www.latimes.com Open in urlscan Pro
13.32.121.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://apple.news/AUgpv7rZsQdWnLTJ6siYUbA?articleList=Abj_ncZbQTkqQWOdHdqF-sA&campaign_id=E101&campaign_ty...
Effective URL:
https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Submission: On October 15 via api (October 15th 2021, 3:49:47 pm UTC) from US — Scanned from DE

Summary HTTP 138 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 58 IPs in 6 countries across 46 domains to perform 138 HTTP transactions. The main IP is 13.32.121.26, located in United States and belongs to AMAZON-02, US. The main domain is www.latimes.com.
TLS certificate: Issued by Amazon on April 21st 2021. Valid for: a year.

This is the only time www.latimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2.18.232.89 2.18.232.89	16625 (AKAMAI-AS) (AKAMAI-AS)
8	104.111.215.87 104.111.215.87	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	13.32.121.26 13.32.121.26	16509 (AMAZON-02) (AMAZON-02)
8	18.66.122.62 18.66.122.62	16509 (AMAZON-02) (AMAZON-02)
13	3.124.173.63 3.124.173.63	16509 (AMAZON-02) (AMAZON-02)
1	172.217.23.106 172.217.23.106	15169 (GOOGLE) (GOOGLE)
1	18.66.97.79 18.66.97.79	16509 (AMAZON-02) (AMAZON-02)
3	143.204.98.54 143.204.98.54	16509 (AMAZON-02) (AMAZON-02)
1	104.92.74.8 104.92.74.8	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.65.194 151.101.65.194	54113 (FASTLY) (FASTLY)
3	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	104.18.5.81 104.18.5.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.66.241.177 18.66.241.177	16509 (AMAZON-02) (AMAZON-02)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
1	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
4	34.107.254.252 34.107.254.252	15169 (GOOGLE) (GOOGLE)
1	44.233.11.96 44.233.11.96	16509 (AMAZON-02) (AMAZON-02)
2	13.32.114.145 13.32.114.145	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.232 142.250.185.232	15169 (GOOGLE) (GOOGLE)
1	107.20.138.141 107.20.138.141	14618 (AMAZON-AES) (AMAZON-AES)
3	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	199.232.80.84 199.232.80.84	54113 (FASTLY) (FASTLY)
1	52.222.236.124 52.222.236.124	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
4	157.240.236.1 157.240.236.1	32934 (FACEBOOK) (FACEBOOK)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
2	87.248.118.22 87.248.118.22	34010 (YAHOO-IRD) (YAHOO-IRD)
1	151.101.1.2 151.101.1.2	54113 (FASTLY) (FASTLY)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.96.113 18.66.96.113	16509 (AMAZON-02) (AMAZON-02)
2 4	13.32.99.105 13.32.99.105	16509 (AMAZON-02) (AMAZON-02)
1	18.66.248.126 18.66.248.126	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2.16.186.19 2.16.186.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
1	66.102.1.156 66.102.1.156	15169 (GOOGLE) (GOOGLE)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	18.202.51.91 18.202.51.91	16509 (AMAZON-02) (AMAZON-02)
1	3.224.194.150 3.224.194.150	14618 (AMAZON-AES) (AMAZON-AES)
2	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
3	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
1 2	108.174.11.69 108.174.11.69	14413 (LINKEDIN) (LINKEDIN)
1 1	13.107.43.14 13.107.43.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	157.240.236.35 157.240.236.35	32934 (FACEBOOK) (FACEBOOK)
2	142.250.185.164 142.250.185.164	15169 (GOOGLE) (GOOGLE)
2	216.58.212.163 216.58.212.163	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	18.66.248.75 18.66.248.75	16509 (AMAZON-02) (AMAZON-02)
13	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
1	13.32.121.108 13.32.121.108	16509 (AMAZON-02) (AMAZON-02)
1 9	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
138	58

3 2.18.232.89 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-89.deploy.static.akamaitechnologies.com

apple.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.111.215.87 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-87.deploy.static.akamaitechnologies.com

www.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.26 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-26.fra60.r.cloudfront.net

www.latimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.66.122.62 (United States)

ASN16509 (AMAZON-02, US)

ca-times.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 3.124.173.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com

activate.platform.californiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
activate.latimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.79 (United States)

ASN16509 (AMAZON-02, US)

ssor.platform.californiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-54.fra50.r.cloudfront.net

libs.platform.californiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.5.81 (None, )

ASN13335 (CLOUDFLARENET, US)

68547f8f-2fd8-4ff3-9b63-51e86e2edee8.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.241.177 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

68547f8f-2fd8-4ff3-9b63-51e86e2edee8.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.233.11.96 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-11-96.us-west-2.compute.amazonaws.com

metering.platform.latimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.114.145 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-114-145.fra60.r.cloudfront.net

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.138.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-138-141.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.80.84 (Marseille, France)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-124.fra56.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.118.22 (Frankfurt am Main, Germany)

ASN34010 (YAHOO-IRD, GB)
PTR: e1.ycpi.vip.deb.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.2 (United States)

ASN54113 (FASTLY, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.96.113 (United States)

ASN16509 (AMAZON-02, US)

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.99.105 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.126 (United States)

ASN16509 (AMAZON-02, US)

ext.chtbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-19.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.51.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-51-91.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.224.194.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-194-150.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.174.11.69 (United States) 1 redirects

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-69.fwd.linkedin.com

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.163 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.75 (United States)

ASN16509 (AMAZON-02, US)

web.chtbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-108.fra60.r.cloudfront.net

notices.californiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.0.84 (United States) 1 redirects

