Fcontrary-to-politicians-claims-offshore-wind-farms-dont-kill-whales-heres-what-to-know%2Farticle_8f6ccbd9-fc37-501b-9f6f-e4a86e7446d3.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2Fnew-migrants-face-fear-and-loneliness-a-town-on-the-great-plains-has-a-storied%2Farticle_c67388b3-b99f-5c18-bd33-c218a350728c.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Fasia%2Fpray-for-us-eyewitnesses-reveal-first-clues-about-a-missing-boat-with-up-to-200%2Farticle_ff6d1ae7-2d4a-5758-97c7-98df6cce9040.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Fat-a-church-rectory-in-boston-haitian-migrants-place-their-hopes-on-hard-work-and%2Farticle_4c0158f4-c35b-5c7c-9be1-9d4754c85ccd.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2Fpost-flight-feast-study-suggests-reindeer-vision-evolved-to-spot-favorite-food%2Farticle_9063c858-1114-55d3-997d-02d5575ef106.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Feurope%2Fpolish-president-says-hell-veto-a-spending-bill-in-a-blow-to-the-new-government%2Farticle_10c2aab8-bb9c-5bfb-ace9-1a1033938af8.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2Fmother-of-a-child-punished-by-a-court-for-urinating-in-public-refuses-to-sign%2Farticle_f09e7c9f-f530-5c41-a44c-c208efa46442.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2Fpastors-suicide-brings-grief-warnings-of-the-dangers-of-outing-amid-erosion-of-lgbtq-rights%2Farticle_178a25fd-31e5-5c72-9b34-88321678d0cf.html%22%5D&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_shown&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3796&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=20&jsfv=nbc&ts=1703402598530&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&w=world&source=LI&st=3796&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2F1-still-missing-a-week-after-st-louis-largest-nursing-home-closed-abrubtly%2Farticle_8a5e11d4-5325-53e0-b837-7190137a0861.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Feurope%2F3-foreign-nationals-are-among-the-wounded-after-a-prague-university-shooting-in-which-14%2Farticle_9b8b77c4-6c4f-58d9-9d5e-e244a6628dc8.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Fmiddle-east%2Fisrael-strikes-2-homes-and-kills-more-than-90-palestinians-as-troops-expand-south-gaza%2Farticle_0f459448-70ec-5428-9675-aefef41640f8.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Feurope%2Fa-court-in-romania-rejects-andrew-tates-request-to-visit-his-ailing-mother-in-the%2Farticle_78b9c718-bfa6-558d-8be2-32a2a7445821.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2Fcontrary-to-politicians-claims-offshore-wind-farms-dont-kill-whales-heres-what-to-know%2Farticle_8f6ccbd9-fc37-501b-9f6f-e4a86e7446d3.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fnews%2Fworld%2Funited-states%2Fnew-migrants-face-fear-and-loneliness-a-town-on-the-great-plains-has-a-storied%2Farticle_c67388b3-b99f-5c18-bd33-c218a350728c.html%22%5D&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_response&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3798&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=23&jsfv=nbc&ts=1703402598530&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&fst=1703402598029&fstr=3321&pt=1&cl=476&w=business&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Fa-year-after-chatgpt-launched-its-real-legacy-is-beyond-technology%2Farticle_4de9a7ad-0361-5fd8-8702-fe205a47599c.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Fsome-manufacturers-are-intentionally-making-appliances-and-electronics-more-expensive-to-repair-heres-why-that%2Farticle_b49ca522-0860-519d-8ab6-7698855243e4.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Ftime-to-replace-your-car-how-to-tell-when-repair-bills-are-no-longer-worth%2Farticle_c4703330-00fd-59be-a7fe-28ac2349fab9.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Fbeware-costs-and-logistics-of-at-home-chargers-before-buying-an-electric-car%2Farticle_7bfde001-402d-56f7-a030-5c3ae4d267d8.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Fnew-blackberry-ceo-john-giamatteo-has-his-eye-on-expenses-as-he-works-to-split%2Farticle_ddec43e0-9dbd-5c97-8b35-f3e5c3a89c94.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Fbombardier-wont-contest-ottawas-sole-source-deal-on-new-boeing-military-planes%2Farticle_57d708ba-1e3e-517c-9c2d-a3b10519f635.html%22%5D&usedJS=19300000&totalJS=26000000&jsLimit=3760000000&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_tracking_items_mismatch&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3800&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=23&jsfv=nbc&ts=1703402598530&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&w=business&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Fa-year-after-chatgpt-launched-its-real-legacy-is-beyond-technology%2Farticle_4de9a7ad-0361-5fd8-8702-fe205a47599c.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Fsome-manufacturers-are-intentionally-making-appliances-and-electronics-more-expensive-to-repair-heres-why-that%2Farticle_b49ca522-0860-519d-8ab6-7698855243e4.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Ftime-to-replace-your-car-how-to-tell-when-repair-bills-are-no-longer-worth%2Farticle_c4703330-00fd-59be-a7fe-28ac2349fab9.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Fa-year-after-chatgpt-launched-its-real-legacy-is-beyond-technology%2Farticle_4de9a7ad-0361-5fd8-8702-fe205a47599c.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Fsome-manufacturers-are-intentionally-making-appliances-and-electronics-more-expensive-to-repair-heres-why-that%2Farticle_b49ca522-0860-519d-8ab6-7698855243e4.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Ftime-to-replace-your-car-how-to-tell-when-repair-bills-are-no-longer-worth%2Farticle_c4703330-00fd-59be-a7fe-28ac2349fab9.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Fbeware-costs-and-logistics-of-at-home-chargers-before-buying-an-electric-car%2Farticle_7bfde001-402d-56f7-a030-5c3ae4d267d8.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Fnew-blackberry-ceo-john-giamatteo-has-his-eye-on-expenses-as-he-works-to-split%2Farticle_ddec43e0-9dbd-5c97-8b35-f3e5c3a89c94.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Fbombardier-wont-contest-ottawas-sole-source-deal-on-new-boeing-military-planes%2Farticle_57d708ba-1e3e-517c-9c2d-a3b10519f635.html%22%5D&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_shown&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3800&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=23&jsfv=nbc&ts=1703402598530&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&w=business&source=LI&st=3800&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Fa-year-after-chatgpt-launched-its-real-legacy-is-beyond-technology%2Farticle_4de9a7ad-0361-5fd8-8702-fe205a47599c.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Fsome-manufacturers-are-intentionally-making-appliances-and-electronics-more-expensive-to-repair-heres-why-that%2Farticle_b49ca522-0860-519d-8ab6-7698855243e4.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fbusiness%2Ftime-to-replace-your-car-how-to-tell-when-repair-bills-are-no-longer-worth%2Farticle_c4703330-00fd-59be-a7fe-28ac2349fab9.html%22%5D&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_response&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3802&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=25&jsfv=nbc&ts=1703402598530&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&fst=1703402598029&fstr=3321&pt=1&cl=480&w=entertainment&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fbooks%2Fcarley-fortune-had-a-surreal-year-the-toronto-authors-meet-me-at-the-lake-sold%2Farticle_f6d37228-b458-5ee0-9fad-90fdb586f11e.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fsarah-gadon-reflects-on-working-with-famed-director-michael-mann-in-ferrari%2Farticle_46980503-621b-55dc-8e9b-31dce2e0e91b.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fmovie-review-a-helicopter-father-flies-his-duck-family-south-in-migration%2Farticle_09f75361-9ee0-593d-9aaa-b4d16a73a863.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Faps-top-music-documentaries-of-2023-taylor-swift-beyonc-wham-and-more---and%2Farticle_1f9c80fd-d197-583e-a64d-548a57aee113.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fmovie-review-if-this-is-goodbye-aquaman-and-the-lost-kingdom-keeps-its-trident-high%2Farticle_e1849c8b-f479-51df-8a4c-9d5e68434458.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fmichael-j-fox-documentary-ryan-goslings-im-just-ken-song-shortlisted-for-oscar%2Farticle_0198b846-03ef-5db2-b6cb-1a5f8ad1ae4c.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fctv-national-news-appoints-heather-butts-as-new-weekend-anchor%2Farticle_9e03eaec-6263-57e8-8030-387473705cf6.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fmatthew-perry-died-from-effects-of-drug-ketamine-coroner-says%2Farticle_b3895401-7319-540b-ab77-da6b27793615.html%22%5D&usedJS=19300000&totalJS=26000000&jsLimit=3760000000&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_tracking_items_mismatch&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3804&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=25&jsfv=nbc&ts=1703402598530&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&w=entertainment&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fbooks%2Fcarley-fortune-had-a-surreal-year-the-toronto-authors-meet-me-at-the-lake-sold%2Farticle_f6d37228-b458-5ee0-9fad-90fdb586f11e.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fsarah-gadon-reflects-on-working-with-famed-director-michael-mann-in-ferrari%2Farticle_46980503-621b-55dc-8e9b-31dce2e0e91b.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fmovie-review-a-helicopter-father-flies-his-duck-family-south-in-migration%2Farticle_09f75361-9ee0-593d-9aaa-b4d16a73a863.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Faps-top-music-documentaries-of-2023-taylor-swift-beyonc-wham-and-more---and%2Farticle_1f9c80fd-d197-583e-a64d-548a57aee113.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fbooks%2Fcarley-fortune-had-a-surreal-year-the-toronto-authors-meet-me-at-the-lake-sold%2Farticle_f6d37228-b458-5ee0-9fad-90fdb586f11e.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fsarah-gadon-reflects-on-working-with-famed-director-michael-mann-in-ferrari%2Farticle_46980503-621b-55dc-8e9b-31dce2e0e91b.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fmovie-review-a-helicopter-father-flies-his-duck-family-south-in-migration%2Farticle_09f75361-9ee0-593d-9aaa-b4d16a73a863.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Faps-top-music-documentaries-of-2023-taylor-swift-beyonc-wham-and-more---and%2Farticle_1f9c80fd-d197-583e-a64d-548a57aee113.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fmovie-review-if-this-is-goodbye-aquaman-and-the-lost-kingdom-keeps-its-trident-high%2Farticle_e1849c8b-f479-51df-8a4c-9d5e68434458.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fmichael-j-fox-documentary-ryan-goslings-im-just-ken-song-shortlisted-for-oscar%2Farticle_0198b846-03ef-5db2-b6cb-1a5f8ad1ae4c.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fctv-national-news-appoints-heather-butts-as-new-weekend-anchor%2Farticle_9e03eaec-6263-57e8-8030-387473705cf6.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fmatthew-perry-died-from-effects-of-drug-ketamine-coroner-says%2Farticle_b3895401-7319-540b-ab77-da6b27793615.html%22%5D&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_shown&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3804&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=25&jsfv=nbc&ts=1703402598530&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&w=entertainment&source=LI&st=3804&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fbooks%2Fcarley-fortune-had-a-surreal-year-the-toronto-authors-meet-me-at-the-lake-sold%2Farticle_f6d37228-b458-5ee0-9fad-90fdb586f11e.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fsarah-gadon-reflects-on-working-with-famed-director-michael-mann-in-ferrari%2Farticle_46980503-621b-55dc-8e9b-31dce2e0e91b.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Fmovie-review-a-helicopter-father-flies-his-duck-family-south-in-migration%2Farticle_09f75361-9ee0-593d-9aaa-b4d16a73a863.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fentertainment%2Faps-top-music-documentaries-of-2023-taylor-swift-beyonc-wham-and-more---and%2Farticle_1f9c80fd-d197-583e-a64d-548a57aee113.html%22%5D&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_response&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3807&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=27&jsfv=nbc&ts=1703402598530&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&fst=1703402598029&fstr=3321&pt=1&cl=484&w=life&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fflash-from-the-past-same-queen-street-south-property-cleared-in-1923-and-2023%2Farticle_ce7bf28c-d2ce-586b-a0a3-a53f873ed7ad.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Frelationships%2Fmy-sisters-friend-is-always-dressed-up-even-at-spin-class-whats-her-deal-ask%2Farticle_60e88568-5c3c-50a7-9f69-8cbda0400456.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Frelationships%2Fmy-partner-is-breaking-theatre-plans-with-me-to-have-dinner-with-his-ex-not%2Farticle_a9e737ca-cd94-54cd-af28-4149d4a166e6.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fwhat-stores-are-open-and-closed-on-christmas-eve-see-hours-for-walmart-cvs-costco%2Farticle_d971fbef-795f-5b48-9fd9-cdc9a5852fff.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fyou-can-use-your-home-or-car-as-collateral-to-get-a-credit-card-should%2Farticle_cba764be-eaf3-5faa-bd46-12e419870b0b.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Ftravel%2Fwhat-should-you-do-when-your-flight-is-cancelled-when-does-an-airline-have-to%2Farticle_f30214ab-966b-5cc4-9b37-c48fd3b3f0d2.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Frelationships%2Fcelebrity-dating-stories-carolyn-mackenzie-shares-how-her-rescuer-became-her-husband%2Farticle_7c2a4c16-0e3f-5360-a40f-e59471df4318.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fdecaying-pillsbury-mill-in-illinois-that-once-churned-flour-into-opportunity-is-now-getting-new%2Farticle_8ff4da55-ec9d-5072-b780-ffae31dbe453.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fprocrastinators-in-focus-for-retailers-as-the-holiday-season-shopping-nears-the-finish-line%2Farticle_4227c35d-13a3-5c13-a12a-dd18063ecb4f.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fbusiest-holiday-travel-season-in-years-is-off-to-a-smooth-start-with-few-airport%2Farticle_7680254c-70ee-5936-8cf2-36a88218836c.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Frelationships%2Fi-m-a-married-woman-and-my-vice-is-sex-my-husband-knows-i-sleep%2Farticle_ecccd1c5-204c-57c8-8fee-ee397862507a.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fa-mom-chose-an-off-the-grid-school-for-safety-from-covid-no-one-protected%2Farticle_962fc461-30b6-599a-8ca3-8045539b3583.html%22%5D&usedJS=19300000&totalJS=26000000&jsLimit=3760000000&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_tracking_items_mismatch&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3811&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=27&jsfv=nbc&ts=1703402598531&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&w=life&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fflash-from-the-past-same-queen-street-south-property-cleared-in-1923-and-2023%2Farticle_ce7bf28c-d2ce-586b-a0a3-a53f873ed7ad.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Frelationships%2Fmy-sisters-friend-is-always-dressed-up-even-at-spin-class-whats-her-deal-ask%2Farticle_60e88568-5c3c-50a7-9f69-8cbda0400456.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Frelationships%2Fmy-partner-is-breaking-theatre-plans-with-me-to-have-dinner-with-his-ex-not%2Farticle_a9e737ca-cd94-54cd-af28-4149d4a166e6.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fwhat-stores-are-open-and-closed-on-christmas-eve-see-hours-for-walmart-cvs-costco%2Farticle_d971fbef-795f-5b48-9fd9-cdc9a5852fff.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fyou-can-use-your-home-or-car-as-collateral-to-get-a-credit-card-should%2Farticle_cba764be-eaf3-5faa-bd46-12e419870b0b.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Ftravel%2Fwhat-should-you-do-when-your-flight-is-cancelled-when-does-an-airline-have-to%2Farticle_f30214ab-966b-5cc4-9b37-c48fd3b3f0d2.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fflash-from-the-past-same-queen-street-south-property-cleared-in-1923-and-2023%2Farticle_ce7bf28c-d2ce-586b-a0a3-a53f873ed7ad.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Frelationships%2Fmy-sisters-friend-is-always-dressed-up-even-at-spin-class-whats-her-deal-ask%2Farticle_60e88568-5c3c-50a7-9f69-8cbda0400456.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Frelationships%2Fmy-partner-is-breaking-theatre-plans-with-me-to-have-dinner-with-his-ex-not%2Farticle_a9e737ca-cd94-54cd-af28-4149d4a166e6.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fwhat-stores-are-open-and-closed-on-christmas-eve-see-hours-for-walmart-cvs-costco%2Farticle_d971fbef-795f-5b48-9fd9-cdc9a5852fff.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fyou-can-use-your-home-or-car-as-collateral-to-get-a-credit-card-should%2Farticle_cba764be-eaf3-5faa-bd46-12e419870b0b.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Ftravel%2Fwhat-should-you-do-when-your-flight-is-cancelled-when-does-an-airline-have-to%2Farticle_f30214ab-966b-5cc4-9b37-c48fd3b3f0d2.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Frelationships%2Fcelebrity-dating-stories-carolyn-mackenzie-shares-how-her-rescuer-became-her-husband%2Farticle_7c2a4c16-0e3f-5360-a40f-e59471df4318.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fdecaying-pillsbury-mill-in-illinois-that-once-churned-flour-into-opportunity-is-now-getting-new%2Farticle_8ff4da55-ec9d-5072-b780-ffae31dbe453.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fprocrastinators-in-focus-for-retailers-as-the-holiday-season-shopping-nears-the-finish-line%2Farticle_4227c35d-13a3-5c13-a12a-dd18063ecb4f.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fbusiest-holiday-travel-season-in-years-is-off-to-a-smooth-start-with-few-airport%2Farticle_7680254c-70ee-5936-8cf2-36a88218836c.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Frelationships%2Fi-m-a-married-woman-and-my-vice-is-sex-my-husband-knows-i-sleep%2Farticle_ecccd1c5-204c-57c8-8fee-ee397862507a.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fa-mom-chose-an-off-the-grid-school-for-safety-from-covid-no-one-protected%2Farticle_962fc461-30b6-599a-8ca3-8045539b3583.html%22%5D&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_shown&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3811&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=27&jsfv=nbc&ts=1703402598531&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&w=life&source=LI&st=3811&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fflash-from-the-past-same-queen-street-south-property-cleared-in-1923-and-2023%2Farticle_ce7bf28c-d2ce-586b-a0a3-a53f873ed7ad.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Frelationships%2Fmy-sisters-friend-is-always-dressed-up-even-at-spin-class-whats-her-deal-ask%2Farticle_60e88568-5c3c-50a7-9f69-8cbda0400456.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Frelationships%2Fmy-partner-is-breaking-theatre-plans-with-me-to-have-dinner-with-his-ex-not%2Farticle_a9e737ca-cd94-54cd-af28-4149d4a166e6.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fwhat-stores-are-open-and-closed-on-christmas-eve-see-hours-for-walmart-cvs-costco%2Farticle_d971fbef-795f-5b48-9fd9-cdc9a5852fff.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Fyou-can-use-your-home-or-car-as-collateral-to-get-a-credit-card-should%2Farticle_cba764be-eaf3-5faa-bd46-12e419870b0b.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Flife%2Ftravel%2Fwhat-should-you-do-when-your-flight-is-cancelled-when-does-an-airline-have-to%2Farticle_f30214ab-966b-5cc4-9b37-c48fd3b3f0d2.html%22%5D&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_response&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3813&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=29&jsfv=nbc&ts=1703402598531&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&fst=1703402598029&fstr=3321&pt=1&cl=491&w=sports&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Fhockey%2Fits-easy-to-blame-goaltending-for-the-maple-leafs-problems-its-also-wrong%2Farticle_5594ff7f-17d0-5761-9161-6db534273fb5.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Fbasketball%2Fjohnson-and-newton-lead-no-5-uconn-to-a-69-65-win-over-st-johns%2Farticle_699f97f3-64d9-5c99-aad8-08d8dce7effb.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Fhockey%2Fwe-wont-forget-it-maple-leafs-goaltending-hits-nine-year-low-in-buffalo-meltdown%2Farticle_36092ad6-33e0-548d-a872-dc72efcda80e.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Fsports-betting%2Fnba-parlay-picks-dec-22-warriors-should-bury-wizards-at-home%2Farticle_31855b27-33ea-58e9-922b-043b10034511.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Ffootball%2Fsouth-alabama-gets-home-field-advantage-against-eastern-michigan-in-68-ventures-bowl%2Farticle_d5303289-26f6-51e6-9955-ac97b02c7c33.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Fbasketball%2Fno-20-gonzaga-women-extend-home-winning-streak-to-26-following-a-67-56-victory%2Farticle_1f06f0c7-df62-5591-a1d6-3c67c38e0cbb.html%22%5D&usedJS=19300000&totalJS=26000000&jsLimit=3760000000&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_tracking_items_mismatch&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3816&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=29&jsfv=nbc&ts=1703402598531&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&w=sports&source=LI&errs=initial+segment&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Fhockey%2Fits-easy-to-blame-goaltending-for-the-maple-leafs-problems-its-also-wrong%2Farticle_5594ff7f-17d0-5761-9161-6db534273fb5.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Fbasketball%2Fjohnson-and-newton-lead-no-5-uconn-to-a-69-65-win-over-st-johns%2Farticle_699f97f3-64d9-5c99-aad8-08d8dce7effb.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Fhockey%2Fwe-wont-forget-it-maple-leafs-goaltending-hits-nine-year-low-in-buffalo-meltdown%2Farticle_36092ad6-33e0-548d-a872-dc72efcda80e.html%22%5D&responseVisibleItems=%5B%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Fhockey%2Fits-easy-to-blame-goaltending-for-the-maple-leafs-problems-its-also-wrong%2Farticle_5594ff7f-17d0-5761-9161-6db534273fb5.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Fbasketball%2Fjohnson-and-newton-lead-no-5-uconn-to-a-69-65-win-over-st-johns%2Farticle_699f97f3-64d9-5c99-aad8-08d8dce7effb.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Fhockey%2Fwe-wont-forget-it-maple-leafs-goaltending-hits-nine-year-low-in-buffalo-meltdown%2Farticle_36092ad6-33e0-548d-a872-dc72efcda80e.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Fsports-betting%2Fnba-parlay-picks-dec-22-warriors-should-bury-wizards-at-home%2Farticle_31855b27-33ea-58e9-922b-043b10034511.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Ffootball%2Fsouth-alabama-gets-home-field-advantage-against-eastern-michigan-in-68-ventures-bowl%2Farticle_d5303289-26f6-51e6-9955-ac97b02c7c33.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Fbasketball%2Fno-20-gonzaga-women-extend-home-winning-streak-to-26-following-a-67-56-victory%2Farticle_1f06f0c7-df62-5591-a1d6-3c67c38e0cbb.html%22%5D&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/
35 B
49 B
Image
General
Full URL
https://query.petametrics.com/v3/ihiintppnq09v2ke/118dcc75-7616-43bc-ecef-94579eb03ee2/__activity.gif?e=widget_shown&ct=Home&ccu=https%3A%2F%2Fwww.therecord.com%2F&tspl=3816&blst=2949&ist=3312&iet=3318&bdst=2949&bdet=3286&bcttt=29&jsfv=nbc&ts=1703402598531&jsk=ihiintppnq09v2ke&jsv=20231116&cu=https%3A%2F%2Fwww.therecord.com%2F&uid=118dcc75-7616-43bc-ecef-94579eb03ee2&sid=8aad3584-86d8-4bdd-c894-c628d4d39243&pvid=935e43bd-7118-418d-d8a4-340b5ff41763&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F120.0.6099.109+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=-480&w=sports&source=LI&st=3816&vi=%5B%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Fhockey%2Fits-easy-to-blame-goaltending-for-the-maple-leafs-problems-its-also-wrong%2Farticle_5594ff7f-17d0-5761-9161-6db534273fb5.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Fbasketball%2Fjohnson-and-newton-lead-no-5-uconn-to-a-69-65-win-over-st-johns%2Farticle_699f97f3-64d9-5c99-aad8-08d8dce7effb.html%22%2C%22https%3A%2F%2Fwww.therecord.com%2Fsports%2Fhockey%2Fwe-wont-forget-it-maple-leafs-goaltending-hits-nine-year-low-in-buffalo-meltdown%2Farticle_36092ad6-33e0-548d-a872-dc72efcda80e.html%22%5D&sdk=bc-pixel
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
6585cc5b97aa8.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/2/a3/2a30fd62-50cb-5761-a77c-d72d0940e93d/
33 KB
33 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/2/a3/2a30fd62-50cb-5761-a77c-d72d0940e93d/6585cc5b97aa8.image.jpg?resize=540%2C360
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15d1b32a1431f3f4e0001a1712a88072a7c8a070e0d5f216f574564d875d62e3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:18 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=33894, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Dec 2023 17:50:19 GMT
server
cloudflare
x-vcache
MISS
etag
"d938748c66f0ec8185d8639ee81f69f2"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a719210cb2572c-SYD
expires
Sat, 21 Dec 2024 17:58:34 GMT
658480fe89356.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/7/bc/7bca325b-2bba-5847-8657-ea94732c29e3/
13 KB
14 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/7/bc/7bca325b-2bba-5847-8657-ea94732c29e3/658480fe89356.image.jpg?resize=540%2C360
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6452e5a90daf2103a7be44b0bff2582aff8aba215230ade8eeea645f75e8851f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:18 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=17359
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="658480fe89356.webp"
content-length
13658
cf-bgj
imgq:85,h2pri
last-modified
Thu, 21 Dec 2023 18:16:30 GMT
server
cloudflare
x-vcache
MISS
etag
"ad2d21e96f4fda577c7addb3af766f92"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a719210cb3572c-SYD
expires
Fri, 20 Dec 2024 23:36:55 GMT
6585d5c81ba7c.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/6/24/6246dc18-2db4-5fe6-aa3b-9a6a43f8ef64/
21 KB
21 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/6/24/6246dc18-2db4-5fe6-aa3b-9a6a43f8ef64/6585d5c81ba7c.image.jpg?resize=540%2C360
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a621427f325de9889cf216f562892e8207ee324c9db08c9c91af73c3a6493cb5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:18 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=26425
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="6585d5c81ba7c.webp"
content-length
21560
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Dec 2023 18:30:32 GMT
server
cloudflare
x-vcache
MISS
etag
"301f65190a791e76484efe2457144881"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a719210cb5572c-SYD
expires
Sat, 21 Dec 2024 18:50:45 GMT
6585f456d27a6.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/d/40/d40871da-b6fa-5f3c-82e7-4bb3c49b0595/
65 KB
66 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/d/40/d40871da-b6fa-5f3c-82e7-4bb3c49b0595/6585f456d27a6.image.jpg?resize=540%2C720
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80dee23ce7250f2f0c1135eae9ecea88b35fdb0d6586a76a0eafbc0dea88e2c3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:18 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=67276, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Dec 2023 20:40:55 GMT
server
cloudflare
x-vcache
MISS
etag
"3cad6f60064736b2c8e69d1a28d39ce8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a719210cb7572c-SYD
expires
Sat, 21 Dec 2024 20:51:19 GMT
6568fdc31e578.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/4/22/4220cc82-5b21-590f-902e-1932733b2d3a/
12 KB
12 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/4/22/4220cc82-5b21-590f-902e-1932733b2d3a/6568fdc31e578.image.jpg?resize=540%2C399
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeae2d9b3447e2c4e0464a4d6431a061d0e63db62a950e0db02919f9b2803d8b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:18 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=15241
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="6568fdc31e578.webp"
content-length
12266
cf-bgj
imgq:85,h2pri
last-modified
Thu, 30 Nov 2023 21:25:23 GMT
server
cloudflare
x-vcache
MISS
etag
"b027bcec943274e20077372946c8861b"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a719210cb9572c-SYD
expires
Fri, 06 Dec 2024 10:42:45 GMT
collect
analytics.google.com/g/
0
255 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je3bt0v887101457z8861227858&_p=1703402597083&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=2050425142.1703402598&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Home&dl=https%3A%2F%2Fwww.therecord.com%2F&sid=1703402598&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.canonical_url=https%3A%2F%2Fwww.therecord.com%2F&epn.townnews_crm_group_id=848&ep.generator=BLOX&ep.generator_version=1.72.3&tfd=3904
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.therecord.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
255 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=2050425142.1703402598&gtm=45je3bt0v887101457z8861227858&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.therecord.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4T2EB147B8&cid=2050425142.1703402598&gtm=45je3bt0v887101457z8861227858&aip=1&dma=0&gcd=11l1l1l1l1&z=272940735
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
RCf9fbf93615df4b4aa748e2328a706496-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/
13 KB
3 KB
Script
General
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/RCf9fbf93615df4b4aa748e2328a706496-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-97.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92847fbfa2adaf5f1907b01d1826b39f3fe26420d481337abe1b096109c42236