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	californiatimes.com activate.platform.californiatimes.com ssor.platform.californiatimes.com libs.platform.californiatimes.com notices.californiatimes.com	184 KB
15	google.com www.google.com fundingchoicesmessages.google.com	64 KB
8	brightspotcdn.com ca-times.brightspotcdn.com	236 KB
8	apple.com www.apple.com	792 KB
5	pinterest.com 1 redirects ct.pinterest.com www.pinterest.com	2 KB
5	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	151 KB
4	pinterest.de www.pinterest.de	14 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com	2 KB
4	taboola.com cdn.taboola.com trc.taboola.com trc-events.taboola.com	26 KB
4	facebook.net connect.facebook.net	246 KB
4	permutive.com api.permutive.com	961 B
4	latimes.com 1 redirects www.latimes.com metering.platform.latimes.com activate.latimes.com	66 KB
3	bing.com bat.bing.com	10 KB
3	facebook.com www.facebook.com	532 B
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	snapchat.com tr.snapchat.com	803 B
3	chtbl.com ext.chtbl.com web.chtbl.com	5 KB
3	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
3	google-analytics.com www.google-analytics.com	21 KB
3	googletagmanager.com www.googletagmanager.com	115 KB
3	apple.news apple.news	17 KB
2	google.de www.google.de	586 B
2	adsrvr.org js.adsrvr.org insight.adsrvr.org	3 KB
2	quora.com a.quora.com q.quora.com	14 KB
2	yimg.com s.yimg.com	7 KB
2	pinimg.com s.pinimg.com	20 KB
2	chartbeat.com static.chartbeat.com	34 KB
2	amazon-adsystem.com c.amazon-adsystem.com	39 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net	91 KB
1	googlesyndication.com pagead2.googlesyndication.com	595 B
1	yahoo.com sp.analytics.yahoo.com	964 B
1	googleadservices.com www.googleadservices.com	15 KB
1	t.co t.co	455 B
1	twitter.com analytics.twitter.com	660 B
1	reddit.com alb.reddit.com	125 B
1	licdn.com snap.licdn.com	2 KB
1	revcontent.com assets.revcontent.com	10 KB
1	redditstatic.com www.redditstatic.com	7 KB
1	sc-static.net sc-static.net	7 KB
1	ads-twitter.com static.ads-twitter.com	6 KB
1	chartbeat.net ping.chartbeat.net	201 B
1	adnxs.com ib.adnxs.com	693 B
1	prmutv.co 68547f8f-2fd8-4ff3-9b63-51e86e2edee8.prmutv.co	455 B
1	permutive.app 68547f8f-2fd8-4ff3-9b63-51e86e2edee8.edge.permutive.app	62 KB
1	rubiconproject.com ads.rubiconproject.com	88 KB
1	googleapis.com ajax.googleapis.com	31 KB
138	46

	Domain	Requested by
13	fundingchoicesmessages.google.com	activate.platform.californiatimes.com
12	activate.platform.californiatimes.com	www.latimes.com activate.platform.californiatimes.com
8	ca-times.brightspotcdn.com	www.latimes.com ca-times.brightspotcdn.com
8	www.apple.com	apple.news www.apple.com
4	www.pinterest.de	activate.platform.californiatimes.com apple.news
4	ct.pinterest.com	activate.platform.californiatimes.com
4	sb.scorecardresearch.com	2 redirects
4	connect.facebook.net	activate.platform.californiatimes.com
4	api.permutive.com	activate.platform.californiatimes.com
3	bat.bing.com	activate.platform.californiatimes.com
3	www.facebook.com
3	tr.snapchat.com	activate.platform.californiatimes.com
3	www.google-analytics.com	activate.platform.californiatimes.com
3	www.googletagmanager.com	activate.platform.californiatimes.com
3	securepubads.g.doubleclick.net	www.latimes.com activate.platform.californiatimes.com
3	libs.platform.californiatimes.com	www.latimes.com
3	apple.news	apple.news
2	trc-events.taboola.com	activate.platform.californiatimes.com
2	web.chtbl.com	activate.platform.californiatimes.com
2	www.google.de
2	www.google.com
2	px.ads.linkedin.com	1 redirects
2	tr.outbrain.com	activate.platform.californiatimes.com
2	s.yimg.com	activate.platform.californiatimes.com
2	s.pinimg.com	activate.platform.californiatimes.com
2	static.chartbeat.com	activate.platform.californiatimes.com
2	c.amazon-adsystem.com	activate.platform.californiatimes.com
2	confiant-integrations.global.ssl.fastly.net	www.latimes.com activate.platform.californiatimes.com
2	www.latimes.com	1 redirects apple.news
1	pagead2.googlesyndication.com	activate.platform.californiatimes.com
1	www.pinterest.com	1 redirects
1	googleads.g.doubleclick.net	activate.platform.californiatimes.com
1	notices.californiatimes.com
1	sp.analytics.yahoo.com
1	www.googleadservices.com	activate.platform.californiatimes.com
1	trc.taboola.com	activate.platform.californiatimes.com
1	www.linkedin.com	1 redirects
1	q.quora.com
1	insight.adsrvr.org	activate.platform.californiatimes.com
1	t.co
1	analytics.twitter.com	activate.platform.californiatimes.com
1	stats.g.doubleclick.net	activate.platform.californiatimes.com
1	alb.reddit.com
1	snap.licdn.com	activate.platform.californiatimes.com
1	assets.revcontent.com	activate.platform.californiatimes.com
1	ext.chtbl.com	activate.platform.californiatimes.com
1	js.adsrvr.org	activate.platform.californiatimes.com
1	amplify.outbrain.com	activate.platform.californiatimes.com
1	a.quora.com	activate.platform.californiatimes.com
1	cdn.taboola.com	activate.platform.californiatimes.com
1	www.redditstatic.com	activate.platform.californiatimes.com
1	sc-static.net	activate.platform.californiatimes.com
1	static.ads-twitter.com	activate.platform.californiatimes.com
1	ping.chartbeat.net	www.latimes.com
1	activate.latimes.com	www.latimes.com
1	metering.platform.latimes.com	activate.platform.californiatimes.com
1	ib.adnxs.com	activate.platform.californiatimes.com
1	68547f8f-2fd8-4ff3-9b63-51e86e2edee8.prmutv.co	activate.platform.californiatimes.com
1	68547f8f-2fd8-4ff3-9b63-51e86e2edee8.edge.permutive.app	www.latimes.com
1	ads.rubiconproject.com	www.latimes.com
1	ssor.platform.californiatimes.com	www.latimes.com
1	ajax.googleapis.com	www.latimes.com
138	62

This site contains links to these domains. Also see Links.

Domain
membership.latimes.com
enewspaper.latimes.com
nantmedia.wd5.myworkdayjobs.com
store.latimes.com
apps.apple.com
play.google.com
placeanad.latimes.com
classifieds.latimes.com
peopleonthemove.latimes.com
jobs.latimes.com
marketplace.latimes.com
mediakit.latimes.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
www.youtube.com
www.latimeswine.com

Subject Issuer	Validity	Valid
c.apple.news Apple Public Server RSA CA 12 - G1	`2021-02-11` - `2022-03-13`	a year	crt.sh
www.apple.com Apple Public EV Server RSA CA 2 - G1	`2021-09-08` - `2022-10-08`	a year	crt.sh
www.latimes.com Amazon	`2021-04-21` - `2022-05-20`	a year	crt.sh
cdn.ca-times.psdops.com Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
activate.platform.californiatimes.com Go Daddy Secure Certificate Authority - G2	`2021-07-26` - `2022-08-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
ssor.platform.californiatimes.com Amazon	`2021-04-17` - `2022-05-16`	a year	crt.sh
*.platform.californiatimes.com Amazon	`2021-05-18` - `2022-06-16`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2021-09-20` - `2021-12-18`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.prmutv.co R3	`2021-07-29` - `2021-10-27`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
api.permutive.com R3	`2021-08-22` - `2021-11-20`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
activate.latimes.com Go Daddy Secure Certificate Authority - G2	`2021-03-31` - `2022-05-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-25` - `2021-10-23`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-09-06` - `2021-10-27`	2 months	crt.sh
quora.com R3	`2021-10-03` - `2022-01-01`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
ext.chtbl.com Amazon	`2021-01-25` - `2022-02-22`	a year	crt.sh
assets.revcontent.com R3	`2021-09-11` - `2021-12-10`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.quora.com R3	`2021-10-03` - `2022-01-01`	3 months	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-23`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-16` - `2022-03-16`	6 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
web.chtbl.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.californiatimes.com Amazon	`2021-08-29` - `2022-09-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Frame ID: 2C44FC0309FAA76B0A42E637B4B7973A
Requests: 130 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=uakr1sk&ref=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&upid=swei7dz&upv=1.1.0
Frame ID: D65DDF6FC4BA434430C749FC7CD30DD2
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=dbe625aa-7ced-4e1d-8918-88782123af97
Frame ID: 791DE50D80CC2074FE185D9E7104B68F
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 1D435D5835A6F443B59678C05F0C2713
Requests: 1 HTTP requests in this frame

Frame: https://www.pinterest.de/ct.html
Frame ID: 14D4664D3A2D79B5DBCBA03C21D1F838
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0E40309B3BEB4368F98E5919A7B3A6AA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Robert Durst sentenced to life for Susan Berman murder - Los Angeles Times

Page URL History Show full URLs

https://apple.news/AUgpv7rZsQdWnLTJ6siYUbA?articleList=Abj_ncZbQTkqQWOdHdqF-sA&campaign_id=... Page URL
https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-sus... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

138
Requests

99 %
HTTPS

0 %
IPv6

46
Domains

62
Subdomains

58
IPs

6
Countries

2392 kB
Transfer

6004 kB
Size

43
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://membership.latimes.com/newsletters/?_ga=2.251099398.1896328230.1613286933-114874840.1613286932
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://enewspaper.latimes.com/desktop/latimes/default.aspx?pubid=50435180-e58e-48b5-8e0c-236bf740270e
Title: eNewspaper

Search URL Search Domain Scan URL

URL: https://nantmedia.wd5.myworkdayjobs.com/LATimesCareers
Title: L.A. Times Careers

Search URL Search Domain Scan URL

URL: https://store.latimes.com/?utm_source=latimes&utm_medium=homepage&utm_campaign=homepage_subnav
Title: L.A. Times Store

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/la-times/id373238146
Title: News App: Apple IOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.apptivateme.next.la&hl=en_US
Title: News App: Google Play

Search URL Search Domain Scan URL

URL: https://placeanad.latimes.com/
Title: Advertising

Search URL Search Domain Scan URL

URL: https://classifieds.latimes.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://peopleonthemove.latimes.com/
Title: People on the Move

Search URL Search Domain Scan URL

URL: https://jobs.latimes.com/
Title: Find/Post Jobs

Search URL Search Domain Scan URL

URL: https://marketplace.latimes.com/
Title: Local Ads Marketplace

Search URL Search Domain Scan URL

URL: https://mediakit.latimes.com/
Title: Media Kit: Why the L.A. Times?

Search URL Search Domain Scan URL

URL: https://marketplace.latimes.com/places/types:23
Title: Hot Property Sections

Search URL Search Domain Scan URL

URL: https://placeanad.latimes.com/open-house
Title: Place an Open House

Search URL Search Domain Scan URL

URL: https://marketplace.latimes.com/places/categories:43
Title: Sotheby’s International Realty

Search URL Search Domain Scan URL

URL: https://store.latimes.com/?utm_source=latimes&utm_medium=homepage&utm_campaign=homepage_nav
Title: L.A. Times Store

Search URL Search Domain Scan URL

URL: https://membership.latimes.com/
Title: Manage Subscription

Search URL Search Domain Scan URL

URL: https://membership.latimes.com/billing-info
Title: EZPAY

Search URL Search Domain Scan URL

URL: https://membership.latimes.com/subscription-info
Title: Delivery Issue

Search URL Search Domain Scan URL

URL: https://enewspaper.latimes.com/
Title: eNewspaper

Search URL Search Domain Scan URL

URL: https://membership.latimes.com/privacy-settings
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=134435029966155&display=popup&href=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&text=Robert%20Durst%20sentenced%20to%20life%20in%20prison%20for%20murdering%20Susan%20Berman
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&mini=true&title=Robert%20Durst%20sentenced%20to%20life%20in%20prison%20for%20murdering%20Susan%20Berman&summary=Robert%20Durst%2C%2078%2C%20will%20spend%20the%20rest%20of%20his%20life%20in%20a%20California%20prison%20for%20the%20fatal%20shooting%20of%20his%20longtime%20confidante%2C%20Susan%20Berman%2C%20in%202000.&source=Los%20Angeles%20Times
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/jamesqueallyLAT
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/latimes/
Title: instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/latimes
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/latimes
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/losangelestimes
Title: youtube