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 06:36:06 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Sun, 24 Dec 2023 06:33:21 GMT
server
AmazonS3
via
1.1 5ecb1870eacf5c5cd4ef9910916dfe9e.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO20-C1
etag
W/"9828f4758b3f2acbcebbea99520a48f4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
2833
x-amz-cf-id
0Shhl7nSyxwBmEtwHmzu7ytT1f29UuXp8S88sZG4JIj5OYSliJU7Ng==
RCfdefc67c0ed94b76af30fac1dfc1ce8b-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/
621 B
985 B
Script
General
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/a6b52c0075b6/RCfdefc67c0ed94b76af30fac1dfc1ce8b-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-97.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f99bc8a797236529795e9de685a36b88ffaa0d7709371daf535d8b9d9829588a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 06:36:06 GMT
x-amz-version-id
null
via
1.1 5ecb1870eacf5c5cd4ef9910916dfe9e.cloudfront.net (CloudFront)
last-modified
Sun, 24 Dec 2023 06:33:21 GMT
server
AmazonS3
x-amz-cf-pop
SFO20-C1
age
2833
etag
"601d13dcf8c9acec9d4371465512ab34"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
621
x-amz-cf-id
cs9xCvZKHl9hl7N1oYtyA6KmQYngWDryf0kuMJXtgvZYJoIaUB0ZBw==
events
api.permutive.com/v2.0/batch/
101 B
130 B
XHR
General
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
ea03e17fb73a5d29f0d18aebc6956493a31a23d51b66ae4456a66378c94601d3

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
activityi;dc_pre=CPj9xpbFp4MDFcBHwgUdAXcJ7A;src=12987815;type=invmedia;cat=there0;ord=4767749337761;auiddc=1475064986.1703402598;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...
12987815.fls.doubleclick.net/ Frame E950
Redirect Chain
  • https://12987815.fls.doubleclick.net/activityi;src=12987815;type=invmedia;cat=there0;ord=4767749337761;auiddc=1475064986.1703402598;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;ua...
  • https://12987815.fls.doubleclick.net/activityi;dc_pre=CPj9xpbFp4MDFcBHwgUdAXcJ7A;src=12987815;type=invmedia;cat=there0;ord=4767749337761;auiddc=1475064986.1703402598;gtm=45fe3bt0;gcd=11l1l1l1l1;dma...
473 B
614 B
Document
General
Full URL
https://12987815.fls.doubleclick.net/activityi;dc_pre=CPj9xpbFp4MDFcBHwgUdAXcJ7A;src=12987815;type=invmedia;cat=there0;ord=4767749337761;auiddc=1475064986.1703402598;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.therecord.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12987815&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f6.1e100.net
Software
cafe /
Resource Hash
bffbf8e1a1d6b737278515f5d16d64770346438fd416b51349466a29a5391dfd
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.therecord.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
275
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 07:23:19 GMT
expires
Sun, 24 Dec 2023 07:23:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 07:23:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12987815.fls.doubleclick.net/activityi;dc_pre=CPj9xpbFp4MDFcBHwgUdAXcJ7A;src=12987815;type=invmedia;cat=there0;ord=4767749337761;auiddc=1475064986.1703402598;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.therecord.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11101175418/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11101175418/?random=1703402598677&cv=11&fst=1703402598677&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9103646257&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.therecord.com%2F&hn=www.googleadservices.com&frm=0&tiba=therecord.com&auid=1475064986.1703402598&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11101175418&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
474ca82fb964720ca22c73e15c2ceaf2416165b9b1e3ed2e057ba8491d04edfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s21282522396099
s.therecord.com/b/ss/torontodnnlocal/1/JS-2.25.0-LDQM/
43 B
307 B
Image
General
Full URL
https://s.therecord.com/b/ss/torontodnnlocal/1/JS-2.25.0-LDQM/s21282522396099?AQB=1&ndh=1&pf=1&t=24%2F11%2F2023%2015%3A23%3A18%200%20-480&mid=55191048256226655211603504608910802180&aamlh=8&ce=UTF-8&ns=torstardigital&cdp=2&fpCookieDomainPeriods=2&pageName=therecord%7Chome&g=https%3A%2F%2Fwww.therecord.com%2F&cc=CAD&ch=home&server=therecord.com&events=event72&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=D%3D%2B%22therecord%7C%22%2Bh2&c2=home&h2=home&c4=D%3Dg&v4=D%3Dg&c9=therecord.com&v15=landscape&v16=standard-web-experience&c18=no&c19=D%3Dserver&c24=desktop&c26=not-specified&v29=https%3A%2F%2Fwww.therecord.com%2F&v49=D%3DpageName&c51=no-adblock-detected&c55=D%3Dmid&c56=no&c57=home&c70=D%3Dserver&v71=2285a7c8-1ee2-4007-93b1-bd1f5a5cb182&v79=no&v80=no&v83=no&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&AQE=1
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.56.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-56-117.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Mon, 25 Dec 2023 07:23:18 GMT
server
jag
etag
3658029226430529536-4617839025253142617
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 23 Dec 2023 07:23:18 GMT
359742557899281
connect.facebook.net/signals/config/
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/359742557899281?v=2.9.138&r=stable&domain=www.therecord.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
1931802ec8d90723d028333eaa9d06d7eff1d9034f96fe7978b2ec349311cef7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 24 Dec 2023 07:23:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
TnuUTg5VkCjNiKrmyYjdg3UzYqotN0XwFyncCmQ/wrQWuTkkgkmATor2Zw7j+ucugMxztkUxZXcMo2uonrDrfg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
container.html
a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6E79
6 KB
3 KB
Document
General
Full URL
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.therecord.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 07:23:18 GMT
expires
Mon, 23 Dec 2024 07:23:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-39.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:19:37 GMT
content-encoding
gzip
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
42543
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
BB1ACAJC7pTYwhuHDd-_EQ4JD2VhW40bLODFAhN1jt3YGAt4xhg-nQ==
publisher:getClientId
ampcid.google.com.au/v1/
3 B
369 B
XHR
General
Full URL
https://ampcid.google.com.au/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 07:23:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.therecord.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3E04
624 B
505 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLUDEOvo8AIY9fXQ-AEwAQ&v=APEucNVkzwawfvVajvEQEJP5edZCylJi-cl8GTUerjgqkV9FnvDBoMZ2vFPanQ4iOpsdNd02fwIJ8OITqDAM6tMOBb-bE5LZ3Q
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 07:23:19 GMT
expires
Sun, 24 Dec 2023 07:23:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1678003/76662699/ Frame 6E79
46 KB
12 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/st/1678003/76662699/skeleton.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.79.148.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-79-148-68.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ca21ecfad0ff863a80fb56cf4e35a78f64c0b672319d726de7c6679d8e0d7b2c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:18 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 6E79
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:46:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
16629
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 02:46:09 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 6E79
7 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:50:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
34360
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jan 2024 21:50:38 GMT
view
ad.doubleclick.net/pcs/ Frame 6E79
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsu51OAqZfKVxEP7OWh2Tv-_EwrSCre9jeTb0TPaKarXvKuxElpdIS7YvSYaG6a4kBDEi09cI4SbwE6zwXbKGKUdyHE8RlxPjEJFNvViJqSpoEYpJfya3XrSRX3PDMiuojhFVe2QFta-NzPR8KwuyIKzu_5mfg-SFZH6U4xk6eX4zvzifIPrjHbJO0Ecrw3Hdgg_UTlyRdnHsrMm7owvvl8LKuSzwyEiL9aFjkST0eXr6P5u3XRGoUrbnPs_2MlJ7Jh3Dw0Xrtv-ixAeENoVh-xAYs-qT9L8p_fZu5G2fQM2JKTMqEP89FB8Yk4ucV94pBHQY3eXh5f_PIhmtbrYBK46HptdIRPPf-c4K4lgtZ0T4jJAFEhVhHQL4EHE7OKSF5z6hR6p0vHkaEBXMiTDjeO6JuE-IwLeH2pgyHl43WE3nLowWcp7A880WFZ6yN4LvOQbM4E6ub_8J6MWM1nZaSXamDT0lr1f-itSJB2kf5BHdhZZCWE2cvjheVTxf0Bg6f_AzACjftBe2MPtekm_E4eWXPV9Tu-8n10Wlx-T348eW7qVIsVxI394ysNrwS2NSoIHlRE_YG1kmD46vyy7dMsS2IttTkcYXxj0o39s01ODGh8BVY2v8Hxa0dE4kI-Raspof76zyetrdslJTz2z172wBSGEOhhA_RVcWzEz3nL9816_bzWnzfhkDF8vOE4xENnB_MqMEkiSiQ3SVkhsG25Io_g1BWAgYIez670e_Us7vnMFPvBauQcqdJbOr56XYKIW2x56BCRQNfNSjkFcVZmToCAv1Npo3P7VW76iuqiblhVPGvcpw1rILde-WfutvCuhDWL-o2OdETEkJprETWRFsVL4chrr_f5c3M-U4un5X5cxtYp2dnwZt0wnJPj-Lvh2M9hKfftSrXSopSz7t0A2uQ4V0gIkE9dcHpf40sLqefT_uyRAGRIlyJ-zcXUptV4l9EAP1R-09DA9SVx-gnA-tO1OOg_nnNs-8prU-68SgiUrRv5TvOmsEIkXMKeIYkqJS2mjpSskt6ZTs96hV7NUhuIt9ii1ChyeTJcSWAWoF2GBPkRTdFBXhWKRrMWkTWX467KxMKOWw51660XLe8Bkz5nDULns-meVACzIDNA6Ktwu3lWLYme6Gs_CUnw8hlHTD2iLafJXAWVZpCJrSQtdULU3PVuv5DYTTmTsQpJI6yA5tHDZ9-yolsaZGafQoRvLehlTazLo1s1-AvvOg1MGmSfBqasFOluiLjCS0_XTM3qbkkQxs8IXTwXWVtA-Li47amNaCOjZkMfyaX02N7Ne1dP98vC1m63S19mudh7_Zn1-lk4pw-6IlwwYfaHPc0HLxoifk6_G32AnpeYpd_r0LD8mCxODF33U9KIpaBuHSbClqdLDQJTFTF_6D5pBb3qRnLt_1h2unGHW80wjtTjs7xEqy_ec2dtGasca4qjFoMLlPI0-rflRDz61bqWs0HCR0RzMHZHNRm98vACUVPJqwZAz6eb53Ok&sai=AMfl-YS7dSvNX7dTkZqrbc534-Uq2g5_k3Xrhlc89YR-40Yh0jnvsqoTfTkGuSd1ylN_6rTKxKdqRAtBrzV-QE2Ls2n2mcSW3kHfr4zG0ox25o81Na-GbgmlbWN3Y9j4z3nIzlCxk5J8VDhS7U5z0KwaHGxIf9Asc6l-GqsJFfFRvRQ-1PC3ltG--ZA52jsmcwt_5tqYmqhlLAtdk0G6fngG7LGhrJ4uwl7mi9jdgWj5OBXE2fgsVvGFac-xXSrcADT9hTGUW25umoJr14UNR0u0OL4_VLZ6yzaHnUNhjckenEG3PUeXymMmSSF5AIwR8j0dRcKiEvvtwCKwKj8jEYKOL1d3ZwE2WlociddB8kkKOEDRFhoCJc2ox-Ud1jM3F89sqim6Gncsmz7lTdofvltDfwDJ_7wO1VBGHpZ5PDeazrHJBny1cNQ83zYyksTdo3rWA65SVegkAIvF2Eq2MQmUxuYjTHWddttpbRDlL21Z4sJ1tAOvSPTutOu-oAY7m5heFYaZ7ieo7ft8&sig=Cg0ArKJSzI8v0Y9mlEcREAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vZmZpY2V3b3Jrcy5jb20uYXU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.92592&arae=0&ftch=1&adurl=
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 24 Dec 2023 07:23:19 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 24 Dec 2023 07:23:19 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 6E79
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 14:37:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
146748
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Dec 2024 14:37:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6E79
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 01:53:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
19790
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 01:53:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6E79
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
14498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 03:21:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E79
42 B
118 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8Kg9vxxfTMApaHQT2nCM5D6JAN6TP4Z1h87Bb4AzPUYlxCtmVX6h__9wsTSDP5M4V1eZItP0ZQARvgXYlHxxaq7CMFPqSaUhizQK3gz7Y1TaJb_I
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6E79
203 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 07:23:19 GMT
13071444485363148379
s0.2mdn.net/simgad/ Frame 6E79
44 KB
44 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/13071444485363148379
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f6.1e100.net
Software
sffe /
Resource Hash
b19207bfa58d4194dd2ee09a8b979ae59d117ab3286d23acbb471ef04dbf20f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 18 Dec 2024 02:59:09 GMT
date
Tue, 19 Dec 2023 02:59:09 GMT
x-content-type-options
nosniff
age
447850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44731
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 07:43:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
event
officeworks.demdex.net/ Frame 6E79
42 B
730 B
Image
General
Full URL
https://officeworks.demdex.net/event?d_event=imp&d_src=152434&d_site=6529433&d_creative=205658397&d_placement=376890940&d_campaign=30580651&d_bust=3092043077
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.25.18.8 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-25-18-8.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs
dcs-prod-apse2-2-v054-0a4049b6c.edge-apse2.demdex.com 34 ms
pragma
no-cache
date
Sun, 24 Dec 2023 07:23:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
vk64yAS1Rw8=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703402598887&ns_c=UTF-8&c7=https%3A%2F%2Fwww.therecord.com%2F&c8=therecord.com&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703402598887&ns_c=UTF-8&c7=https%3A%2F%2Fwww.therecord.com%2F&c8=therecord.com&c9=
0
224 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703402598887&ns_c=UTF-8&c7=https%3A%2F%2Fwww.therecord.com%2F&c8=therecord.com&c9=
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Server
18.67.93.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-39.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:19 GMT
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD62-P1
x-amz-cf-id
gql8zdwutaj8SD9LjQqc3mWkI24B_2XgWz-3L00zLbi8nxjWsm2sDw==
x-cache
Miss from cloudfront