Search URL Search Domain Scan URL

URL: https://store.latimes.com/
Title: L.A. Times Store

Search URL Search Domain Scan URL

URL: https://www.latimeswine.com/club
Title: Wine Club

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://apple.news/AUgpv7rZsQdWnLTJ6siYUbA?articleList=Abj_ncZbQTkqQWOdHdqF-sA&campaign_id=E101&campaign_type=69daabd3-6571-43b9-e33a-fb4b350529dc&creative_id=daily_v2_more_stories_entry_with_image-4-17:moreStoryWithImageEntryMSO Page URL
https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://sb.scorecardresearch.com/b?c1=2&c2=6036462&ns__t=Fri%20Oct%2015%202021%2015:49:41%20GMT+0000%20(GMT)&ns_c=UTF-8&c8=Robert%20Durst%20sentenced%20to%20life%20for%20Susan%20Berman%20murder%20-%20Los%20Angeles%20Times&c7=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&c9=https%3A%2F%2Fapple.news%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=Fri%20Oct%2015%202021%2015%3A49%3A41%20GMT%200000%20(GMT)&ns_c=UTF-8&c8=Robert%20Durst%20sentenced%20to%20life%20for%20Susan%20Berman%20murder%20-%20Los%20Angeles%20Times&c7=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&c9=https%3A%2F%2Fapple.news%2F

Request Chain 73

https://sb.scorecardresearch.com/c2/6036462/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 88

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2437484&time=1634312981548&url=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2437484%26time%3D1634312981548%26url%3Dhttps%253A%252F%252Fwww.latimes.com%252Fcalifornia%252Fstory%252F2021-10-14%252Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2437484&time=1634312981548&url=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&liSync=true

Request Chain 101

https://www.latimes.com/subscriptions/img/logo-lat-full-black.svg HTTP 302
https://notices.californiatimes.com/gdpr/latimes.com/

Request Chain 112

https://www.pinterest.com/ct.html HTTP 302
https://www.pinterest.de/ct.html

138 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK AUgpv7rZsQdWnLTJ6siYUbA Show response
apple.news/ 9 KB
3 KB 68ms
46ms Document
text/html 2.18.232.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://apple.news/AUgpv7rZsQdWnLTJ6siYUbA?articleList=Abj_ncZbQTkqQWOdHdqF-sA&campaign_id=E101&campaign_type=69daabd3-6571-43b9-e33a-fb4b350529dc&creative_id=daily_v2_more_stories_entry_with_image-4-17:moreStoryWithImageEntryMSO

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.232.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-89.deploy.static.akamaitechnologies.com

Software

AppleHttpServer/21d85a9b022c382b518860f75a6adf819895c154 /

Resource Hash

17cb46624aa395d84ddadf28566852e800733ccaa4fb2d513752c4beebf2467e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: apple.news
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: AppleHttpServer/21d85a9b022c382b518860f75a6adf819895c154
Content-Type: text/html
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-B3-TraceId: b2fe0cddad214b43
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, no-transform, max-age=27
Date: Fri, 15 Oct 2021 15:49:40 GMT
Content-Length: 2541
Connection: keep-alive

GET
H2 200 fonts
www.apple.com/wss/ 15 KB
2 KB 44ms
10ms Stylesheet
text/css 104.111.215.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Requested by

Host: apple.news
URL: https://apple.news/AUgpv7rZsQdWnLTJ6siYUbA?articleList=Abj_ncZbQTkqQWOdHdqF-sA&campaign_id=E101&campaign_type=69daabd3-6571-43b9-e33a-fb4b350529dc&creative_id=daily_v2_more_stories_entry_with_image-4-17:moreStoryWithImageEntryMSO

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-87.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

433ba35f0585ad9b09e08d422a99881fd47f621650587251e7f59555131d5ef9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apple.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-encoding: gzip
x-content-type-options: nosniff
server: Apple
date: Fri, 15 Oct 2021 15:49:40 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_MEM_HIT from a2-16-187-149.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
content-type: text/css
cache-control: max-age=2584
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
content-length: 913
x-xss-protection: 1; mode=block
expires: Fri, 15 Oct 2021 16:32:44 GMT

GET
H/1.1 200
OK index.css
apple.news/css/ 7 KB
3 KB 260ms
260ms Stylesheet
text/css 2.18.232.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://apple.news/css/index.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.232.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-89.deploy.static.akamaitechnologies.com

Software

AppleHttpServer/21d85a9b022c382b518860f75a6adf819895c154 /

Resource Hash

dee7e43b051bd156b70a40ac0e5c532f372d0f2d71632b41e79ec1f517c3c112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: apple.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://apple.news/AUgpv7rZsQdWnLTJ6siYUbA?articleList=Abj_ncZbQTkqQWOdHdqF-sA&campaign_id=E101&campaign_type=69daabd3-6571-43b9-e33a-fb4b350529dc&creative_id=daily_v2_more_stories_entry_with_image-4-17:moreStoryWithImageEntryMSO
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://apple.news/AUgpv7rZsQdWnLTJ6siYUbA?articleList=Abj_ncZbQTkqQWOdHdqF-sA&campaign_id=E101&campaign_type=69daabd3-6571-43b9-e33a-fb4b350529dc&creative_id=daily_v2_more_stories_entry_with_image-4-17:moreStoryWithImageEntryMSO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Sep 2021 18:36:09 GMT
Server: AppleHttpServer/21d85a9b022c382b518860f75a6adf819895c154
X-B3-TraceId: 026694c4f4254e2d
Date: Fri, 15 Oct 2021 15:49:40 GMT
X-Frame-Options: DENY
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 2100
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 Oct 2021 15:49:40 GMT

GET
H/1.1 200
OK Appicon_v6.png
apple.news/images/ 11 KB
12 KB 364ms
351ms Image
image/png 2.18.232.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apple.news/images/Appicon_v6.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.232.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-89.deploy.static.akamaitechnologies.com

Software

AppleHttpServer/21d85a9b022c382b518860f75a6adf819895c154 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: apple.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://apple.news/AUgpv7rZsQdWnLTJ6siYUbA?articleList=Abj_ncZbQTkqQWOdHdqF-sA&campaign_id=E101&campaign_type=69daabd3-6571-43b9-e33a-fb4b350529dc&creative_id=daily_v2_more_stories_entry_with_image-4-17:moreStoryWithImageEntryMSO
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://apple.news/AUgpv7rZsQdWnLTJ6siYUbA?articleList=Abj_ncZbQTkqQWOdHdqF-sA&campaign_id=E101&campaign_type=69daabd3-6571-43b9-e33a-fb4b350529dc&creative_id=daily_v2_more_stories_entry_with_image-4-17:moreStoryWithImageEntryMSO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Sep 2021 18:36:09 GMT
Server: AppleHttpServer/21d85a9b022c382b518860f75a6adf819895c154
X-B3-TraceId: c5f4552dd3606036
Date: Fri, 15 Oct 2021 15:49:40 GMT
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11329
X-XSS-Protection: 1; mode=block
Expires: Fri, 15 Oct 2021 15:49:40 GMT