Redirect headers

date
Sun, 24 Dec 2023 07:23:18 GMT
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=3005674&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703402598887&ns_c=UTF-8&c7=https%3A%2F%2Fwww.therecord.com%2F&c8=therecord.com&c9=
content-length
0
x-amz-cf-id
YhWCj3dchA3L_QE_2w0KXD4flAxmRHbjfGYbwukdjCscOfqEh6gwCA==
main.19.8.466.js
static.adsafeprotected.com/ Frame 6E79
213 KB
67 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.466.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1678003/76662699/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-125.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 20:53:13 GMT
x-amz-version-id
xzgJjX2ySahBlQ72zDUgnxljnut_sNmJ
content-encoding
gzip
via
1.1 7668594243430279f10ff22912314ba4.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
901807
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 13 Dec 2023 19:37:51 GMT
server
AmazonS3
etag
W/"eac384b0904b6f5677cb58a4d4e104c8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
KhA5PF1CuQR7SlyGM0fSxlad3HudBJ-MXxOPLbh4K3f2lCyfV9EFYQ==
container.html
a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CA72
6 KB
3 KB
Document
General
Full URL
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.therecord.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 07:23:18 GMT
expires
Mon, 23 Dec 2024 07:23:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4ABB
624 B
555 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLUDEOvo8AIYue_Q-AEwAQ&v=APEucNUO4pc3XTOX2Dj65g7tOmQBuQum41-KpKO9T3L8WLD606rowGDIZup7TDHAZhV4Kt9dtLlzr6KFZ_75fowQ5268MGYCuA
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 07:23:19 GMT
expires
Sun, 24 Dec 2023 07:23:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1678003/76662696/ Frame CA72
46 KB
12 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/st/1678003/76662696/skeleton.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.79.148.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-79-148-68.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
b47a748e28d2b55bc8662baf0889a06f229667d3f42953cf5739a3ee760afc8d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame CA72
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:46:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
16630
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 02:46:09 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame CA72
7 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 21:50:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
34361
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jan 2024 21:50:38 GMT
view
ad.doubleclick.net/pcs/ Frame CA72
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsssdDPG-1m0l3OLUKZYf5sEucz0dS8gBKEIZvtjcahsa2vFFUJUR0UkeJ6-pS37tRO4Vkln5K-Eduh0OL5BTmo1h23sGbxTtQyWS4B6K8wEEWAf-scG87HeIjdMCjNEoUSMO57EMvyY6ZFLNOIKvAhWlRUds-inNF3n25wZrEN7l7KiY_2jFEz03ASfMQ1uHqNaP7q51YHktmHOxM8nWa7ApN7fHpyn4zq991OaOc3UblEotwGiZFQZz65uScHIO2DbtDqv0P5NzeTPv8FqvCv_agxy-zzBNJcRrX1-a3NDVGic6nXcyDy_sBxJ1hyFvezbdVWDvLv1blm9jWR9XoZMSVRXSduEFsAYnZX1JzT1M6SxDw0W9-tkY8OD1SKB_TbF6zl6bkqhUU9XQZt8uFKQYCkilURKfY5IoojRnAYsDgnidTs59LB1jAppg1-AgCjEjOPAydhxgR_yavZkEBERCNBYL4On0dQ2dMG2MeSdW2Y55l-0mIncwS93z9HJiicxgZwaFirTNzBUZ7AcfhLiVzt98CIJ1CQ-N7YecUlT82xzh0dfYyZZz0AKG1hTHW8EyfO2KemhE7LEccpoDHQ-LeiP5DfKIZtUsCrBaRj2CpdTutDcOZBW_BFL1JjnvZUjyt0JcQmeGAlYBJBOfMVsmsRBAv91goh_kT7DQrYdNfky9n3NfXGhuh3DANp6e34ad2tQATd6NyJ4a-KCEkakPe37SzNa4HVsG8nDiYAjJ6XwbC6z5fNa0ESfONdoyt_yxWCkTuqY0uQFIWO1PECGxfQIcOa8tjW2-F60EJ2US-DjsrrqKErqWktiNIUdKGeFei3JdTaeN1pkJfCKBQOtTvW5YO3SJnL4h5WN1du4vFzgboQ5kPLnGksfx1YgP1H6ro-paCiPADL-m_YzD3x11PA2aT4Qj9C2RMWgbgg7M-ZD1Y270nklFhLVWD5gNLUllGohS-kxx0kRs9y7kzoKK9k7UWI_F2_GNCNBgzabEJIFdp5kZYc5M5qw_cBrS36AbqirHrvKtE4AnV7h4Qewi6NoQbQM-ppHzmNsOo7tlUvjvUBhQAgIty_JQUsKiWP-CZWNSu3WsW98vcTLmejZ1r2hn7lTTFUGnPBiMdOcCQhuXHrvRr8DFP1-ITzDPkH-J-VTftCYdhDsedz_cI5O63QgsN906G36o2H_yWypFFPyXJj98FjnXWHYrXE74D-D1or2K4nnHAbb3rCI0_hnsfXhEB8ZBPd0iLhXpxn5eWcXrALsz3sEwv7_FrKDV9HTQb4V5ik5ZjFJHFJZ7fNhyMkhyjtRxRaLOYf0KYOU9mTyo0Gc3-0_cIESPjFAu9TNr9JuRk1NenjuWPYZQkCr5m7sB9MEPrsuUW6BSarEfmkPUDOZDPPfQQ3mexcoJDvxuBMmfCwxcgf5E21mfTCYecDXaYbKolMRf7m9Ze2VKnN_stCEyufuw-TcU4W2m0DSPTORuvAjuhINko7l7V0b18MlPsjbbfZ_Tae-BQ&sai=AMfl-YSVyJxyyqMikDbjM1loDD9adUm4yBtaDwRy9Xyu6vT_UFKYR9jzlicHC98UUn6z-vdDYDfNYvYWltkayi8clClVdKuVx83Ydg8MqHkuvNNH-vy1uLMbuYXjxq0wFkz8stOV-F4v03Mub1qWNVVFHOLK8io2-ZBrVCmVv6Gn8yCDG_VFnHixEbAQ8Lez6_LhuQl1xIBSAvREBVokhLh-6ixQNR5ne27j1tXSmjPN5QCUdM0aynGKJ9ANKuPsSE26cGfbsEfJAe6IPgAeBV_8Bn0r9V7_VBYnvVSR6UWLLsB3ERECE7KCgIF6WijnoP5qfnzx5Ac1WQjoYnvwbm9t2zOaiUWtVn_q_zRbKS_LJm5WCt7UciBM9782S2TWIUw7NScsns2Skm2KW-KNLKL8EXCXpAyqz_lIEiGv2_2oN7d0gE9oYG7mXf0CGJd4xHqzcidHLC9fzu5oyh5Ao1at2m6_18-N2xB-d0bBb28f5gpZl9N3V4hQCkzOTiLU09glGMxh2EZccGoA&sig=Cg0ArKJSzG0GHP84dwuMEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vZmZpY2V3b3Jrcy5jb20uYXU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231207.12013&arae=0&ftch=1&adurl=
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 24 Dec 2023 07:23:19 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 24 Dec 2023 07:23:19 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame CA72
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 14:37:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
146748
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Dec 2024 14:37:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CA72
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 01:53:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
19790
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 01:53:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CA72
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
14498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 03:21:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA72
42 B
107 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dir5S8mRdNDs5X4wsv0CTPVOgbtEU6HjymFxb5iGVBTtGO4r9e3fK5LAbeMyVhqNrJsZTyCD5OMnNVLAu_HvFxloedtufWUgCiy9qbehHpZ3aaHi8
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CA72
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 07:23:19 GMT
16480179144383685086
s0.2mdn.net/simgad/ Frame CA72
76 KB
76 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/16480179144383685086
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f6.1e100.net
Software
sffe /
Resource Hash
94cf60b715bd0b1f8af6db1cf1c14906e008d1313307747f82590cd8d9c6a7dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 18 Dec 2024 09:49:31 GMT
date
Tue, 19 Dec 2023 09:49:31 GMT
x-content-type-options
nosniff
age
423228
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77768
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 07:43:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
event
officeworks.demdex.net/ Frame CA72
42 B
729 B
Image
General
Full URL
https://officeworks.demdex.net/event?d_event=imp&d_src=152434&d_site=6529433&d_creative=205168769&d_placement=376737983&d_campaign=30580651&d_bust=3859793694
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.25.18.8 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-25-18-8.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs
dcs-prod-apse2-1-v054-012f4d982.edge-apse2.demdex.com 5 ms
pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
xpRb7/qCTxI=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC
main.19.8.466.js
static.adsafeprotected.com/ Frame CA72
213 KB
67 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.466.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1678003/76662696/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-125.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 20:53:13 GMT
x-amz-version-id
xzgJjX2ySahBlQ72zDUgnxljnut_sNmJ
content-encoding
gzip
via
1.1 7668594243430279f10ff22912314ba4.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
901807
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 13 Dec 2023 19:37:51 GMT
server
AmazonS3
etag
W/"eac384b0904b6f5677cb58a4d4e104c8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
9ohM8-KnAxh_7tcfclR0Dcw38FO1IKx-QG9pqgY55lGoHOMLvgQY_w==
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=359742557899281&ev=PageView&dl=https%3A%2F%2Fwww.therecord.com%2F&rl=&if=false&ts=1703402599057&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703402599055.829687323&ler=empty&it=1703402598773&coo=false&rqm=GET
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 24 Dec 2023 07:23:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
state
api.permutive.com/v1.0/
0
34 B
XHR
General
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 07:23:19 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
/
p1.parsely.com/plogger/
43 B
257 B
Image
General
Full URL
https://p1.parsely.com/plogger/?rand=1703402599139&plid=3165474&idsite=therecord.com&url=https%3A%2F%2Fwww.therecord.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22plan%22%3A%22%22%2C%22janrain_uuid%22%3A%22%22%2C%22site_level_uuid%22%3A%22%22%2C%22hub_level_uuid%22%3A%22%22%2C%22adobe_mcid%22%3A%2255191048256226655211603504608910802180%22%2C%22word_count%22%3A%22%22%2C%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A11314%7D&sid=1&surl=https%3A%2F%2Fwww.therecord.com%2F&sref=&sts=1703402599127&slts=0&title=therecord.com&date=Sun+Dec+24+2023+15%3A23%3A19+GMT%2B0800+(Australian+Western+Standard+Time)&action=pageview&js=1&pvid=12818143&u=pid%3Db87840583e0af81f6bd76eb12448a142
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.242.33.86 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-242-33-86.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 07:23:19 GMT
Cache-Control
no-cache
Last-Modified
Sunday, 24-Dec-2023 07:23:19 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pr
s.amazon-adsystem.com/v3/ Frame 9521
1 KB
2 KB
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_ox-db5_an-db5&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
6e07592a9ee9c35258365f09b42f7bf35bd6670a3d4bebb5bf28638402250429
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_ox-db5_an-db5&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1219
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 24 Dec 2023 07:23:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
B59VANG5ZVNWG9T5DVC2
dc_pre=CPj9xpbFp4MDFcBHwgUdAXcJ7A;src=12987815;type=invmedia;cat=there0;ord=4767749337761;auiddc=*;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=http...
adservice.google.com/ddm/fls/z/ Frame E950
42 B
401 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPj9xpbFp4MDFcBHwgUdAXcJ7A;src=12987815;type=invmedia;cat=there0;ord=4767749337761;auiddc=*;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.therecord.com%2F
Requested by
Host: 12987815.fls.doubleclick.net
URL: https://12987815.fls.doubleclick.net/activityi;dc_pre=CPj9xpbFp4MDFcBHwgUdAXcJ7A;src=12987815;type=invmedia;cat=there0;ord=4767749337761;auiddc=1475064986.1703402598;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.therecord.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://12987815.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4ABB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcdRxHvRRMExDXGd-FTJHM&google_cver=1
43 B
774 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcdRxHvRRMExDXGd-FTJHM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLUDEOvo8AIYue_Q-AEwAQ&v=APEucNUO4pc3XTOX2Dj65g7tOmQBuQum41-KpKO9T3L8WLD606rowGDIZup7TDHAZhV4Kt9dtLlzr6KFZ_75fowQ5268MGYCuA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccbM%2F0%2Bs8iz4MJpfZ1mLc3gcPSSiWUV5XPBBei%2BPJyqMiBxPi4lI%2FjqSQHKbbzVzG%2Fx2r7Sm6Ji4QILyDYnGE3I0XXFx6%2BkYfDbeoItqKeWbbf8GtSte6hSNAtIr9xSlwXobEXb%2BH4GDXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a719269803a96b-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcdRxHvRRMExDXGd-FTJHM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4ABB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYfcZ3bkFRWVIpw1Lo7ppAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcdRxHvRRMExDXGd-FTJHM&google_cver=1
43 B
730 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcdRxHvRRMExDXGd-FTJHM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLUDEOvo8AIYue_Q-AEwAQ&v=APEucNUO4pc3XTOX2Dj65g7tOmQBuQum41-KpKO9T3L8WLD606rowGDIZup7TDHAZhV4Kt9dtLlzr6KFZ_75fowQ5268MGYCuA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qs40MYkP8Y8CEVBEGxxkQv5eeHQeihDe9HosTD7n0ql0MmtIFPwMvr63DaLZiy4gAdMPu3fDPVpEULvC7hUJ0H%2F5ulWAMyHIxjLRGPHMqbXd2G7bCuTZbjh85shPZQIAKeBKCqNx1YYEbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a71927c8f2a96b-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcdRxHvRRMExDXGd-FTJHM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4ABB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPHZaP6_506UFUMBcQoAwTI&google_cver=1
43 B
840 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPHZaP6_506UFUMBcQoAwTI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLUDEOvo8AIYue_Q-AEwAQ&v=APEucNUO4pc3XTOX2Dj65g7tOmQBuQum41-KpKO9T3L8WLD606rowGDIZup7TDHAZhV4Kt9dtLlzr6KFZ_75fowQ5268MGYCuA
Protocol
H2
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
an-x-request-uuid
543d8896-341a-4908-8b38-eb606aae397e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.168; 66.203.112.168; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPHZaP6_506UFUMBcQoAwTI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4ABB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMDM4OTczOTAzNTU2NzIwNg%3D%3D
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMDM4OTczOTAzNTU2NzIwNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLUDEOvo8AIYue_Q-AEwAQ&v=APEucNUO4pc3XTOX2Dj65g7tOmQBuQum41-KpKO9T3L8WLD606rowGDIZup7TDHAZhV4Kt9dtLlzr6KFZ_75fowQ5268MGYCuA
Protocol
H2
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
an-x-request-uuid
3b340778-7780-4b6d-9389-0d16add69445
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMDM4OTczOTAzNTU2NzIwNg%3D%3D
x-proxy-origin
66.203.112.168; 66.203.112.168; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3E04
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcdRxHvRRMExDXGd-FTJHM&google_cver=1
43 B
731 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcdRxHvRRMExDXGd-FTJHM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLUDEOvo8AIY9fXQ-AEwAQ&v=APEucNVkzwawfvVajvEQEJP5edZCylJi-cl8GTUerjgqkV9FnvDBoMZ2vFPanQ4iOpsdNd02fwIJ8OITqDAM6tMOBb-bE5LZ3Q
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9yuopnWiBo5ANnsRmFhFWRaguQlLBW8IAftRrF4TCE%2BWHuK%2BixwBgrcm64xlyLcOid1pfyzKLhErbh5f9jRq7RgdO7GATeImYmCMi9j1dSRjqjHMm3hU%2FDy25tcqNRn2xYOgHtcXfGbbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a719269804a96b-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcdRxHvRRMExDXGd-FTJHM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3E04
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYfcZ3bkFRWVIpw1Lo7ppAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcdRxHvRRMExDXGd-FTJHM&google_cver=1
43 B
736 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcdRxHvRRMExDXGd-FTJHM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLUDEOvo8AIY9fXQ-AEwAQ&v=APEucNVkzwawfvVajvEQEJP5edZCylJi-cl8GTUerjgqkV9FnvDBoMZ2vFPanQ4iOpsdNd02fwIJ8OITqDAM6tMOBb-bE5LZ3Q
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaX%2BMm32By4gKRdL5Z1%2F9KbBktBqN90Yy1pEGnvYrJHCvQGJYiQNZZAcQywQhsGxYQz0cCu%2BbRYOGQP6LDmNX%2BzO0mYjCKDHZUtH76UrKTcmAb0UaRPmyZ1s0DLq60GILKYZvI5qU0YnjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83a71927c8f4a96b-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcdRxHvRRMExDXGd-FTJHM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 3E04
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPHZaP6_506UFUMBcQoAwTI&google_cver=1
43 B
840 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPHZaP6_506UFUMBcQoAwTI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLUDEOvo8AIY9fXQ-AEwAQ&v=APEucNVkzwawfvVajvEQEJP5edZCylJi-cl8GTUerjgqkV9FnvDBoMZ2vFPanQ4iOpsdNd02fwIJ8OITqDAM6tMOBb-bE5LZ3Q
Protocol
H2
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
an-x-request-uuid
ccd0b068-75be-4d7a-9307-69c96d12ea1f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.168; 66.203.112.168; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPHZaP6_506UFUMBcQoAwTI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3E04
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMDM4OTczOTAzNTU2NzIwNg%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMDM4OTczOTAzNTU2NzIwNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLUDEOvo8AIY9fXQ-AEwAQ&v=APEucNVkzwawfvVajvEQEJP5edZCylJi-cl8GTUerjgqkV9FnvDBoMZ2vFPanQ4iOpsdNd02fwIJ8OITqDAM6tMOBb-bE5LZ3Q
Protocol
H2
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
an-x-request-uuid
0f58a748-9730-472f-8d25-6587140d619e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMDM4OTczOTAzNTU2NzIwNg%3D%3D
x-proxy-origin
66.203.112.168; 66.203.112.168; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.google.com/pagead/1p-user-list/11101175418/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/11101175418/?random=1703402598677&cv=11&fst=1703401200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9103646257&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.therecord.com%2F&frm=0&tiba=therecord.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_tHcfdPsbGRPCcTA6WoCHXYnNRG0g5w&random=603909812&rmt_tld=0&ipr=y
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/11101175418/
42 B
154 B
Image
General
Full URL
https://www.google.com.au/pagead/1p-user-list/11101175418/?random=1703402598677&cv=11&fst=1703401200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9103646257&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.therecord.com%2F&frm=0&tiba=therecord.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_tHcfdPsbGRPCcTA6WoCHXYnNRG0g5w&random=603909812&rmt_tld=1&ipr=y
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame A9B9
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
394201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 17:53:18 GMT
expires
Wed, 18 Dec 2024 17:53:18 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6E79
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
319c5bb7f9c6f575305468bfd81610cde5bf8c5fc954f808657968b260d18242