GET
H2 200 sf-pro-display_heavy.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v1/ 159 KB
160 KB 26ms
7ms Font
font/woff2 104.111.215.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Display/v1/sf-pro-display_heavy.woff2

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-87.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

abe1b56150adaf5a63a856eeb4f9e83fd5ab7f036d2a6bd608ae41f407bc3909

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options: nosniff
server: Apple
date: Fri, 15 Oct 2021 15:49:40 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT from a2-16-187-149.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2987
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 162416
x-xss-protection: 1; mode=block
expires: Fri, 15 Oct 2021 16:39:27 GMT

GET
H2 200 sf-pro-display_bold.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v1/ 150 KB
151 KB 43ms
25ms Font
font/woff2 104.111.215.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Display/v1/sf-pro-display_bold.woff2

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-87.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options: nosniff
server: Apple
date: Fri, 15 Oct 2021 15:49:40 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT from a2-16-187-149.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=1124
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 153880
x-xss-protection: 1; mode=block
expires: Fri, 15 Oct 2021 16:08:24 GMT

GET
H2 200 sf-pro-display_regular.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v1/ 138 KB
139 KB 39ms
21ms Font
font/woff2 104.111.215.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Display/v1/sf-pro-display_regular.woff2

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-87.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

1cd2500f652e5f7611dc8735b1455d572a7aa1ccede57d8e375ff88023cf9ccd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options: nosniff
server: Apple
date: Fri, 15 Oct 2021 15:49:40 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT from a2-16-187-149.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=910
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 141324
x-xss-protection: 1; mode=block
expires: Fri, 15 Oct 2021 16:04:50 GMT

GET
H2 200 SFProIcons_semibold.woff
www.apple.com/wss/fonts/SF-Pro-Icons/v1/ 9 KB
9 KB 39ms
20ms Font
application/font-woff 104.111.215.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Icons/v1/SFProIcons_semibold.woff

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-87.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

41daac81421329b7091d3ea33d91959ee08135224c28f3dcb523341fa2e90393

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options: nosniff
server: Apple
date: Fri, 15 Oct 2021 15:49:40 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_MEM_HIT from a2-16-187-149.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=1180
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 8868
x-xss-protection: 1; mode=block
expires: Fri, 15 Oct 2021 16:09:20 GMT

GET
H2 200 SFProIcons_regular.woff
www.apple.com/wss/fonts/SF-Pro-Icons/v1/ 10 KB
11 KB 41ms
23ms Font
application/font-woff 104.111.215.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Icons/v1/SFProIcons_regular.woff

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-87.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

3b7d2b4c5417a697678081ed3b344955f0b25e694171178b0c01e029b4a18e8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options: nosniff
server: Apple
date: Fri, 15 Oct 2021 15:49:40 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_MEM_HIT from a2-16-187-149.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=1343
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 10380
x-xss-protection: 1; mode=block
expires: Fri, 15 Oct 2021 16:12:03 GMT

GET
H2 200 sf-pro-text_semibold.woff2
www.apple.com/wss/fonts/SF-Pro-Text/v1/ 166 KB
167 KB 39ms
21ms Font
font/woff2 104.111.215.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Text/v1/sf-pro-text_semibold.woff2

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-87.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

970e676c52b275a819ab9170ec4427370cc6c7033aa2e6b0b9cb71b977b72542

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options: nosniff
server: Apple
date: Fri, 15 Oct 2021 15:49:40 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT from a2-16-187-149.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=1234
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 169880
x-xss-protection: 1; mode=block
expires: Fri, 15 Oct 2021 16:10:14 GMT

GET
H2 200 sf-pro-text_regular.woff2
www.apple.com/wss/fonts/SF-Pro-Text/v1/ 152 KB
153 KB 39ms
22ms Font
font/woff2 104.111.215.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Text/v1/sf-pro-text_regular.woff2

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-87.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

78f1a8f3787f77f7ab4fcbb12c87f5cd412556c04991cdadaacddcd9b5a3e68a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options: nosniff
server: Apple
date: Fri, 15 Oct 2021 15:49:40 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT from a2-16-187-149.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=841
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 155504
x-xss-protection: 1; mode=block
expires: Fri, 15 Oct 2021 16:03:41 GMT

GET
H2 200 Primary Request robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder Show response
www.latimes.com/california/story/2021-10-14/ 272 KB
64 KB 60ms
13ms Document
text/html 13.32.121.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-26.fra60.r.cloudfront.net

Software

Apache Tomcat / Brightspot

Resource Hash

5d5ce3e571aef243a74cd29d4d165165c396b3b9c6a6cfec63a2d623987f21f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

:method: GET
:authority: www.latimes.com
:scheme: https
:path: /california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://apple.news/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://apple.news/

Response headers

content-type: text/html;charset=UTF-8
cache-control: max-age=180
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
date: Fri, 15 Oct 2021 15:48:30 GMT
server: Apache Tomcat
strict-transport-security: max-age=63072000
x-powered-by: Brightspot
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: moT4rcFoDnzXfwJvaxYmDH6zLoFCHsALhcehgbN-lUNthi8-6O92yA==
age: 70

GET
H2 200 styles-creative.min.bc24538b343f9b04556c3074165a7461.gz.css
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/ 230 KB
40 KB 64ms
7ms Stylesheet
text/css 18.66.122.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/styles-creative.min.bc24538b343f9b04556c3074165a7461.gz.css
Requested by: Host: www.latimes.com
URL: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcff35cea618db4894095e3712ca4a91603b65888ce7de59016460b83c8917d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:57:22 GMT
content-encoding: gzip
age: 759139
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 40112
last-modified: Wed, 06 Oct 2021 19:59:25 GMT
server: AmazonS3
etag: "5a130dee7002265865f5993ce71afcc1"
x-amz-version-id: 54JV.0qHTNLYAPuWY6.6clE_tEdtK1Tm
via: 1.1 375431e28d82888f474ac3665a4ceb67.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: hHWG_zier3DSp7piKOFPybJ3BQ0MCiYBkUg3dxGpdioQdwWws0YEPg==

GET
H2 200 Bootstrap.js Show response
activate.platform.californiatimes.com/caltimes/latimes/ 325 KB
83 KB 73ms
21ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Requested by: Host: www.latimes.com
URL: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: da79da69257cb3897ecfec1b6b87f7e6c1f2f012225f0b5fad0d883c6c05b085

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:40 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 01:53:11 GMT
server: nginx
etag: W/"61663c07-5153d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H2 200 Core.min.1b02df584d121780de32bbd0382f0ac8.gz.js Show response
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/ 172 KB
41 KB 7ms
7ms Script
text/javascript 18.66.122.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/Core.min.1b02df584d121780de32bbd0382f0ac8.gz.js
Requested by: Host: www.latimes.com
URL: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae6f56ae3ed68d87c1aa39bf21a3fdabb10a1347344a7605f1adb1f66caedc7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:57:22 GMT
content-encoding: gzip
age: 759139
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 41212
last-modified: Wed, 06 Oct 2021 19:58:23 GMT
server: AmazonS3
etag: "e74e3ba1096288dba756a7c7e263a8af"
x-amz-version-id: YeA5Nn9Jz2y_GznnfUtKNDTme9bNVmcg
via: 1.1 375431e28d82888f474ac3665a4ceb67.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-type: text/javascript
x-amz-cf-id: EK7dRLYmoliJU7Mg0FJ7jT0Vmzk75PVdWbLZ-ocsCjD_yr3O3AR7oQ==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 50ms
14ms Script
text/javascript 172.217.23.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.latimes.com
URL: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f10.1e100.net

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 20:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Tue, 11 Oct 2022 20:29:08 GMT

GET
H2 200 latspot.min.js Show response
ssor.platform.californiatimes.com/reg/tribune/ 34 KB
14 KB 35ms
7ms Script
text/javascript 18.66.97.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssor.platform.californiatimes.com/reg/tribune/latspot.min.js

Requested by

Host: www.latimes.com
URL: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 + Phusion Passenger(R) 6.0.10 / Phusion Passenger(R) 6.0.10

Resource Hash

15f03f00c549d938e1751d428fe9236fc8a7a8b0669bca7684c43fd909c00a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 865
x-powered-by: Phusion Passenger(R) 6.0.10
x-cache: Hit from cloudfront
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 63014b6b-e82a-4393-9d30-0d6b3a4b54c2
x-runtime: 0.002748
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Oct 2021 18:07:02 GMT
server: nginx/1.18.0 + Phusion Passenger(R) 6.0.10
x-host-info: ip-10-22-142-132; development
x-frame-options: SAMEORIGIN
x-amzn-trace-id: Root=1-6162f078-2be0c31e751f144a74e87128
x-download-options: noopen
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
cache-control: max-age=900, public, must-revalidate
etag: 2270589203400941353
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: p2jmjJ0kbw_MHcZEQvU--x1UJIwZfiR2JcQcHk_UbBbzvzXZOI10yQ==

GET
H2 200 latspot.js Show response
libs.platform.californiatimes.com/meteringjs/ 193 KB
34 KB 46ms
7ms Script
application/javascript 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.platform.californiatimes.com/meteringjs/latspot.js
Requested by: Host: www.latimes.com
URL: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6decd7f21248abee8c3f6fc778ba53962940544f52319179e266fcaae87a7cbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:37:05 GMT
content-encoding: br
etag: W/"2b11221b28b8c14e63c3792e6dc35747"
last-modified: Tue, 05 Oct 2021 19:26:00 GMT
server: AmazonS3
age: 756
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: J36ufmRBWNMY9zy3LOEWhptmJmQ7TR7U0Yv9aoaOEKjp9fiKnv9PXw==

GET
H/1.1 200
OK 20520_latimes.js Show response
ads.rubiconproject.com/prebid/ 292 KB
88 KB 542ms
13ms Script
text/javascript 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/20520_latimes.js
Requested by: Host: www.latimes.com
URL: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2b8114446cdd178ea71ae3411ead7c11526cab9fb7213fee05f7b48c0f2b8651

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:49:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Sep 2021 20:08:31 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=12560
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89737
Expires: Fri, 15 Oct 2021 19:19:01 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/GfBGK_P3Adzw1hvTTkQjebew6Z4/gpt_and_prebid/ 158 KB
32 KB 39ms
12ms Script
text/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/GfBGK_P3Adzw1hvTTkQjebew6Z4/gpt_and_prebid/config.js
Requested by: Host: www.latimes.com
URL: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f7542a3d7d6b4897b9efc23c722af79a176dcd6cd90a8dbda50e4fa48c8dce4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:49:40 GMT
Content-Encoding: gzip
Age: 701
X-Cache: HIT
Connection: keep-alive
Content-Length: 32663
x-amz-id-2: cw3rC5usx9Nr2mWY9SFOsDKiP6PMzCxxL819+4HwXA1jfDGV09pR2nhluxRGB0Kd4NfUroHcrYk=
X-Served-By: cache-hhn4061-HHN
Last-Modified: Fri, 15 Oct 2021 15:18:27 GMT
Server: AmazonS3
X-Timer: S1634312981.826979,VS0,VE1
ETag: "6845c61dcfeea7625a7ca0e3445ccaa8"
x-amz-request-id: 29EY3X1TME7WG800
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 86ms
37ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.latimes.com
URL: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3dab1e3a8b2f0d2106645d4b5c9a4642b6b1e50c3ba237ba25389c549eb43fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1016 / 837 of 1000 / last-modified: 1634306813"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27193
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Oct 2021 15:49:40 GMT

GET
H2 200 68547f8f-2fd8-4ff3-9b63-51e86e2edee8-web.js Show response
68547f8f-2fd8-4ff3-9b63-51e86e2edee8.edge.permutive.app/ 232 KB
62 KB 72ms
31ms Script
application/javascript 104.18.5.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://68547f8f-2fd8-4ff3-9b63-51e86e2edee8.edge.permutive.app/68547f8f-2fd8-4ff3-9b63-51e86e2edee8-web.js
Requested by: Host: www.latimes.com
URL: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.5.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adae6f323eb8d12543e1521f4d2d60c84c329a4524b256dda35b6e7c3d5dcac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:40 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 68547f8f-2fd8-4ff3-9b63-51e86e2edee8
age: 2891
x-guploader-uploadid: ADPycdvUyz5ad4n95fO4jHuNQgSA2x47qxHhiwpOPcLFR31vE2eltyF_26cHW1gEjtCGcKtHarz1l3Mmf8knONHxSkw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Thu, 14 Oct 2021 06:24:07 GMT
server: cloudflare
etag: W/"c748f6e3ad7a95191286f47ff94bdebf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=8Q3pJw==, md5=x0j24616lRkShvR/+Uvevw==
x-goog-generation: 1634192647013685
cache-control: public, max-age=300
x-goog-stored-content-length: 66601
cf-ray: 69ea32e24e65874d-DUS
expires: Fri, 15 Oct 2021 15:54:40 GMT