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CA72
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10d61623b10c2a0df98e9151448c3e3a000545535316ce8f905599c3fbfda313

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
view
ad.doubleclick.net/pcs/ Frame 6E79
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsu51OAqZfKVxEP7OWh2Tv-_EwrSCre9jeTb0TPaKarXvKuxElpdIS7YvSYaG6a4kBDEi09cI4SbwE6zwXbKGKUdyHE8RlxPjEJFNvViJqSpoEYpJfya3XrSRX3PDMiuojhFVe2QFta-NzPR8KwuyIKzu_5mfg-SFZH6U4xk6eX4zvzifIPrjHbJO0Ecrw3Hdgg_UTlyRdnHsrMm7owvvl8LKuSzwyEiL9aFjkST0eXr6P5u3XRGoUrbnPs_2MlJ7Jh3Dw0Xrtv-ixAeENoVh-xAYs-qT9L8p_fZu5G2fQM2JKTMqEP89FB8Yk4ucV94pBHQY3eXh5f_PIhmtbrYBK46HptdIRPPf-c4K4lgtZ0T4jJAFEhVhHQL4EHE7OKSF5z6hR6p0vHkaEBXMiTDjeO6JuE-IwLeH2pgyHl43WE3nLowWcp7A880WFZ6yN4LvOQbM4E6ub_8J6MWM1nZaSXamDT0lr1f-itSJB2kf5BHdhZZCWE2cvjheVTxf0Bg6f_AzACjftBe2MPtekm_E4eWXPV9Tu-8n10Wlx-T348eW7qVIsVxI394ysNrwS2NSoIHlRE_YG1kmD46vyy7dMsS2IttTkcYXxj0o39s01ODGh8BVY2v8Hxa0dE4kI-Raspof76zyetrdslJTz2z172wBSGEOhhA_RVcWzEz3nL9816_bzWnzfhkDF8vOE4xENnB_MqMEkiSiQ3SVkhsG25Io_g1BWAgYIez670e_Us7vnMFPvBauQcqdJbOr56XYKIW2x56BCRQNfNSjkFcVZmToCAv1Npo3P7VW76iuqiblhVPGvcpw1rILde-WfutvCuhDWL-o2OdETEkJprETWRFsVL4chrr_f5c3M-U4un5X5cxtYp2dnwZt0wnJPj-Lvh2M9hKfftSrXSopSz7t0A2uQ4V0gIkE9dcHpf40sLqefT_uyRAGRIlyJ-zcXUptV4l9EAP1R-09DA9SVx-gnA-tO1OOg_nnNs-8prU-68SgiUrRv5TvOmsEIkXMKeIYkqJS2mjpSskt6ZTs96hV7NUhuIt9ii1ChyeTJcSWAWoF2GBPkRTdFBXhWKRrMWkTWX467KxMKOWw51660XLe8Bkz5nDULns-meVACzIDNA6Ktwu3lWLYme6Gs_CUnw8hlHTD2iLafJXAWVZpCJrSQtdULU3PVuv5DYTTmTsQpJI6yA5tHDZ9-yolsaZGafQoRvLehlTazLo1s1-AvvOg1MGmSfBqasFOluiLjCS0_XTM3qbkkQxs8IXTwXWVtA-Li47amNaCOjZkMfyaX02N7Ne1dP98vC1m63S19mudh7_Zn1-lk4pw-6IlwwYfaHPc0HLxoifk6_G32AnpeYpd_r0LD8mCxODF33U9KIpaBuHSbClqdLDQJTFTF_6D5pBb3qRnLt_1h2unGHW80wjtTjs7xEqy_ec2dtGasca4qjFoMLlPI0-rflRDz61bqWs0HCR0RzMHZHNRm98vACUVPJqwZAz6eb53Ok&sai=AMfl-YS7dSvNX7dTkZqrbc534-Uq2g5_k3Xrhlc89YR-40Yh0jnvsqoTfTkGuSd1ylN_6rTKxKdqRAtBrzV-QE2Ls2n2mcSW3kHfr4zG0ox25o81Na-GbgmlbWN3Y9j4z3nIzlCxk5J8VDhS7U5z0KwaHGxIf9Asc6l-GqsJFfFRvRQ-1PC3ltG--ZA52jsmcwt_5tqYmqhlLAtdk0G6fngG7LGhrJ4uwl7mi9jdgWj5OBXE2fgsVvGFac-xXSrcADT9hTGUW25umoJr14UNR0u0OL4_VLZ6yzaHnUNhjckenEG3PUeXymMmSSF5AIwR8j0dRcKiEvvtwCKwKj8jEYKOL1d3ZwE2WlociddB8kkKOEDRFhoCJc2ox-Ud1jM3F89sqim6Gncsmz7lTdofvltDfwDJ_7wO1VBGHpZ5PDeazrHJBny1cNQ83zYyksTdo3rWA65SVegkAIvF2Eq2MQmUxuYjTHWddttpbRDlL21Z4sJ1tAOvSPTutOu-oAY7m5heFYaZ7ieo7ft8&sig=Cg0ArKJSzI8v0Y9mlEcREAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vZmZpY2V3b3Jrcy5jb20uYXU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=434&vt=11&dtpt=433&dett=2&cstd=0&cisv=r20231207.92592&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame CA72
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsssdDPG-1m0l3OLUKZYf5sEucz0dS8gBKEIZvtjcahsa2vFFUJUR0UkeJ6-pS37tRO4Vkln5K-Eduh0OL5BTmo1h23sGbxTtQyWS4B6K8wEEWAf-scG87HeIjdMCjNEoUSMO57EMvyY6ZFLNOIKvAhWlRUds-inNF3n25wZrEN7l7KiY_2jFEz03ASfMQ1uHqNaP7q51YHktmHOxM8nWa7ApN7fHpyn4zq991OaOc3UblEotwGiZFQZz65uScHIO2DbtDqv0P5NzeTPv8FqvCv_agxy-zzBNJcRrX1-a3NDVGic6nXcyDy_sBxJ1hyFvezbdVWDvLv1blm9jWR9XoZMSVRXSduEFsAYnZX1JzT1M6SxDw0W9-tkY8OD1SKB_TbF6zl6bkqhUU9XQZt8uFKQYCkilURKfY5IoojRnAYsDgnidTs59LB1jAppg1-AgCjEjOPAydhxgR_yavZkEBERCNBYL4On0dQ2dMG2MeSdW2Y55l-0mIncwS93z9HJiicxgZwaFirTNzBUZ7AcfhLiVzt98CIJ1CQ-N7YecUlT82xzh0dfYyZZz0AKG1hTHW8EyfO2KemhE7LEccpoDHQ-LeiP5DfKIZtUsCrBaRj2CpdTutDcOZBW_BFL1JjnvZUjyt0JcQmeGAlYBJBOfMVsmsRBAv91goh_kT7DQrYdNfky9n3NfXGhuh3DANp6e34ad2tQATd6NyJ4a-KCEkakPe37SzNa4HVsG8nDiYAjJ6XwbC6z5fNa0ESfONdoyt_yxWCkTuqY0uQFIWO1PECGxfQIcOa8tjW2-F60EJ2US-DjsrrqKErqWktiNIUdKGeFei3JdTaeN1pkJfCKBQOtTvW5YO3SJnL4h5WN1du4vFzgboQ5kPLnGksfx1YgP1H6ro-paCiPADL-m_YzD3x11PA2aT4Qj9C2RMWgbgg7M-ZD1Y270nklFhLVWD5gNLUllGohS-kxx0kRs9y7kzoKK9k7UWI_F2_GNCNBgzabEJIFdp5kZYc5M5qw_cBrS36AbqirHrvKtE4AnV7h4Qewi6NoQbQM-ppHzmNsOo7tlUvjvUBhQAgIty_JQUsKiWP-CZWNSu3WsW98vcTLmejZ1r2hn7lTTFUGnPBiMdOcCQhuXHrvRr8DFP1-ITzDPkH-J-VTftCYdhDsedz_cI5O63QgsN906G36o2H_yWypFFPyXJj98FjnXWHYrXE74D-D1or2K4nnHAbb3rCI0_hnsfXhEB8ZBPd0iLhXpxn5eWcXrALsz3sEwv7_FrKDV9HTQb4V5ik5ZjFJHFJZ7fNhyMkhyjtRxRaLOYf0KYOU9mTyo0Gc3-0_cIESPjFAu9TNr9JuRk1NenjuWPYZQkCr5m7sB9MEPrsuUW6BSarEfmkPUDOZDPPfQQ3mexcoJDvxuBMmfCwxcgf5E21mfTCYecDXaYbKolMRf7m9Ze2VKnN_stCEyufuw-TcU4W2m0DSPTORuvAjuhINko7l7V0b18MlPsjbbfZ_Tae-BQ&sai=AMfl-YSVyJxyyqMikDbjM1loDD9adUm4yBtaDwRy9Xyu6vT_UFKYR9jzlicHC98UUn6z-vdDYDfNYvYWltkayi8clClVdKuVx83Ydg8MqHkuvNNH-vy1uLMbuYXjxq0wFkz8stOV-F4v03Mub1qWNVVFHOLK8io2-ZBrVCmVv6Gn8yCDG_VFnHixEbAQ8Lez6_LhuQl1xIBSAvREBVokhLh-6ixQNR5ne27j1tXSmjPN5QCUdM0aynGKJ9ANKuPsSE26cGfbsEfJAe6IPgAeBV_8Bn0r9V7_VBYnvVSR6UWLLsB3ERECE7KCgIF6WijnoP5qfnzx5Ac1WQjoYnvwbm9t2zOaiUWtVn_q_zRbKS_LJm5WCt7UciBM9782S2TWIUw7NScsns2Skm2KW-KNLKL8EXCXpAyqz_lIEiGv2_2oN7d0gE9oYG7mXf0CGJd4xHqzcidHLC9fzu5oyh5Ao1at2m6_18-N2xB-d0bBb28f5gpZl9N3V4hQCkzOTiLU09glGMxh2EZccGoA&sig=Cg0ArKJSzG0GHP84dwuMEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vZmZpY2V3b3Jrcy5jb20uYXU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=304&vt=11&dtpt=302&dett=2&cstd=0&cisv=r20231207.12013&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame A989
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
394201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 17:53:18 GMT
expires
Wed, 18 Dec 2024 17:53:18 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame A9B9
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 00:07:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
285357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 00:07:22 GMT
collect
www.google-analytics.com/j/
3 B
209 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1621792161&t=pageview&_s=1&dl=https%3A%2F%2Fwww.therecord.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=therecord.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABAAQCACAAI~&jid=552562872&gjid=306287693&cid=2050425142.1703402598&tid=UA-54716522-7&_gid=132449253.1703402599&_slc=1&gtm=45He3bt0n71PDQV3Nv72758733&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.therecord.com%2F&cd15=3.155.0&cd16=No&cd17=Page%20View&cm1=3262&gcd=11l1l1l1l1&dma=0&z=2053751336
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.therecord.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
148 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54716522-7&cid=2050425142.1703402598&jid=552562872&gjid=306287693&_gid=132449253.1703402599&_u=YCDAgUABAAQCAGAAI~&z=580708896
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 24 Dec 2023 07:23:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.therecord.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame A989
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 00:07:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
285357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 00:07:22 GMT
/
match.sharethrough.com/jwumXNuB/v1/ Frame 6B7B
601 B
786 B
Document
General
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.189.155 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-189-155.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
3f1a6909352fd3ff2f2bb5f6b8f7a89d6e4f1e9dbcf0fa2e322682472c8d6801

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
601
date
Sun, 24 Dec 2023 07:23:19 GMT
cm
u.openx.net/w/1.0/ Frame DC94
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
714 B
752 B
Document
General
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d3015f02f36368dc6e59cefb6e20c6e58e477b1346dee10a62cfef7cb475c960

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
428
content-type
text/html
date
Sun, 24 Dec 2023 07:23:19 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 24 Dec 2023 07:23:19 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame A358
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-65-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Dec 2023 07:23:19 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame DD3F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=7721964774499555086&ex=appnexus.com
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=7721964774499555086&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 07:23:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
PJ43JYT9T0GP67MDTJ93

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
a1e40396-fd64-4d96-86c1-6b6cf57a2d42
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 07:23:19 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=7721964774499555086&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
66.203.112.168; 66.203.112.168; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame A358
45 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-65-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
05d76563774bc6cd0c16bcddb7ce913fb7f5be83d2c1b0980931eb8c6e4a3494