GET
H2 200 latest.js Show response
libs.platform.californiatimes.com/modalityjs/ 17 KB
4 KB 50ms
13ms Script
application/javascript 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.platform.californiatimes.com/modalityjs/latest.js
Requested by: Host: www.latimes.com
URL: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: faf9d8a0aaad67f389822224a487c77856849cbb97d4d5b37527f72fb676cf0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:46:07 GMT
content-encoding: gzip
etag: W/"50f13461b0b5d380ad78f2cc5824e047"
last-modified: Tue, 14 Sep 2021 17:20:38 GMT
server: AmazonS3
age: 216
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: JHLnKZwnvcxXDaKymuijAdoJLATOUbPfsvxdSMbBPxkOdPjy_8v8Tw==

GET
H2 200 latest.js Show response
libs.platform.californiatimes.com/newsletter-campaign-manager/ 27 KB
7 KB 51ms
13ms Script
application/javascript 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.platform.californiatimes.com/newsletter-campaign-manager/latest.js
Requested by: Host: www.latimes.com
URL: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c419f753d2f4b332cc37d7b0a14326da3bf8b522d34d988ecd97d83f88f73d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:43:33 GMT
content-encoding: gzip
etag: W/"75220d72201cbc019c7f526e614e2c06"
last-modified: Tue, 14 Sep 2021 17:26:47 GMT
server: AmazonS3
age: 582
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: BMgHoSPpsXiJ20BjUAV6PvHbjR4mVBaxhK6e9gKKSJ6b8us3UiK5KQ==

GET
H2 200 /
ca-times.brightspotcdn.com/dims4/default/4725756/2147483647/strip/true/crop/4240x2832+0+0/resize/840x561!/format/webp/quality/90/ 48 KB
49 KB 10ms
9ms Image
image/webp 18.66.122.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-times.brightspotcdn.com/dims4/default/4725756/2147483647/strip/true/crop/4240x2832+0+0/resize/840x561!/format/webp/quality/90/?url=https%3A%2F%2Fcalifornia-times-brightspot.s3.amazonaws.com%2Fd4%2Fcb%2Fbbe8f86046509a35f135ce07c4db%2Fla-photos-1staff-844458-me-durst-sentencing-09-mjc.jpg
Requested by: Host: www.latimes.com
URL: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 98a798fe43083a8fc7ab16f78de61528dd1c7cf78eae5fd417bdbe1fe68e40b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 23:39:11 GMT
via: 1.1 375431e28d82888f474ac3665a4ceb67.cloudfront.net (CloudFront)
server: Apache
age: 58229
etag: ea50eb191b76ade391baef2b84e4253f
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA60-P2
x-robots-tag: nofollow
content-length: 49394
x-amz-cf-id: Isv2SIC7ncZMJXWl3l3Y6D2PxvyT00HxzHrOaXkGuJUO5H1S3apyeQ==
expires: Fri, 14 Oct 2022 23:39:11 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 62ms
24ms Script
application/javascript 18.66.241.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.241.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:40:08 GMT
content-encoding: gzip
age: 571
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 142ATFGRKP89SQ36EN50
etag: e2b905aea413c4d7479fb2bb9cbc6c65
vary: Accept-Encoding
x-amz-version-id: zTpXqDhrs..xkKPVKkqB8HVtw0cnTzHi
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: Imp6RDvl5fFRnIGwfJZKTVevcymLzMRZfAAH8WIHYCzt-xK8IRUw1w==

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 a649dec0e34796e15c5b3ab6aaa47f80.0af2a448f6d58f8dd85f039eba38b50f.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ 14 KB
15 KB 29ms
13ms Font
application/octet-stream 18.66.122.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/a649dec0e34796e15c5b3ab6aaa47f80.0af2a448f6d58f8dd85f039eba38b50f.woff2
Requested by: Host: ca-times.brightspotcdn.com
URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/styles-creative.min.bc24538b343f9b04556c3074165a7461.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d12680bfc77396330439d134956e2f0c67c5ef889ad0b9396e5e22bba81dfdb

Request headers

Referer: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/styles-creative.min.bc24538b343f9b04556c3074165a7461.gz.css
Origin: https://www.latimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:57:24 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad45.cloudfront.net (CloudFront)
vary: Origin
age: 759137
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 14336
last-modified: Tue, 19 Jan 2021 22:19:42 GMT
server: AmazonS3
etag: "28ac691e5e6e27bbe25e29d7b864978b"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: Jp2XVMtU3NwDb4MsU1h3Kxx.Ob4ixcXL
access-control-allow-origin: https://www.latimes.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: fArREHabbFuKqk62sPKdHMz1uXwGnxjfwZ2KygDqLA0pPlbR1yofoQ==

GET
H2 200 04ea457b4ef54eb866e0c9b7b2c00d47.0173e1397f3e876c231fe162dd06864a.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ 14 KB
14 KB 30ms
15ms Font
application/octet-stream 18.66.122.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/04ea457b4ef54eb866e0c9b7b2c00d47.0173e1397f3e876c231fe162dd06864a.woff2
Requested by: Host: ca-times.brightspotcdn.com
URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/styles-creative.min.bc24538b343f9b04556c3074165a7461.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c53ea495e43386054567a488d1e6e03f8b93b0bfb4cd85602212df7bf182a7ea

Request headers

Referer: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/styles-creative.min.bc24538b343f9b04556c3074165a7461.gz.css
Origin: https://www.latimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:57:24 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad45.cloudfront.net (CloudFront)
vary: Origin
age: 759137
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 14180
last-modified: Tue, 19 Jan 2021 22:19:42 GMT
server: AmazonS3
etag: "4e123dc0e3e9bebc896cda50ed712ecf"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: CKkhgmiRYYB65lAUT0OEGKi_QENjVowu
access-control-allow-origin: https://www.latimes.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: 2HzYfqF12NLQvS1rAL_Joc6gMb2svNZsje-zy0eypNFJYoaXwNnNEg==