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 07:23:19 GMT
Content-Encoding
gzip
Last-Modified
Sun, 24 Dec 2023 02:11:09 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=67683
Connection
keep-alive
Content-Length
13201
Expires
Mon, 25 Dec 2023 02:11:22 GMT
khaos.json
token.rubiconproject.com/ Frame A358
7 B
778 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
js
www.googletagmanager.com/gtag/ Frame 058A
220 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
5dc12c6411f8ec0a19c4b7cb4ecca2141582795098a0c58c89ec2de0d618384e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80254
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 24 Dec 2023 07:23:19 GMT
WidgetTemplate2.min.css
cdn-p.cityspark.com/cdn/widget/ Frame 058A
4 KB
2 KB
Stylesheet
General
Full URL
https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate2.min.css?v=2
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e1d39256faa607df65dd15fb254dd774699293492ac06bdbdd800b73967d3334
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 24 Dec 2023 09:23:19 GMT
date
Sun, 24 Dec 2023 07:23:19 GMT
content-encoding
gzip
strict-transport-security
max-age=0
last-modified
Fri, 01 Dec 2023 16:43:43 GMT
server
Microsoft-IIS/10.0
etag
"1da24758b700641"
x-powered-by
ASP.NET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=7200
x-proxy-cache
HIT
jquery@3.1.0(jquery.slim.min.js),velocity@1.2.3(velocity.min.js+velocity.ui.min.js)
cdn.jsdelivr.net/g/ Frame 058A
115 KB
40 KB
Script
General
Full URL
https://cdn.jsdelivr.net/g/jquery@3.1.0(jquery.slim.min.js),velocity@1.2.3(velocity.min.js+velocity.ui.min.js)
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c8309b85a5fc59eab6c75b425f32f89d070fcdfa9498fa3e9eff23fdcbb61a1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 07:23:19 GMT
age
1633962
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
40153
x-served-by
cache-fra-eddf8230069-FRA, cache-bne12528-BNE
etag
W/"1ca18-fw6ZPglKViimyicfOtWQPF7WA8s"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.fireSlider.min.js
cdn-p.cityspark.com/cdn/js/ Frame 058A
13 KB
5 KB
Script
General
Full URL
https://cdn-p.cityspark.com/cdn/js/jquery.fireSlider.min.js
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d19425f20bfe1ea505166a8841b2232c795ff72b1c8a34f10a743db915f7494d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 24 Dec 2023 09:23:19 GMT
date
Sun, 24 Dec 2023 07:23:19 GMT
content-encoding
gzip
strict-transport-security
max-age=0
last-modified
Fri, 01 Dec 2023 16:43:43 GMT
server
Microsoft-IIS/10.0
etag
"1da24758b703d53"
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=7200
x-proxy-cache
HIT
rad.js
cdn-p.cityspark.com/cdn/js/ Frame 058A
5 KB
2 KB
Script
General
Full URL
https://cdn-p.cityspark.com/cdn/js/rad.js
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e03ea88e5149801458dd9cabf62c8871cc27687d7d8a6a0fc2ff59ef434cb645
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 24 Dec 2023 09:23:19 GMT
date
Sun, 24 Dec 2023 07:23:19 GMT
content-encoding
gzip
strict-transport-security
max-age=0
last-modified
Fri, 01 Dec 2023 16:43:43 GMT
server
Microsoft-IIS/10.0
etag
"1da24758b701aea"
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=7200
x-proxy-cache
HIT
p-uq0GLFySb_d1T.gif
pixel.quantserve.com/pixel/ Frame 058A
35 B
373 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-uq0GLFySb_d1T.gif
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
thirdpartycookie
api.viafoura.co/v2/www.therecord.com/
45 B
649 B
XHR
General
Full URL
https://api.viafoura.co/v2/www.therecord.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-167-202.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-instance-id
i-019f1caace51caa33
pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.therecord.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sun, 24 Dec 2023 07:23:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A9B9
0
58 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BdsQwZtyHZZjMFL25ssUPuZyc8AQAAAAAOAHgBAI&bg=!HB-lH1DNAAY3kmNgF5I7ADQBe5WfOPVwFUytcKasRtWruMKsKsheq9ARawn9wOy0mOQvpQp84HuEp8BqIr9DbF5-oqnpAgAAANlSAAAAA2gBB5kDR0OBKndVIBiYcHQ_Uanm2SYGvN-u07J6OEoBBdzIyMezhMPv5HD4KEfJnJSC9HcC9n6J08Ur4jKmTnv9uHM6b-c-ndGghvH9itdBfKQRSqk12UvMOlN1soLFUHPlzbJsbbfrrlSO90ixB8c8bHJfgJRCyr-3sVlZv491YNY1zo8qDT2e124fK1HJobQVapc9TMpB75KMTwSxJ_q7lPN7jAkssbqCxozG7kWeUQOBfPmpj8quqTHW_Zw1Zg-h0-1eYFyHuri0XTkDWUziDTpLzgXJidDfTP-UBMVpL64dkaZF807_uuek4P4fWRIhNNy0hXjcjtmFVq6r9-dkLB5avTS8_APfRoeBCAp7UkTRM7VbfOGrNHzJj0L84On9ICSBkRMaH-DeP_Q8j3Rh-eKy6IZEv4geliDV1Zz1f12leAbgIoo9kPidZ2OSMFA6jGMXaTBHhrU7pXIW_rZmU01RxC0NdQLb3xcMAggSn3GXYVPd8sIBDIghVBUyzohQ2QqdcrVQK2-PV6-yOP7wozPL77y3bvA3zCspHGYECEiYxqr3YCZls7XOD5Di3QlgwPYwzLyUlEmN-r4woDz6TXzaIwFs51BlwjuhY86AwKyemjyO25FGVPFOZY6pc3qGxqvLqy0R5I9Mxu__OYzLR3zOcYJ3nZRu-U8FSRWKxtL6edvFvZn9FcoskCgdiIP8NeapFxy1Hv1ZVxT2yWMKWWSZmvoDE9tTlso527W5-1pN8pQNZ_UWnDXG-vvlp9coiKgTv8x2jpKvrUMNz6Tnab4zf-FZZhQN4-VmXZuxz94uB11GLcar3ryZlymVXtzzGkxqGcJM_rWBm1Q1k51VnMzXk-IK2LLTTUZadgBoOQjOvOa5PqkcjwtM0FPh3NYgy6ZCZrC8zaqJHKNSnWVJCkqIdPnbg3P-5Erre0fwMElpUmxHF5UBx8i82kZmVQc0-iEWeLhjmMLEvY50Bn8dbFb5SwkF4DSxUUE-ij3K715W4SSEgceVBUJ5m5156UnKewwtFvPKvd3PNJjA7riZL7WZMtqMG_-_CjXmNJzfMTEHS-DfNaSeWkf2iearrSXBVE_6klDCUesoNvsndwPrwIkOE9IkcsW-qloH
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame DC94
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=8d1f8a47-b7fb-8e08-ad7d-d3ba5dc34be4
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 07:23:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QCZ2289A2F7Y62EZ3T3S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DC94
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=d5c9f63a-ab51-35f2-6d73-512d35f08004&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=d5c9f63a-ab51-35f2-6d73-512d35f08004&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=233b9c63-060b-4312-961b-642f1fa96fdd&ttd_puid=d5c9f63a-ab51-35f2-6d73-512d35f08004&gdpr=0&gdpr_consent=
43 B
314 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=233b9c63-060b-4312-961b-642f1fa96fdd&ttd_puid=d5c9f63a-ab51-35f2-6d73-512d35f08004&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=233b9c63-060b-4312-961b-642f1fa96fdd&ttd_puid=d5c9f63a-ab51-35f2-6d73-512d35f08004&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 07:23:19 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame DC94
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYfcZ8Co5s8AAJFQRjgAAAAA
43 B
97 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYfcZ8Co5s8AAJFQRjgAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Sun, 24 Dec 2023 07:23:19 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.168","key":"ZYfcZ8Co5s8AAJFQRjgAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1008"}
X-SO-Key
ZYfcZ8Co5s8AAJFQRjgAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad1008
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYfcZ8Co5s8AAJFQRjgAAAAA
Cache-Control
private
X-SO-HostName
m-ad1008.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
a-tgng40011.dc2p.scaleout.jp
X-SO-IP
66.203.112.168
sd
jp-u.openx.net/w/1.0/ Frame DC94
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ASGmiil13DFuks8AED41viTYBs8AAAGMmrT12w
43 B
97 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ASGmiil13DFuks8AED41viTYBs8AAAGMmrT12w
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
via
1.1 d464a17a20fc9cad7861828ec660c392.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SYD1-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ASGmiil13DFuks8AED41viTYBs8AAAGMmrT12w
cache-control
no-cache
content-length
0
x-amz-cf-id
oAmtNTYhES0m8GVSHA20PYf9VRf5fyWJ70D9WmqpkE5kIety1_BU1g==
expires
-1
pixel
cm.g.doubleclick.net/ Frame DC94
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjlhNjI1ZjAtNjIyNi02YjU2LTc4OTMtMGI5NGZmMTI0ZTY0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DC94
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPggUi7rPA5X2b1YASkmKyU&google_cver=1
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPggUi7rPA5X2b1YASkmKyU&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPggUi7rPA5X2b1YASkmKyU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A989
0
56 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BdhRwZtyHZZnMFL25ssUPuZyc8AQAAAAAOAHgBAI&bg=!2dql2pXNAAY3kmNgF5I7ADQBe5WfOCdiseDahrPRmvOcwfVOyiklW0ivtggAa_UYvL4GkWrd5RpKpF2sHW5pH5LR4vTqAgAAANpSAAAABGgBB5kDPVpQDMtxht6_3_ecAHQrNv-Pj7uEuuaoNCeONa6yESCnuV3QziXTWAy-TBld5sjRU1IarvCFzTwj2MxoGVAuOsMenZhGPlGLe8SmwJHZE9y2STZdLGrLkQDfOk9SzgbNA9YWd5oTo3Frp4g7p0YgbNGPWJYrcR06tEv4XZ8iKtbM9_JySIK8TqDJv2QyrTwje5hDYGtSH3FBHITrophU4oMnsgTaabZhEXnrq6gYbYxzc3k8MS_DdSoY_bsc9-7v3RbpAEOdVRNOHAMKDsivzQQjGubdOzFH3iA4LAJPbRAUB0Afk1uquhQ-BTp1XBU75wfFQCdHMPOWfwxKvZnmuMZQU3KCbPwbyZVaoUedbjvruWivU--3Enl46AB8lZX-PoZAGekWyZTw56gsStdLGnU8plMLQBx1fV_qtfr3vJBxVC_mrZRHsxC4zho1UUm0ZmAjKgji5bIUokOdazvljZaFHrrgLF99Flsw22UNCaZQ3DZTypZF9OBqIrDOe3wWKIVT-R9hFkIFB1bb_mPEdGYGPrGXa7GGdVtx_IGn3-NRpmnv8sQgBhUxQrNpEK3dnCKxjdDwpU8sIV5KgtQY89wJlHwj_GFtAQGuNb6_Ox6BUM-kU37VdL0dfD3KePAIeKnXgAUcDDK-OHgyv6HBdDwzCruVNFVCOQ18FnuU5prN1BkdaRimQrLl25y4xnhUG-T0suKX9wC7Yg4Sy0mwKVfqx-jKFmNYP0tGkYcctLUKXAEdNZq615yZfN1R6KeB3hpZHkGTvrTZ2BoKpIDHl3ZQk-Y-7l4N2ycq42MJjrMXlQRFu9T4FTv-r6Iz9q0wNxhYVLVdKPYnw5niSYveY7rEqsYKBy-hWF3MoCi0cAv9JNRZtQoh_5m6ClwWfepM3kY5uQ5MssKvprjc6THCYJGYIlH9YM_l5CztngGMQ-WM3H4VXhYNYjUpq8nB9rv22SecWj2vcYIoc7R_0aKCRFvRSey64_G9DbnGJMGFVB7Wnb5DZpmbkh5NnMY52A6lWRhD-9pbGsMVKHTFPkU9rA3IXNs1rkTC87aRaShXsiSccZI9oERYTtZRAbTHlDYO6zvVgqrp7zgetf-39HQ
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 058A
12 KB
938 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900,500
Requested by
Host: cdn-p.cityspark.com
URL: https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate2.min.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f10.1e100.net
Software
ESF /
Resource Hash
d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-p.cityspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Dec 2023 07:23:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 07:23:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Dec 2023 07:23:19 GMT
css
fonts.googleapis.com/ Frame 058A
7 KB
778 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700
Requested by
Host: cdn-p.cityspark.com
URL: https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate2.min.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f10.1e100.net
Software
ESF /
Resource Hash
b6619405f0e688e0427b0c83584e65d364e4490f4e96e3fd4ef10cf5d51f9849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-p.cityspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Dec 2023 07:23:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 07:08:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Dec 2023 07:23:19 GMT
intl-messageformat.1ffa056616fa00afbfc0.js
cdn.viafoura.net/chunks/defaultVendors~languages/
17 KB
5 KB
Script
General
Full URL
https://cdn.viafoura.net/chunks/defaultVendors~languages/intl-messageformat.1ffa056616fa00afbfc0.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-76.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42716b1e53a7779105575276cedc2e75677bc64e77b0a712bc0d48e2479abd98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:41 GMT
x-amz-version-id
HO9xTEwUA9XX7mdUyeB5zFlGyaHcZJoU
content-encoding
br
via
1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
832478
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:07:47 GMT
server
AmazonS3
etag
W/"1c693504509bdbb60c6776720954c7c1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
7DlJbebhp1YvTVXt57sya49K4ERQ-VjvoeOeIwuCuOny03JHdMk0fw==
intl-messageformat.bba378369051b3ea02d6.js
cdn.viafoura.net/chunks/languages/
135 B
616 B
Script
General
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.bba378369051b3ea02d6.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-76.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af979786c73f4c25357e6528bb264f3dffae203ec6ff1adced8b57c3532f6d4b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:09:28 GMT
x-amz-version-id
UzLWjcfYom6uexWyVPi6r3Nw71PzbVar
via
1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
832431
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Thu, 14 Dec 2023 16:07:56 GMT
server
AmazonS3
etag
"41f960d448b03a594d459a897779ddf6"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Tmfu7g8RZ9ztakOOigdmuiffhGjTDcvTbAZgL9O1uKbC_z0wAK9iMg==
en-us-base-json.22dd055f6ebc67a95f1d.js
cdn.viafoura.net/chunks/languages/
19 KB
5 KB
Script
General
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.22dd055f6ebc67a95f1d.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-76.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2d2f5d052658ef5589fe450a8654dbeb88d97511ce36f21f1c3bb3b38fa3c24

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:41 GMT
x-amz-version-id
eMLa6OOnuDbIY213u_T07FIUE3Zk08lX
content-encoding
br
via
1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
832478
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:01 GMT
server
AmazonS3
etag
W/"dfb5516fd649a383d34843bb4b99126e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
bf3UwD9pIBpWWMag876hbKJyWGmlU7G0YjD3shzce2_53dgMh6MRtg==
ingest
i.viafoura.co/v3/www.therecord.com/
67 B
393 B
Ping
General
Full URL
https://i.viafoura.co/v3/www.therecord.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.71.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-71-155.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.therecord.com
date
Sun, 24 Dec 2023 07:23:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ Frame 058A
0
56 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-39CWM68PTE&gtm=45je3bt0v9122458175&_p=1703402599560&gcd=11l1l1l1l1&dma=0&cid=165503187.1703402600&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2Fwidget%2FRecord%2F10913%2FWaterloo%20Region%20Events%20%2F2a5565a6480a6437a%2F&sid=1703402599&sct=1&seg=0&dl=https%3A%2F%2Fwww.therecord.com%2F&dr=https%3A%2F%2Fwww.therecord.com%2F&dt=Waterloo%20Region%20Events&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.page_hostname=p.cityspark.com&tfd=332
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.therecord.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 058A
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.therecord.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 09:42:36 GMT
x-content-type-options
nosniff
age
423643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 09:42:36 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 058A
50 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.therecord.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 12:26:14 GMT
x-content-type-options
nosniff
age
154625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Dec 2024 12:26:14 GMT
icomoon.woff
cdn-p.cityspark.com/cdn/widget/fonts/ Frame 058A
2 KB
2 KB
Font
General
Full URL
https://cdn-p.cityspark.com/cdn/widget/fonts/icomoon.woff?-35bf
Requested by
Host: cdn-p.cityspark.com
URL: https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate2.min.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate2.min.css?v=2
Origin
https://www.therecord.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 24 Dec 2023 09:23:20 GMT
date
Sun, 24 Dec 2023 07:23:20 GMT
strict-transport-security
max-age=0
last-modified
Fri, 01 Dec 2023 16:43:43 GMT
server
Microsoft-IIS/10.0
etag
"1da24758b700e5c"
x-powered-by
ASP.NET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=7200
accept-ranges
bytes
content-length
2012
x-proxy-cache
HIT
skeleton.js
static.adsafeprotected.com/ Frame 6E79
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1678003/76662699/skeleton.js?adsafe_url=https%3A%2F%2Fwww.therecord.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.therecord.com%2F&adsafe_type=e&adsafe_url=ht...
  • https://static.adsafeprotected.com/skeleton.js
17 B
465 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
18.244.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-125.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 02:11:42 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 7668594243430279f10ff22912314ba4.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
8917899
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
HT5qLhAoTKq8vUORVcEeivBZxsSeV_mKhr6R_bwlsr9hGHgkpiN8QA==

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:19 GMT
server
nginx
x-server-name
app10.au.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame EE61
91 KB
92 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-125.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 09:26:44 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 7668594243430279f10ff22912314ba4.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
24962197
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
oQf6n0-smk8GksGq2l7F7rujwmSoOtVQFWevnme-Fxd_eW4PPDx6hQ==
ecm3
s.amazon-adsystem.com/ Frame 6B7B
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=2425d2a7-8f10-4d4c-b74b-e6db70c4b2d8
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 07:23:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0GSEBQVF027ZY7S5XB34
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 6B7B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=MjQyNWQyYTctOGYxMC00ZDRjLWI3NGItZTZkYjcwYzRiMmQ4
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.74.189.155 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-189-155.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:20 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 6B7B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=233b9c63-060b-4312-961b-642f1fa96fdd&gdpr=0&gdpr_consent=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=233b9c63-060b-4312-961b-642f1fa96fdd&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.74.189.155 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-189-155.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:20 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=233b9c63-060b-4312-961b-642f1fa96fdd&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 07:23:20 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 6B7B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=15&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-b5741e3a-2fb1-50ea-7fd0-adaa454b4b1f$ip$66.203.112.168&gdpr=0&gdpr_consent=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-b5741e3a-2fb1-50ea-7fd0-adaa454b4b1f$ip$66.203.112.168&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.74.189.155 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-189-155.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:20 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-b5741e3a-2fb1-50ea-7fd0-adaa454b4b1f$ip$66.203.112.168&gdpr=0&gdpr_consent=
Date
Sun, 24 Dec 2023 07:23:20 GMT
Connection
keep-alive
Content-Length
201
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame 6B7B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQJ5XEJH-V-3EA&gdpr=0
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQJ5XEJH-V-3EA&gdpr=0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.74.189.155 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-189-155.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:20 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQJ5XEJH-V-3EA&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Expires
0
dt
dt.adsafeprotected.com/ Frame 6E79
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1678003&asId=b235abd9-925e-061d-39eb-db5b1a07ffb0&tv=%7Bc:xJc5Ay,pingTime:-3,time:1099,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1055%7D,%7Bpiv:0,vs:o,r:l,t:1098%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1099,n:1098,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1055,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B75~1,0~0%5D,as:%5B75~728.90%5D%7D%7D,%7Bsl:o,t:1098,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZl5I67+11%7C12%7C1311%7C1312%7C1313%7C1314%7C14%7C15*.1678003-76662699%7C151%7C152%7C161%7C162%7C17,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:1058%7D&br=c
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.20.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-20-216.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:20 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 6E79
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1678003&asId=b235abd9-925e-061d-39eb-db5b1a07ffb0&tv=%7Bc:xJc5AA,pingTime:-6,time:1101,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1101,n:1098,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1055,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B75~1,0~0%5D,as:%5B75~728.90%5D%7D%7D,%7Bsl:o,t:1098,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZl5I67+11%7C12%7C1311%7C1312%7C1313%7C1314%7C14%7C15*.1678003-76662699%7C151%7C152%7C161%7C162%7C17,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:1058%7D&tpiLookup=ao:www.therecord.com*&br=c
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.20.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-20-216.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:20 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 6E79
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1678003&asId=b235abd9-925e-061d-39eb-db5b1a07ffb0&tv=%7Bc:xJc5Bc,pingTime:-2,time:1139,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:63,bdZ:92,beA:94,beZ:95,mfA:1115,cmA:1117,inA:1117,inZ:1121,prA:1121,prZ:1142,si:1152,poA:1153,poZ:1168,cmZ:1168,mfZ:1168,loA:1196,loZ:1200,ltA:1233,ltZ:1233,mdA:96,mdZ:1045%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1055%7D,%7Bpiv:0,vs:o,r:l,t:1098%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1139,n:1098,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1055,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B75~1,0~0%5D,as:%5B75~728.90%5D%7D%7D,%7Bsl:o,t:1098,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZl5I67+11%7C12%7C1311%7C1312%7C1313%7C1314%7C14%7C15*.1678003-76662699%7C151%7C152%7C161%7C162%7C17,idMap:15*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:1058,sinceFw:80,readyFired:true%7D&br=c
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.20.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-20-216.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:20 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
skeleton.js
static.adsafeprotected.com/ Frame CA72
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1678003/76662696/skeleton.js?adsafe_url=https%3A%2F%2Fwww.therecord.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.therecord.com%2F&adsafe_type=e&adsafe_url=ht...
  • https://static.adsafeprotected.com/skeleton.js
17 B
465 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Server
18.244.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-125.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 02:11:42 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 7668594243430279f10ff22912314ba4.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
8917899
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
c-VsfUx7J5AeOBllqsot51JK_DVhsqw5wv4DtxL5TNbnzIMqlVZKog==

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:20 GMT
server
nginx
x-server-name
app02.au.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 1CCF
91 KB
92 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-125.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 09:26:44 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 7668594243430279f10ff22912314ba4.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
24962197
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
NMS1u-I2kjKxFUUOKfl_G8ILhISWuZ7vtjYLKovU3BjLNXOTQ7JE-Q==
dt
dt.adsafeprotected.com/ Frame CA72
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1678003&asId=e7536173-348d-2001-5e87-46de5d4c16b1&tv=%7Bc:xJc5BR,pingTime:-3,time:1055,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:1040%7D,%7Bpiv:0,vs:o,r:l,t:1055%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1055,n:1055,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1040,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~300.600%5D%7D%7D,%7Bsl:o,t:1055,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZl5I88+11%7C12%7C1311%7C1312%7C1313%7C1314%7C14%7C151%7C152%7C153%7C16*.1678003-76662696%7C161%7C162%7C17,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:1041%7D&br=c
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.20.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-20-216.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:20 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame CA72
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1678003&asId=e7536173-348d-2001-5e87-46de5d4c16b1&tv=%7Bc:xJc5BS,pingTime:-6,time:1056,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1056,n:1055,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1040,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~300.600%5D%7D%7D,%7Bsl:o,t:1055,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZl5I88+11%7C12%7C1311%7C1312%7C1313%7C1314%7C14%7C151%7C152%7C153%7C16*.1678003-76662696%7C161%7C162%7C17,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:1041%7D&tpiLookup=ao:www.therecord.com*&br=c
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.20.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-20-216.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:20 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame CA72
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1678003&asId=e7536173-348d-2001-5e87-46de5d4c16b1&tv=%7Bc:xJc5BX,pingTime:-2,time:1061,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:50,bdZ:59,beA:78,beZ:80,mfA:1109,cmA:1110,inA:1110,inZ:1111,prA:1111,prZ:1117,si:1119,poA:1120,poZ:1129,cmZ:1129,mfZ:1129,loA:1134,loZ:1135,ltA:1139,ltZ:1139,mdA:80,mdZ:1049%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:1040%7D,%7Bpiv:0,vs:o,r:l,t:1055%7D,%7Bpiv:5,t:1058%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1062,n:1055,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1040,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~300.600%5D%7D%7D,%7Bsl:o,t:1055,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:5,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0,4~1%5D,as:%5B7~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZl5I67+11%7C12%7C1311%7C1312%7C1313%7C1314%7C14%7C15.1678003-76662699%7C151%7C152%7C153%7C16*.1678003-76662696%7C161%7C162%7C17,idMap:16*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:1041,sinceFw:20,readyFired:true%7D&br=c
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.20.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-20-216.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:20 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 6E79
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1678003&asId=b235abd9-925e-061d-39eb-db5b1a07ffb0&tv=%7Bc:xJc5E6,time:1319,type:e,im:%7Bimprf:%7Bttecl:1326,ecd:232,tsecr:4%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:179,o:1140,n:1098,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1055,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B75~1,0~0%5D,as:%5B75~728.90%5D%7D%7D,%7Bsl:o,t:1098,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~728.90%5D%7D%7D,%7Bsl:i,t:1140,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B179~100%5D,as:%5B179~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZl5I67+11%7C12%7C1311%7C1312%7C1313%7C1314%7C14%7C15*.1678003-76662699%7C151%7C152%7C16.1678003-76662696%7C161%7C162%7C17,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:1058,sis:1294%7D&br=c
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.20.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-20-216.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:20 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ecm3
s.amazon-adsystem.com/ Frame A358
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LQJ5XE5R-15-BRU0
  • https://s.amazon-adsystem.com/ecm3?id=LQJ5XE5R-15-BRU0&ex=d-rubiconproject.com&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQJ5XE5R-15-BRU0&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 07:23:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0D2PZ0V8BE0RJ046654A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQJ5XE5R-15-BRU0&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
dt
dt.adsafeprotected.com/ Frame CA72
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1678003&asId=e7536173-348d-2001-5e87-46de5d4c16b1&tv=%7Bc:xJc5FM,time:1298,type:e,im:%7Bimprf:%7Bttecl:1297,ecd:227,tsecr:0%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1298,n:1055,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1040,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~300.600%5D%7D%7D,%7Bsl:o,t:1055,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:5,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0,240~1%5D,as:%5B243~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZl5I67+11%7C12%7C1311%7C1312%7C1313%7C1314%7C14%7C15.1678003-76662699%7C151%7C152%7C153%7C16*.1678003-76662696%7C161%7C162%7C17,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:1041,sis:1269%7D&br=c
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.20.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-20-216.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:20 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dcm
aax-eu.amazon-adsystem.com/s/ Frame A358
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 07:23:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AW2W84M1D88QV3A476W6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A358
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFKNVhFNVItMTUtQlJVMA==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJW11XptlsnqubILnYHa2eg&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFKNVhFNVItMTUtQlJVMA==&google_push=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFKNVhFNVItMTUtQlJVMA==&google_push=
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFKNVhFNVItMTUtQlJVMA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4290507b7388fb86809e552482e2fff0
Expires
0
ecm3
s.amazon-adsystem.com/ Frame A358
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2quoDjWjRFCoHmL8g9rOMA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2quoDjWjRFCoHmL8g9rOMA
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2quoDjWjRFCoHmL8g9rOMA
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 07:23:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RB6B5VA9QV9P1V2E2MTN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2quoDjWjRFCoHmL8g9rOMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e2b6b837307e4a2cb84d126fbaf2cea2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame A358
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQJ5XE5R-15-BRU0
0
514 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQJ5XE5R-15-BRU0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:20 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: AB9263B93A7C471FBBBCDC5DCA97847B Ref B: SYD03EDGE1113 Ref C: 2023-12-24T07:23:21Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNPFLzN1Tm3zJIfUnqaQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQJ5XE5R-15-BRU0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A358
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=233b9c63-060b-4312-961b-642f1fa96fdd&gdpr=0&gdpr_consent=&expires=30
42 B
844 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=233b9c63-060b-4312-961b-642f1fa96fdd&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=233b9c63-060b-4312-961b-642f1fa96fdd&gdpr=0&gdpr_consent=&expires=30
date
Sun, 24 Dec 2023 07:23:20 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame A358
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjNhYjMzODZhN2RjMDQyYmI3NTlmMWQ3OGZjNzc3YzIyM2ViMjUyZQ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjNhYjMzODZhN2RjMDQyYmI3NTlmMWQ3OGZjNzc3YzIyM2ViMjUyZQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjNhYjMzODZhN2RjMDQyYmI3NTlmMWQ3OGZjNzc3YzIyM2ViMjUyZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A358
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMmtKEbbKQ_rCxYY1oM83O0&google_cver=1
42 B
844 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMmtKEbbKQ_rCxYY1oM83O0&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMmtKEbbKQ_rCxYY1oM83O0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame A358
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LQJ5XE5R-15-BRU0&ex=d-rubiconproject.com&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQJ5XE5R-15-BRU0&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 07:23:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GR0NYGT9E1GY5NPK7RPM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQJ5XE5R-15-BRU0&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
da1c8a4a3f9301c03fbeb7a6212a0a54
Expires
0
tap.php
pixel.rubiconproject.com/ Frame A358
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/kSZLGGPtPFUV4cJEmvp5ycn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kf9lA8dE2oJLyiP3F97DsEwBuvBDcqkgwgPddQ--~A
42 B
894 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kf9lA8dE2oJLyiP3F97DsEwBuvBDcqkgwgPddQ--~A
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 24 Dec 2023 07:23:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kf9lA8dE2oJLyiP3F97DsEwBuvBDcqkgwgPddQ--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame A358
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADqNE7LD7kAABYutNUDiQ&expires=30
42 B
894 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADqNE7LD7kAABYutNUDiQ&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADqNE7LD7kAABYutNUDiQ&expires=30
Date
Sun, 24 Dec 2023 07:23:20 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync
hb.yahoo.net/ Frame A358
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQJ5XE5R-15-BRU0&redir=true
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQJ5XE5R-15-BRU0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQJ5XE5R-15-BRU0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1ESnpBcXJoRTJ1SEZTTmp3d2ozLmhVYWpZZW9lXzI4d35B&ovsid=LQJ5XE5R-15-BRU0&dpid=58160
57 B
649 B
Image
General
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1ESnpBcXJoRTJ1SEZTTmp3d2ozLmhVYWpZZW9lXzI4d35B&ovsid=LQJ5XE5R-15-BRU0&dpid=58160
Protocol
H2
Server
23.1.240.43 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-1-240-43.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sun, 24 Dec 2023 07:23:21 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Sun, 24 Dec 2023 07:23:21 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1ESnpBcXJoRTJ1SEZTTmp3d2ozLmhVYWpZZW9lXzI4d35B&ovsid=LQJ5XE5R-15-BRU0&dpid=58160
date
Sun, 24 Dec 2023 07:23:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/sync/ Frame A358
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQJ5XE5R-15-BRU0
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQJ5XE5R-15-BRU0
Protocol
H2
Server
52.74.189.155 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-189-155.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:21 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQJ5XE5R-15-BRU0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d5ff5cea86970f029093dfe0a29d015
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame A358
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LQJ5XE5R-15-BRU0
0
451 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQJ5XE5R-15-BRU0
Protocol
H2
Server
131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:21 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQJ5XE5R-15-BRU0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d5ff5cea86970f029093dfe0a29d015
Expires
0
pixel
capi.connatix.com/us/ Frame A358
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LQJ5XE5R-15-BRU0&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LQJ5XE5R-15-BRU0&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B
Image
General
Full URL
https://capi.connatix.com/us/pixel?puid=LQJ5XE5R-15-BRU0&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83a71933ca0adfb3-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 24 Dec 2023 07:23:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LQJ5XE5R-15-BRU0&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83a719329942dfb3-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame A358
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQJ5XE5R-15-BRU0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ5XE5R-15-BRU0
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ5XE5R-15-BRU0&ckls=true&ci=vLrj3mSL0U&nc=false&trid=1626405410
43 B
1 KB
Image
General
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ5XE5R-15-BRU0&ckls=true&ci=vLrj3mSL0U&nc=false&trid=1626405410
Protocol
H2
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:22 GMT
via
1.1 909f00169c0be43b0eae99ab8e7a6126.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
EA-Vg53AB8lAM_AFrVs9tZ66aRy4ZHx7pGQSSnJLA0BPurjNSi79uQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:22 GMT
via
1.1 909f00169c0be43b0eae99ab8e7a6126.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ5XE5R-15-BRU0&ckls=true&ci=vLrj3mSL0U&nc=false&trid=1626405410
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
DaCYqt0kTjHF1hbgi2AH7ahRd1hruwQH_Q3IaRiG9B6_-kZSsEH8Xg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame A358
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LQJ5XEJH-V-3EA
  • https://ce.lijit.com/merge?pid=80&3pid=LQJ5XEJH-V-3EA&dnr=1
43 B
662 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQJ5XEJH-V-3EA&dnr=1
Protocol
HTTP/1.1
Server
209.191.163.210 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 07:23:21 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 07:23:21 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LQJ5XEJH-V-3EA&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 6E79
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1678003&asId=b235abd9-925e-061d-39eb-db5b1a07ffb0&tv=%7Bc:xJc5Ie,pingTime:-10,time:1575,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703402600474%7C%7Cd8b1919dfdccb59d77461b2cbfbb8c91%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7C1a40c0d7f0a7830c191055375cbcf0fa%7C%7Ca81e2de0bbcaa06e5e878a4201254304%7C%7Cb097c6a718ae5ccbb51d28e4a59a1668%7C%7C45bf7b37aba77b2cc485274fb76204f4%7C%7C106208c9a73abd57eb94b1de0e40a5cd%7C%7C1663701684%7D
Requested by
Host: a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
URL: https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.20.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-20-216.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:20 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 6E79
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZa4-NTyDEgfEP5KoyK1OWSFVYE-1MSBXKWmVRJQMdr0AaDD8bONqjEELNGbTz8MkPj_T57XsNQndmTycMIl-B69X0XtWWbzo42M9tB2AaFlre1GGidnsZQvEbLglNu7zHjwiJtBv0xHN2H0VnQfjEXBM6&sai=AMfl-YRSwZYyHBPI2JhivlxJhN3pTcVaLBw9-ya5CeaQuJEfnqIUnCAbmKXJSHxa99dD1JcjDj897eheZ1WFb5zMUFGocTdSFtu3QBM69DHQRxFIdupPlRNJCeWr6i3Tuy9oqaiamgJ89pI-JwKJZkgg4Q&sig=Cg0ArKJSzL9HQaYe4zIbEAE&cid=CAQSTwAvHhf_AWplsVQsKrftEcojqZ9Bgq60qNR6aoPrnSXzyt0KqU9ZXZTsDFgfQiQN_wg0x8ZMiGWmKfTWjDlCBuU7-LE1NKfdJc1G1osRi78YAQ&id=lidar2&mcvt=1000&p=21,436,111,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1973118403&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703402598804&rpt=890&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame CA72
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1678003&asId=e7536173-348d-2001-5e87-46de5d4c16b1&tv=%7Bc:xJc5Ne,pingTime:-10,time:1760,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703402600474%7C%7Cd8b1919dfdccb59d77461b2cbfbb8c91%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7C1a40c0d7f0a7830c191055375cbcf0fa%7C%7Ca81e2de0bbcaa06e5e878a4201254304%7C%7Cb097c6a718ae5ccbb51d28e4a59a1668%7C%7C45bf7b37aba77b2cc485274fb76204f4%7C%7C106208c9a73abd57eb94b1de0e40a5cd%7C%7C1663701684,sca:%7Bspg:b235abd9-925e-061d-39eb-db5b1a07ffb0%7D%7D
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.20.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-20-216.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:20 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 6E79
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1678003&asId=b235abd9-925e-061d-39eb-db5b1a07ffb0&tv=%7Bc:xJc5Rl,pingTime:1,time:2140,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1055%7D,%7Bpiv:0,vs:o,r:l,t:1098%7D,%7Bpiv:100,vs:i,r:,t:1140%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1140,n:1098,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1055,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B75~1,0~0%5D,as:%5B75~728.90%5D%7D%7D,%7Bsl:o,t:1098,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~728.90%5D%7D%7D,%7Bsl:i,t:1140,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:949,fm:tZl5I67+11%7C12%7C1311%7C1312%7C1313%7C1314%7C14%7C15*.1678003-76662699%7C151%7C152%7C16.1678003-76662696%7C161%7C162%7C17,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:1058,sis:1294%7D&br=c
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.20.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-20-216.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:21 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 6E79
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1678003&asId=b235abd9-925e-061d-39eb-db5b1a07ffb0&tv=%7Bc:xJc5Rm,pingTime:1,time:2141,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1055%7D,%7Bpiv:0,vs:o,r:l,t:1098%7D,%7Bpiv:100,vs:i,r:,t:1140%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1140,n:1098,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1055,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B75~1,0~0%5D,as:%5B75~728.90%5D%7D%7D,%7Bsl:o,t:1098,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~728.90%5D%7D%7D,%7Bsl:i,t:1140,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:949,fm:tZl5I67+11%7C12%7C1311%7C1312%7C1313%7C1314%7C14%7C15*.1678003-76662699%7C151%7C152%7C16.1678003-76662696%7C161%7C162%7C17,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:1058,sis:1294%7D&br=c
Requested by
Host: www.therecord.com
URL: https://www.therecord.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.20.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-20-216.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:21 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
a90a9bb2a9c6b2b49f1226ce75f8a1cd37808a1c1d8c08c123b19108e78254cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12223
x-xss-protection
0
js
www.googletagmanager.com/gtag/
256 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K9RSDEYFGG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSZQF8&gtm_auth=74eL4wQLYRNQ18AwQITlNA&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fab3a1efd87082eddcbffa35ff1ee804b5a930f1ad6565af891bd970200e3e9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88714
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 24 Dec 2023 07:23:21 GMT
js
www.googletagmanager.com/gtag/
256 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSZQF8&gtm_auth=74eL4wQLYRNQ18AwQITlNA&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f7b3574dbd08a7335e889c9627a674b28af8e4d538f26d13fbd341269a65c03d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89016
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 24 Dec 2023 07:23:21 GMT
collect
www.google-analytics.com/
35 B
132 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1621792161&t=timing&_s=2&dl=https%3A%2F%2Fwww.therecord.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=therecord.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=6339&pdt=388&dns=0&rrt=1601&srt=193&tcp=0&dit=2937&clt=2940&_gst=3177&_gbt=3614&_u=YCDAgUABAAQCAGAAIAB~&jid=&gjid=&cid=2050425142.1703402598&tid=UA-54716522-7&_gid=132449253.1703402599&gtm=45He3bt0n71PDQV3Nv72758733&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.therecord.com%2F&cd15=3.155.0&cd16=No&cd17=Page%20View&cm1=3262&gcd=11l1l1l1l1&dma=0&z=308326254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 09:15:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79700
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
6585cc5b97aa8.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/2/a3/2a30fd62-50cb-5761-a77c-d72d0940e93d/
33 KB
33 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/2/a3/2a30fd62-50cb-5761-a77c-d72d0940e93d/6585cc5b97aa8.image.jpg?resize=540%2C360
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15d1b32a1431f3f4e0001a1712a88072a7c8a070e0d5f216f574564d875d62e3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:21 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
3
cf-polished
origSize=33894, status=webp_bigger
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Dec 2023 17:50:19 GMT
server
cloudflare
x-vcache
MISS
etag
"d938748c66f0ec8185d8639ee81f69f2"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
83a71930e829572c-SYD
expires
Sat, 21 Dec 2024 17:58:34 GMT
658480fe89356.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/7/bc/7bca325b-2bba-5847-8657-ea94732c29e3/
13 KB
13 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/7/bc/7bca325b-2bba-5847-8657-ea94732c29e3/658480fe89356.image.jpg?resize=540%2C360
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6452e5a90daf2103a7be44b0bff2582aff8aba215230ade8eeea645f75e8851f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:21 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
3
cf-polished
qual=85, origFmt=jpeg, origSize=17359
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="658480fe89356.webp"
content-length
13658
cf-bgj
imgq:85,h2pri
last-modified
Thu, 21 Dec 2023 18:16:30 GMT
server
cloudflare
x-vcache
MISS
etag
"ad2d21e96f4fda577c7addb3af766f92"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a71930e82c572c-SYD
expires
Fri, 20 Dec 2024 23:36:55 GMT
6585d5c81ba7c.image.jpg
bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/6/24/6246dc18-2db4-5fe6-aa3b-9a6a43f8ef64/
21 KB
21 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/therecord.com/content/tncms/assets/v3/editorial/6/24/6246dc18-2db4-5fe6-aa3b-9a6a43f8ef64/6585d5c81ba7c.image.jpg?resize=540%2C360
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/therecord.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a621427f325de9889cf216f562892e8207ee324c9db08c9c91af73c3a6493cb5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:21 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
3
cf-polished
qual=85, origFmt=jpeg, origSize=26425
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="6585d5c81ba7c.webp"
content-length
21560
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Dec 2023 18:30:32 GMT
server
cloudflare
x-vcache
MISS
etag
"301f65190a791e76484efe2457144881"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
83a71930e82d572c-SYD
expires
Sat, 21 Dec 2024 18:50:45 GMT
collect
analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-6FZFMVVWVN&gtm=45je3bt0v873043922z89101115636&_p=1703402597083&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=2050425142.1703402598&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703402601&sct=1&seg=0&dl=https%3A%2F%2Fwww.therecord.com%2F&dt=therecord.com&en=page_view&_fv=1&_ss=1&ep.Page_Type=home&ep.Site_Type=core%20site&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Logged_In_Status=&ep.Asset_Alias=&ep.Source=web&ep.Primary_Category=home&ep.Author=&ep.Published_Date=&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&ep.Owner=therecord.com&ep.Primary_Publication=&ep.Asset_Id=&up.Torstar_User_ID=&up.Entitlement_Status=&tfd=6646
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.therecord.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
54 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6FZFMVVWVN&cid=2050425142.1703402598&gtm=45je3bt0v873043922z89101115636&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.therecord.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6FZFMVVWVN&cid=2050425142.1703402598&gtm=45je3bt0v873043922z89101115636&aip=1&dma=0&gcd=11l1l1l1l1&z=801270004
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-K9RSDEYFGG&gtm=45je3bt0v882319231z89101115636&_p=1703402597083&gcd=11l1l1l1l1&dma=0&cid=2050425142.1703402598&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703402601&sct=1&seg=0&dl=https%3A%2F%2Fwww.therecord.com%2F&dt=therecord.com&en=page_view&_fv=1&_ss=1&ep.Page_Type=home&ep.Site_Type=core%20site&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Logged_In_Status=&ep.Asset_Alias=&ep.Source=web&ep.Primary_Category=home&ep.Author=&ep.Published_Date=&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&ep.Owner=therecord.com&ep.Primary_Publication=&ep.Asset_Id=&up.Torstar_User_ID=&up.Entitlement_Status=&tfd=6682
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K9RSDEYFGG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 07:23:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.therecord.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 07:23:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7AFD
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.therecord.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
438780
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 05:30:21 GMT
expires
Wed, 18 Dec 2024 05:30:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0C0E
829 B
980 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f4.1e100.net
Software
GSE /
Resource Hash
c065dcd543b96dcc0432a82e72478eb8951c5b32d597689b673ec61b7bb14402
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NSt5EJQLslfVM8BBIJdOqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therecord.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-NSt5EJQLslfVM8BBIJdOqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 07:23:21 GMT
expires
Sun, 24 Dec 2023 07:23:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 7AFD
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 00:07:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
285359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 00:07:22 GMT
generate_204
tpc.googlesyndication.com/ Frame 7AFD
0
40 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?FMolCg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:23:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 0C0E
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=3665510631057375&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=3665510631057375&bg=!2tml2ZbNAAY3kmNgF5I7ADQBe5WfOAvbM67nwKK7ClDbO-j4TQB5Ff1zbeW4COnRmG_bnVlRg2BN8rKGGqHBVsATYT4IAgAAAERSAAAAA2gBBwoAGU_3JzMNwlkKNcsVRqA3h0M10_fncDZT2saZAunnVdiB_ytL-efbYusYC_SZfE1AKQPaGovK5nq4i1_cNy-HJrdINTtFNp09UAkF0vmXEng9NYJq8vLU6SEFkD1eQS3P9jlIM6tWgmr-SoJpF8SIsYFu97-9EBHJ0-r6ZvvKbS3BXqpXFv1TguCm82gNBa9mvRrEFIALV945uIQS2teu2UHNstLIBwakB93S2Th3giONFJLuwu2DUakDrd81NFirvK01Axx-TYvVxZzwN7beNUhTB2GI2alQ4KniybB66Gu7Ar1S1UlEwrhZRHWrKDn_1pBtUjSKTZFojEEGuM8MxOVQ9Bko1SPYept7J0ZV6aDgcfBVFAGuOp1mgvum7TNJT82A_jlD5Tm9sUXwyt-86iWjYepIHNMfGoVnCdyP3caGsWXlSbl-BI2hWlqv7VeaINElGP-J4U3GomsqdYT2kR0vHreAphb3HBhoGZDGXAS759Kw_STeQzBSOcTrRj1FqXdYzfiuKImyEEhCmHmEqsv0cBrDlKLlwf2uKT-owHx_rxdH8EU-O0eRARuSGdTP_Ylezy5DeU5UaThBzxMQ5u3dKBfRf5nWRwynE2svz5LtTriDUTQMKTqkWqfasjBBeGWdaFm8JrVU1KK2XMyKHWdx_9K4iTP7IyCFizHVOQ5hAdjHedaSePT_Lgfv_FMsNmfkH-kKRowzNOD6g_ibiq8OBkisxRsgLTFFWzQc1yK4VlaRdZvCrlTHweC9n07x5E-t7nz4xafdwO_-hvD3_q3lZvy8RHOAJDnbiWzbUUuLfb3-60CFTbyCWaoAzUlkT2HIvdgSabn66FmM0sy52dDCyneVhy8zNkbV71tfdqGfg8CdRIsVO6nX-dkWs1w99a1tT7XEqXLNSZ9fhw-ItAqrTKSFztbcCEtBZsnaJLU6h1lN1vs1b7kQHulGPonEQFB_ieqgWK2p2p4Z7nGU8gmYRXp1rgNa7C9-XhHwhgkrkvKxoQNTutT1TSoNGedZ07aTRgn2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.therecord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

events
api.permutive.com/v2.0/batch/
101 B
129 B
XHR
General
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
ac017552c6ae0b0b0f8c930ce673c1d77901d1e00312621b6e38e14f4befe23e

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 24 Dec 2023 07:23:22 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.therecord.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
metrics
api.permutive.com/v2.0/internal/
2 B
37 B
XHR
General
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by
Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.therecord.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 24 Dec 2023 07:23:23 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| documentPictureInPicture object| dataLayer function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| tnSaveAsset number| browserWidth string| cutpoint object| googletag object| gptAdSlots object| apstag object| liftigniter_config object| promo_design_config object| optable object| gs_channels function| receiveMessage function| initDomLoadedHandler string| environment object| authorListJSON string| authorProfileName string| authorScreenName string| authorProfileTitle string| authorProfileId object| adobeTokens string| userEntitlementStatus object| permutive object| _aps boolean| apstagLOADED object| apscustom function| TNStats_Tracker object| TNTracker function| handleUserLogout2841720 function| handleUserLogin2841720 function| handleUserLogout2841726 function| handleUserLogin2841726 object| allowedServicesTier1 function| handleUserLogout2841723 function| handleUserLogin2841723 function| getAbsoluteHeight boolean| isMobile function| stick_in_parent function| initGenericLogin function| genericLoginHandler function| handleSaveAsset object| AMP object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome string| $igniter_var function| $p object| vfQ object| viafoura object| vf object| cswidgetoverR object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager string| GoogleAnalyticsObject function| ga undefined| google_measure_js_timing object| _satellite boolean| __satelliteLoaded object| extensionGoogleDataLayer object| adobe function| Visitor object| s_c_il number| s_c_in undefined| hubPage object| webpackChunkli_browser_client function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| s string| keyLinkTrackVars number| x number| google_unique_id object| gaGlobal object| webVitals string| aReferrer string| aNewReferrer object| analytics object| gaplugins function| fbq function| _fbq string| janrainUUID string| loggedIn string| entitled string| siteLevelUserId string| hubLevelUserId number| scrollIncrement string| AMCID string| wordCount string| plan function| trackScroll object| PARSELY object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext string| sUserId object| GooglebQhCsO object| s_i_torontodnnlocal object| _comscore object| COMSCORE object| ns_p function| _typeof object| gaData object| GoogleGcLKhOms object| google_image_requests

86 Cookies

Domain/Path Name / Value
.therecord.com/ Name: permutive-id
Value: 2285a7c8-1ee2-4007-93b1-bd1f5a5cb182
.be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/ Name: pxid
Value: f1cb6d25-51b6-47fe-acdf-8cd5b12d6756
.therecord.com/ Name: _gcl_au
Value: 1.1.1475064986.1703402598
.therecord.com/ Name: _igt
Value: 8aad3584-86d8-4bdd-c894-c628d4d39243
.therecord.com/ Name: _ig
Value: 118dcc75-7616-43bc-ecef-94579eb03ee2
.demdex.net/ Name: demdex
Value: 55199463295850422351607168902819030798
.therecord.com/ Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg
Value: 1
.therecord.com/ Name: s_ecid
Value: MCMID%7C55191048256226655211603504608910802180
.therecord.com/ Name: ajs_anonymous_id
Value: c33ca2ae-0b94-42a9-9b43-2f3f3bbee998
.therecord.com/ Name: _ga_4T2EB147B8
Value: GS1.1.1703402598.1.0.1703402598.60.0.0
.therecord.com/ Name: s_cc
Value: true
.therecord.com/ Name: __gads
Value: ID=cc1286628570ba6e:T=1703402598:RT=1703402598:S=ALNI_MZ0t_hXb_-xaAP72CguigSEf5T9rA
.therecord.com/ Name: __gpi
Value: UID=00000cc083832a58:T=1703402598:RT=1703402598:S=ALNI_MaZ7TUehYtwMUu9jtdOWTxADQYFjg
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZYfcZgAAALBSywN-
.dpm.demdex.net/ Name: dpm
Value: 55199463295850422351607168902819030798
.therecord.com/ Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19716%7CMCMID%7C55191048256226655211603504608910802180%7CMCAAMLH-1704007398%7C8%7CMCAAMB-1704007398%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1703409798s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19723%7CvVersion%7C5.5.0
.officeworks.demdex.net/ Name: officeworks
Value: 55199463295850422351607168902819030798
.scorecardresearch.com/ Name: UID
Value: 1EA250c73dc5a359ae924041703402598
.therecord.com/ Name: _fbp
Value: fb.1.1703402599055.829687323
.therecord.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.therecord.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1703402599127%2C%22slts%22:0}
.amazon-adsystem.com/ Name: ad-id
Value: A8uANANPz0qCh1mFPeQVX4g
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.therecord.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=b87840583e0af81f6bd76eb12448a142%22%2C%22session_count%22:1%2C%22last_session_ts%22:1703402599127}
.doubleclick.net/ Name: IDE
Value: AHWqTUnrsZ1oGeLPEO3P_lHmcEQCOp_UQtBZ8YcTEEpqWV4GXcwJ84Y3EjPeIxwa
.therecord.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.casalemedia.com/ Name: CMID
Value: ZYfcZ3bkFRWVIpw1Lo7ppAAA
.casalemedia.com/ Name: CMPS
Value: 4842
.casalemedia.com/ Name: CMPRO
Value: 4842
.therecord.com/ Name: _gid
Value: GA1.2.132449253.1703402599
.therecord.com/ Name: _dc_gtm_UA-54716522-7
Value: 1
.openx.net/ Name: i
Value: 0665c963-02d6-0a05-37a5-99c551d7b3f9|1703402599
.viafoura.co/ Name: VfSess
Value: i6bu3avgufh6nl02hp1dq3qbs5
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?ko4_Lu!]tbPl1M>e)ZlrFUfJ+tGXvX+:t[wNAmPdgAkBU)^BbMPc45KIZsmrItDP6@3If)y3KL9D3I?+]_pj$m
.openx.net/ Name: pd
Value: v2|1703402599|jElYiuvOhI
.adsrvr.org/ Name: TDID
Value: 233b9c63-060b-4312-961b-642f1fa96fdd
.adnxs.com/ Name: uuid2
Value: 7721964774499555086
www.therecord.com/ Name: _vfz
Value: www%2Etherecord%2Ecom.00000000-0000-4000-8000-417219d1c834.1703402600.1.medium=direct|source=|sharer_uuid=|terms=
.therecord.com/ Name: _vfa
Value: www%2Etherecord%2Ecom.00000000-0000-4000-8000-417219d1c834.d88e771c-4c3c-43c4-babf-5b79bc63a586.1703402600.1703402600.1703402600.1
.therecord.com/ Name: _vfb
Value: www%2Etherecord%2Ecom.00000000-0000-4000-8000-417219d1c834.2..1703402600....
.openx.net/ Name: univ_id
Value: 537072971|233b9c63-060b-4312-961b-642f1fa96fdd|1703402599788369
.ladsp.com/ Name: cr
Value: 1
www.therecord.com/ Name: csparkW_ga_39CWM68PTE
Value: GS1.1.1703402599.1.0.1703402599.0.0.0
www.therecord.com/ Name: csparkW_ga
Value: GA1.1.165503187.1703402600
.sharethrough.com/ Name: stx_user_id
Value: 2425d2a7-8f10-4d4c-b74b-e6db70c4b2d8
.ladsp.com/ Name: smn_uid
Value: I7mZmJ3DcyilN1S25XbM6RA-Nb4k2AY
.ladsp.com/ Name: lum
Value: CNvr09XJMRIFCAMQ0AU
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzAzNDAyNTk5fQ
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIkLTAzeeWwjwQBRIWCgdydWJpY29uEgsIqLLm0OeWwjwQBRgBIAIoAjILCOSqw_r9lsI8EAU4AVoMc2hhcmV0aHJvdWdoYAI.
.quantserve.com/ Name: mc
Value: 6587dc68-4b581-5c8db-1e57c
.viafoura.co/ Name: vfDeviceId
Value: 723f1744-5456-4e53-9d75-0f24e1e9806b
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b5741e3a-2fb1-50ea-7fd0-adaa454b4b1f.ivsoAezQsI806Gvu4p8D0FDjH6b%2FiDjvWpYXJVhAEqo
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b5741e3a-2fb1-50ea-7fd0-adaa454b4b1f.ivsoAezQsI806Gvu4p8D0FDjH6b%2FiDjvWpYXJVhAEqo
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AtXQeOi-xUOp_0K2qRUtLH0LLcKg.lnNPVxEYSQ%2FzsFgID4QRI3qUt7ttkfRvuUkRV0sKmZk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AtXQeOi-xUOp_0K2qRUtLH0LLcKg.lnNPVxEYSQ%2FzsFgID4QRI3qUt7ttkfRvuUkRV0sKmZk
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIADsEBf4mdR8ZwI29eEMkVf56ZMwfS4zDcX21gXHv9X0EHwYBCDouJ-sBjABOgQ8w7t9QgRoyoVH.iuFZ7tjh8Ro9TxrNQd01pNDahIcX7s6QIQzBVzwsE%2Bc
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIADsEBf4mdR8ZwI29eEMkVf56ZMwfS4zDcX21gXHv9X0EHwYBCDouJ-sBjABOgQ8w7t9QgRoyoVH.iuFZ7tjh8Ro9TxrNQd01pNDahIcX7s6QIQzBVzwsE%2Bc
.bidr.io/ Name: bito
Value: AADqNE7LD7kAABYutNUDiQ
.bidr.io/ Name: bitoIsSecure
Value: ok
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.linkedin.com/ Name: bcookie
Value: "v=2&633a627c-3fc1-482f-826c-418b727fb2ab"
.linkedin.com/ Name: lidc
Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2920:u=1:x=1:i=1703402601:t=1703489001:v=2:sig=AQFGsA4h_s10mrQjeMgplQPMj7WKDZ_8"
.therecord.com/ Name: _ga_6FZFMVVWVN
Value: GS1.1.1703402601.1.0.1703402601.60.0.0
.therecord.com/ Name: _ga
Value: GA1.1.2050425142.1703402598
.therecord.com/ Name: local_ga_K9RSDEYFGG
Value: GS1.1.1703402601.1.0.1703402601.0.0.0
.therecord.com/ Name: local_ga
Value: GA1.1.2050425142.1703402598
.rubiconproject.com/ Name: khaos
Value: LQJ5XEJH-V-3EA
.connatix.com/ Name: cnx_userId
Value: 9753208e7c7f44e88998ffec9f17b749
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: b6d1e13f-88ee-4090-a7b3-eb99da91338d
.prebid.a-mo.net/ Name: sd_amuid2
Value: b6d1e13f-88ee-4090-a7b3-eb99da91338d
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2fs7:19e0~2fs7"
.hb.yahoo.net/ Name: visitor-id
Value: 3464042012890472000V10
.hb.yahoo.net/ Name: data-mag
Value: LQJ5XE5R-15-BRU0~~63
.lijit.com/ Name: ljt_reader
Value: H35bEQZHOgRb68MoRnuYsneO
.yahoo.com/ Name: A3
Value: d=AQABBGnch2UCEHU959HfxaGA8ecUcqRVbOAFEgEBAQEtiWWRZQAAAAAA_eMAAA&S=AQAAAgQ5QUChhHWgaxYzxrVnBuk
.lijit.com/ Name: _ljtrtb_80
Value: LQJ5XEJH-V-3EA
.rubiconproject.com/ Name: audit
Value: 1|VUHqYDM9hLxciLsTdAIrpCvObOkXll5ju/mJ9VcayZJTO7eyXS/fiIqfxZiiM7ZBQcYW+J9K4ORYuqoIiPk057iLOlCEhdvdIwGg2ko3XQg42+TBlZQRq1s7PoCMm1RrjbdT8TNLlXGXu2VazvDgFQIs4X5J+Y5r
.primis.tech/ Name: csuuid
Value: 6587dc6a6a3a9
.intentiq.com/ Name: intentIQ
Value: vLrj3mSL0U
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: IQPData
Value: 1120628904#1703402602865#0#1703402602865
.intentiq.com/ Name: intentIQCDate
Value: 1703402602866
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUekw1ajg4
.intentiq.com/ Name: ASDT
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12987815.fls.doubleclick.net
a5e046b1a6c10e5d03dc53f42ac11cd9.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.doubleclick.net
adservice.google.com
ampcid.google.com
ampcid.google.com.au
analytics.google.com
api.permutive.com
api.segment.io
api.viafoura.co
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
bloximages.chicago2.vip.townnews.com
c.amazon-adsystem.com
capi.connatix.com
cdn-p.cityspark.com
cdn.ampproject.org
cdn.cityspark.com
cdn.jsdelivr.net
cdn.parsely.com
cdn.petametrics.com
cdn.segment.com
cdn.viafoura.net
ce.lijit.com
cm.everesttech.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
cr-p3.ladsp.com
d1z2jf7jlzjs58.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
hb.yahoo.net
i.viafoura.co
ib.adnxs.com
jp-u.openx.net
live.primis.tech
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
officeworks.demdex.net
p1.parsely.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
px.ads.linkedin.com
query.petametrics.com
resources.thestar.com
s.amazon-adsystem.com
s.therecord.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
sync.intentiq.com
sync.srv.stackadapt.com
sync1.intentiq.com
tg.socdm.com
therecord.com
token.rubiconproject.com
torontostarnewspaperslimited.demdex.net
torstar.gscontxt.net
tpc.googlesyndication.com
u.openx.net
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.googletagservices.com
www.therecord.com
103.229.10.192
103.43.89.4
104.16.122.175
104.16.133.24
104.22.60.90
107.23.71.155
13.107.42.14
13.224.181.71
13.227.254.41
13.227.74.97
131.153.206.100
142.250.204.10
142.250.204.14
142.250.204.2
142.250.204.6
142.250.66.194
142.250.66.206
142.250.67.3
142.250.76.97
142.250.76.98
142.251.221.65
142.251.221.70
150.136.157.133
151.101.193.229
152.199.39.108
157.240.8.23
157.240.8.35
172.217.167.70
172.217.167.72
172.217.167.98
172.217.24.34
172.217.24.36
172.64.146.152
172.64.146.86
172.64.151.101
18.180.45.14
18.244.214.125
18.67.101.75
18.67.111.56
18.67.111.76
18.67.114.43
18.67.89.160
18.67.92.138
18.67.93.39
18.67.93.44
18.67.97.57
188.240.13.2
192.104.182.109
209.191.163.210
211.120.53.203
216.239.34.181
23.1.240.43
23.204.65.234
3.25.18.8
3.33.220.150
3.89.167.202
34.107.254.252
35.163.144.222
35.190.14.224
35.241.9.51
35.244.159.8
35.84.163.233
44.242.33.86
52.46.130.91
52.74.189.155
54.149.20.216
54.174.79.84
54.255.26.62
54.255.30.10
54.79.148.68
63.140.56.117
67.220.226.233
69.173.158.64
74.125.200.155
8.43.72.98
010ce0e0393929c9224322da1c491e969fbf826ad87fc2b6329598a6c36ef6c0
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02d4a3e3bc55fb2c10464afa89e283d1d017f6a309634709009f0e3ec5455e26
02e406be3baa8bc806c3cd234922e40bba42fa77a527b3e110036f387bc5308e
046a5a8aa6195f51f064fa5ab11fcb04f724205196756cd0f0651a4f864e51ba
05d76563774bc6cd0c16bcddb7ce913fb7f5be83d2c1b0980931eb8c6e4a3494
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
097d6bfb57ac60b2fa50fbd5aac8043e922fd7add70eed50d8f53c596c2219e6
0acff355a123d849b520cf5a94fba9e18840b78a57f67e7ff984ad7272821d48
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf4519425b5ee5582d49d5287424ac977bbe5275d6fe4895caf068e7b86e23a
0d66cb7714bbebbd2e86cabd0a01bdcb38f5f3fd6b7df4aef5ef0c92af90c5b5
0e51d53b4513a76861c42a278ecb208963d19159bd9077c004a980393cb858c9
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
10d61623b10c2a0df98e9151448c3e3a000545535316ce8f905599c3fbfda313
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13d7a4d806b6857730a2766ae4ca513fe48735eb6c4082d7e11aab5f5f0ffb32
15d1b32a1431f3f4e0001a1712a88072a7c8a070e0d5f216f574564d875d62e3
1931802ec8d90723d028333eaa9d06d7eff1d9034f96fe7978b2ec349311cef7
19c592819d340656421a0ca296e9564cbfbcb69228f56cef708c529fc16217ad
19d7568c9410ea5b1c6ff29d5327be3ddbead9da65f9c1830dce5d95a79fdb5a
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b29af82ad757fab4ab348e30008412ea6380c49637bff2366212fbd7d6ea236
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2196688d207f9a82188db611ae912978d9c8216c2b4315784871bce6d42846d8
23fa8efe2f0f0055c5d2292e5358af1952aa38bb3bd98b0f18d338e3c3236134
24148128a2798f06838595df2311ca2819a12886fa4b851f34fa25ce61a0735f
2415eca9065c5c386c960c79007e793470fdb3bbb9f855097b64723b3e6639dc
25c579fb18405b859b9cb5e7ddc426edd1b75e5876d5f2fe32225901115cd6af
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2736d55a4da2c1d7e1cec02b86d6432aabe15a41f5f86803b5fa5fbe3cae8a64
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
2bb07a412c67aaeab605cf9bda5f8f60b6d652b16a13c18dbc28adde74cb4f39
2c103c14935cc049090fcaf4ce464b17f62be2011cdedb42cfcebe477b801d87
2da6d9e0a402729a755699aece9f95df62f5f8dfa82744c697e0154cc838b64f
2e4346aa7f0340066dfb5aa361ff449a438a172d5432719cd405e876a0d7b439
2e89e6e59f1839ee2fb0a9a8395735db5ccbfa176e22e23ea50f26f83674c047
2fac51b566a2fc858b007274ce2800f2b778d7fb0bb1f33973b0b870caab6f91
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319c5bb7f9c6f575305468bfd81610cde5bf8c5fc954f808657968b260d18242
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4
363a68f72d541a0a73e23f029b00fc9b8a7d1208c3b06717025b88658cfa56da
385d4463baee9183ec7502890835d49c962272f0c9faa3878df54ce66974ea99
38f8f0159d3a0413f14a75d0074c1d8a1ffca1fa8acb818b86684bb11628e3b7
3905b07f1e5d0b11aa1c97a11eefe6fb1a72edd021033b0c5111cd89ece7e1c8
39af5bc38f03afb9bbcacadacdf8ce2adc5f6745217ef8868696c6cb38e2bfe0
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3f12019df132ad610b28cc02da1b21b792d534213143536ce09d5b8b9433cc99
3f1a6909352fd3ff2f2bb5f6b8f7a89d6e4f1e9dbcf0fa2e322682472c8d6801
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4223e8178440140140accbdde18d9472237ea1c30d037e7b10547c0377a1c450
42716b1e53a7779105575276cedc2e75677bc64e77b0a712bc0d48e2479abd98
4353442b296c53f51d82efc2617406d68cc278bd08c2ce4ca96daa9fcc2c77e3
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
474ca82fb964720ca22c73e15c2ceaf2416165b9b1e3ed2e057ba8491d04edfc
48afdb2dec2cb40047f3f7d0b4f0a22e168fba6d299be08bed11e1221b082aa7
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
499619c7647a44fbdebe2ad9d4d43cd2e339e089b449a829ff3fea709067f14e
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d063ab8701f5932753a12e9b302d8345ed7ba488f2f3ca6d46912fb60ce2815
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9aa22f92f889e6b0cce071e347e19f4e1ff2bb5aa4005f0827abb6317b6f9d
4f13f8403a51b44b1334c8d01fe1deaf89f1bd621ba1e87eb1e71ee67055e291
516743678b07edcf236561fed911dd419248fe4e6ae651c201b2fbd90f2572b9
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5239bcfb6ee7d8e7ef57e9e2f099e25ff815623b9f0720e26eabf00c7002e64f
53426bb3fb09b76cd18d82e241a6b581cd187e3c2c355abda74a072b46a68b95
54fa8102460d66365c29c5696d4340eae2ad2a74ccf56f93dc5e61a5cde3271d
556f08234184ee5efa19a1284989bd7c260b964ca4cd189fdc8862d438c63113
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
56f952668f2715f2437df37dd9cb3528cd5e7bcf2c4af40c4b98713c3b829a6c
591464df814b6fcf6cdfe1d440a3b849efc1e0c320b070788831cac958342828
595550d27cabf0dad36e8ddae06a223716e7067ff08607b60e91adab5e06c748
5c3e2ff5b33db716b29c77a7188b70d1af7372236112f4fb0bd3643d3349c197
5dc12c6411f8ec0a19c4b7cb4ecca2141582795098a0c58c89ec2de0d618384e
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61119328a3232091ad58db3511445742780be38b16a0e06283b9c4dbaf69de97
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
63e160a19d39f11cbf010500b638b69f89cd5414158b7e65c50d419c26a4dfb4
640ffe794ffc6f498c928232b6433adfc359c060698f38d2eed5f88fe88f9cf6
6452e5a90daf2103a7be44b0bff2582aff8aba215230ade8eeea645f75e8851f
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
65cea9994e7b6fd59923543cd349b4086ff4391badb603d3980413f5e878b2df
68684d4e091795123c7797a602e056cac24a3355a95b3b198e4fbd65822afcd2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b22acf3b276d3f419653cda2fcd12b7a8c87d2b0b34e44511b60a23ab72d7e6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
6e07592a9ee9c35258365f09b42f7bf35bd6670a3d4bebb5bf28638402250429
6e0b54025fb5b7d338494a01ba90750c0bf6825ba8f1efc1f14e5a56c8552dd3
72956fed691627b50461a9176d096dbfdebe035fab5f653b8b8098d869919d7f
7688a97a3cf3ee4a4f04f8b3596ca5c89d63f4e57280907e688dcdd8dd52b49f
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
7b3cf42134c7069baf8bb3becde86e4198002c05ebe928d46feb451238d19ed6
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c4711683ed6f2d79b7aebeb5f9d00be743a943159bdb57faf129412ed1de94c
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
80dee23ce7250f2f0c1135eae9ecea88b35fdb0d6586a76a0eafbc0dea88e2c3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85e1ef3c0d8442b0131cdc81c03f99a175a6b6cd326c8166a5867d1bf15a37d3
88d96e2e4a87b3606620b406a19aafb67a0dc17d03331e07311d9d9649934103
89934847c372d12ce50d2dfc8c65830943897609ca1cd786afa4561c8b345f4a
8a23c44de48fb21cbcd562cdf009d5d3049c6e064dea597c2e00f4539487909d
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365
8fccb27bed15422298100f23773bbc262d36964eb5381ed360e06799db31b48f
8fdd8374a779e06a48d7a3f42ffe46ff6776908cba3f2f01fd341fcb1338cd4e
8ffbc359dbfd6b0fe03fc4fe7e521951903c34322e2ef47a2f1216e965e6124d
92847fbfa2adaf5f1907b01d1826b39f3fe26420d481337abe1b096109c42236
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
94cf60b715bd0b1f8af6db1cf1c14906e008d1313307747f82590cd8d9c6a7dd
96f7e30a4cc5df94843a8087d01d17d7bbcbf4b771da582a763c8b92f3f35890
97889ad7ba2e93b0913df62ef0daaa81f7270ee51f6f184f97a58b0bb854f006
980c8780366c4be3d8e14ac0a98833e357313bd0c55e9cec1b5f16deec75c049
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9b100b3a77d34b56a56838aeff0bbfdaa3f5c17c3be9c1e3ca5238d6c2e40e1f
9cefee4c660d3fc32a9c8957e4e5a464fde600f95d50d64e533e9c2b73d7ad2c
9d38d2b1846e1d3737c31c32674fe74a132a536ec779f634563e84b7dd169903
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c767ec61f3ecd854a3b3aab3ed23168707aa1fc9cee0009643a72362d6bfdd
a32d1b07af89513f45e0c8e201411e4adfe0b332b96739131dc3d77f736691a0
a621427f325de9889cf216f562892e8207ee324c9db08c9c91af73c3a6493cb5
a880a40d0ffac150e2de4939d7e96cf7c24cf7215d539b2bb6bae44a5f1ea27e
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
a90a9bb2a9c6b2b49f1226ce75f8a1cd37808a1c1d8c08c123b19108e78254cb
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
ab199ce8cd92ab1eeb95bf0f6a55070369f96065341f777d56347e8c5a2d62a2
ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27
ac017552c6ae0b0b0f8c930ce673c1d77901d1e00312621b6e38e14f4befe23e
adab1ef5df8c4a0133a66d8ea95c3ee1a43ca015cfad5599c55267de6743d318
af979786c73f4c25357e6528bb264f3dffae203ec6ff1adced8b57c3532f6d4b
b1139a764a2eae949ca1358aa7a387a7d6812f277016c070e28279f2639da412
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15f740de44f05503a6fb527b885d6ceeeabd68fbca137e5095f367557a739d8
b19207bfa58d4194dd2ee09a8b979ae59d117ab3286d23acbb471ef04dbf20f8
b2d2f5d052658ef5589fe450a8654dbeb88d97511ce36f21f1c3bb3b38fa3c24
b3afca58941f1dd62cb55952af401eced7cf384800a9b48b378fc0f6d2f9036f
b3e7087e228be3a58b28db80acc7ba4d178749326af5386b4b754f1160b6b44a
b3f63db6c4154448093f2d4642737e0aa755510c3fd698c833c0e22a8b628149
b47a748e28d2b55bc8662baf0889a06f229667d3f42953cf5739a3ee760afc8d
b5348904074ca7f09e3078c2afcabad0f0c9cafcfc751566e93d90ceaa75b887
b6619405f0e688e0427b0c83584e65d364e4490f4e96e3fd4ef10cf5d51f9849
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bffbf8e1a1d6b737278515f5d16d64770346438fd416b51349466a29a5391dfd
c065dcd543b96dcc0432a82e72478eb8951c5b32d597689b673ec61b7bb14402
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c50a3f44acc6f9ca8699a3450e42fab0b63adeff20a44006072a4665d81e6ab8
c6ac86cfcd875307be77577d580d25f3e0868dfeebd12080b3fe1044c378dbb9
c8309b85a5fc59eab6c75b425f32f89d070fcdfa9498fa3e9eff23fdcbb61a1b
ca21ecfad0ff863a80fb56cf4e35a78f64c0b672319d726de7c6679d8e0d7b2c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee
d19425f20bfe1ea505166a8841b2232c795ff72b1c8a34f10a743db915f7494d
d203389fc33691e8051b6439102babc1253ee574b5d06d4af280504c2b0c3470
d3015f02f36368dc6e59cefb6e20c6e58e477b1346dee10a62cfef7cb475c960
d33e95af1d7e00a025851cc0fe96c45bc900e06724afb79b28f078592fdf5c2c
d3e8f1eb1391780e4d77b2b47e6b25799bfccf566138ce3c3838989065a2776f
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d683c982077343a5bff3cb148b821aedc8ed3d22b6d34a852f486b2b6e76484c
d88f7eb998b1aa3de53ff1b381370d98ed72233c6a5b97ca3f1dbdfba240bc23
d92a9dca3b40cf5ab2b8dac0136b389bcb989d8fd3a681d45a43deada776cbf6
dac08fd3eb7d2adf333d36ea5e35d4f4dc25c7dd705cbf99682707b2d95f9031
db6a5237d278444f70bd3bdd2deb68c9ffc094eabada956c4141693aaadd837b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfa9a4941dbb2401b267dfc0ec934246a0b8232ed45cdfb39f0f8e09113ca8d0
e03ea88e5149801458dd9cabf62c8871cc27687d7d8a6a0fc2ff59ef434cb645
e1d39256faa607df65dd15fb254dd774699293492ac06bdbdd800b73967d3334
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e649d736c29d48d189f98539b41cd359c2d0750296436741781c9f9656a2cea6
e6f3e919b3a4d9fda8276639eb7563250584432f748ef174975637eb744e09eb
ea03e17fb73a5d29f0d18aebc6956493a31a23d51b66ae4456a66378c94601d3
eb3bd3346239075a2d2d6fb32897f25aaa7b855e443c401117a7edd1a0f12468
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec2edb32aedc6b8e6e50eab063ec81816abfa198deebf423caae3522298a3b92
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
eeae2d9b3447e2c4e0464a4d6431a061d0e63db62a950e0db02919f9b2803d8b
eec1d339b9dac9ef9991e418a6fd71c2cf953d77ed1597ed68f82fcc12bf7767
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50f458808a55f20250fcd9972d2aee37823e1177d081f2432e69a25e6f9b8c5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6b92019659bb7d54117af7574fff793e7cf64509ac74e1d80a9796ab8d853ad
f712b6018254bbc628602217428af6ce6fb83c2a71db2053ff287330bc0fbcc6
f7a7effa7c9dc38a649a6570b37716e1dd18730e00500af2cc5bd2495025ef13
f7b3574dbd08a7335e889c9627a674b28af8e4d538f26d13fbd341269a65c03d
f86eeb6f3a8265f926b028aee9f8b16aa92df48984fb86734f1e207ae8098f1c
f99bc8a797236529795e9de685a36b88ffaa0d7709371daf535d8b9d9829588a
fab3a1efd87082eddcbffa35ff1ee804b5a930f1ad6565af891bd970200e3e9b
fbc774cb96be46cab2c4f68a761ba7f4b5cfa0bd2d7a9487e1fbed4b60e547c5
fd2c680964b28dc283f3518e21720cd2f886e7bdb8d2f5b47809ef836c337d52