GET
H2 200 0b4bf778d33c6da2d0edf444eca73203.6f505bd99ff1b58341f6ac7abe7fc12a.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ 31 KB
32 KB 34ms
20ms Font
application/octet-stream 18.66.122.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/0b4bf778d33c6da2d0edf444eca73203.6f505bd99ff1b58341f6ac7abe7fc12a.woff2
Requested by: Host: ca-times.brightspotcdn.com
URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/styles-creative.min.bc24538b343f9b04556c3074165a7461.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 016aae8f0f82dc232da12bca20292f2c731d221a3b9742d6ec0b13842acaa43b

Request headers

Referer: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/styles-creative.min.bc24538b343f9b04556c3074165a7461.gz.css
Origin: https://www.latimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:57:24 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad45.cloudfront.net (CloudFront)
vary: Origin
age: 759137
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 32204
last-modified: Tue, 19 Jan 2021 22:19:43 GMT
server: AmazonS3
etag: "8810b04f2244c556bdb193e6b775b56b"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: qN_CkTORaVK9S6FzLOitk44vi1T5Ow6W
access-control-allow-origin: https://www.latimes.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: RXyJrsNyB9n6XQXHoAimfKfucsvu5JFPWtP7p6AeMCfu4Tth_Y6aIQ==

GET
H2 200 d2fd83396dfc1f9573c65e43fa813674.4046c096f268453d9b0ff36ff067feec.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ 31 KB
32 KB 22ms
7ms Font
application/octet-stream 18.66.122.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/d2fd83396dfc1f9573c65e43fa813674.4046c096f268453d9b0ff36ff067feec.woff2
Requested by: Host: ca-times.brightspotcdn.com
URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/styles-creative.min.bc24538b343f9b04556c3074165a7461.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 603e88a690c49d42ecfd23639743414ef2f4fa059284a1794acbce524d9c21ca

Request headers

Referer: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/styles-creative.min.bc24538b343f9b04556c3074165a7461.gz.css
Origin: https://www.latimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:57:24 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad45.cloudfront.net (CloudFront)
vary: Origin
age: 759137
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 31908
last-modified: Tue, 19 Jan 2021 22:19:43 GMT
server: AmazonS3
etag: "3439c2cbafcfb9062b3acf1de85736bb"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: ouvpOGvxXMZ3Ffy7E_gXgzIUl657D.pk
access-control-allow-origin: https://www.latimes.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: co7MIiFUJ4zD_BkCMYE4aNL0XcEZaazTnSXaVfctZMrBecB9h8IfBA==

GET
H2 200 f362a84427d749c5b801ac76a2f9f296.0c532721f81fc3dc5537f4f33e2023d8.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ 13 KB
14 KB 28ms
14ms Font
application/octet-stream 18.66.122.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/f362a84427d749c5b801ac76a2f9f296.0c532721f81fc3dc5537f4f33e2023d8.woff2
Requested by: Host: ca-times.brightspotcdn.com
URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/styles-creative.min.bc24538b343f9b04556c3074165a7461.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ded94c8116574205c09c29b6cfe362eb00915e99edefab4394ccc31ab5a16645

Request headers

Referer: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/styles-creative.min.bc24538b343f9b04556c3074165a7461.gz.css
Origin: https://www.latimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 20:57:24 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad45.cloudfront.net (CloudFront)
vary: Origin
age: 759137
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 13820
last-modified: Tue, 19 Jan 2021 22:19:41 GMT
server: AmazonS3
etag: "563755bdfd2fe14b90b3c3f6c44f5b6b"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 4PNaUssunbMRu62U0aHCeDe0cu10Ctue
access-control-allow-origin: https://www.latimes.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: mDRXb0oM08RM5K4XCJSkvDnyD7hAdHNy8IKhUFaoAG6VRYeU9hYseQ==

GET
H2 200 serverComponent.php Show response
activate.platform.californiatimes.com/caltimes/latimes/ 3 KB
1 KB 10ms
10ms Script
text/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://activate.platform.californiatimes.com/caltimes/latimes/serverComponent.php?namespace=CalTimes&staticJsPath=activate.platform.californiatimes.com/caltimes/latimes/code/&publishedOn=Wed%20Oct%2013%2001:53:09%20GMT%202021&ClientID=2715&PageID=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 478f40d34579ccaab1908dfb272ce6d28ff4da0d2b8693d7fb075721f95b14b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:40 GMT
cache-control: no-cache, no-store
content-type: text/javascript
server: nginx
content-encoding: gzip
vary: Accept-Encoding
expires: Fri, 15 Oct 2021 15:49:39 GMT

GET
H2 204 r.rnc
activate.platform.californiatimes.com/privacy/v1/b/ 0
106 B 7ms
7ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/privacy/v1/b/r.rnc?n=0&c=2715&i=5nb7jm&p=latimes&s=308&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTA4IiwiY2xpZW50SWQiOjI3MTUsInB1Ymxpc2hQYXRoIjoibGF0aW1lcyIsImluc3RhbmNlSWQiOiI1bmI3am0iLCJwYWNrZXQiOjAsIm1vZGUiOiJlbmZvcmNlWgDyJ29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLMA8BkiLCJ0eXBlIjoiYmlsbGluZyIsInN0YXJ0IjoxNjM0MzEyOTgwNzgwWgDAZCI6LTEsInNvdXJjMgACKwBhdHVzIjoiZgBAYXNvbmUA010sImRhdGFQYXR0ZXISAMAibGlzdCI6W119XX0
Requested by: Host: www.latimes.com
URL: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:40 GMT
cache-control: no-cache, no-store
server: nginx
expires: Fri, 15 Oct 2021 15:49:39 GMT

GET
H2 200 9f1fa0f4a90d848a8f261c6537a23740.js Show response
activate.platform.californiatimes.com/caltimes/latimes/code/ 7 KB
2 KB 8ms
7ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://activate.platform.californiatimes.com/caltimes/latimes/code/9f1fa0f4a90d848a8f261c6537a23740.js?conditionId0=4864511
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: be002b6bc7cd8b9043f09bcc3ddd290611ffa9f39e1923789414390a89e6c0a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:40 GMT
content-encoding: gzip
last-modified: Tue, 14 Jul 2020 00:50:48 GMT
server: nginx
etag: W/"5f0d0168-1c9e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 b968c5f59230e4c8415d574fa4bbfbdb.js Show response
activate.platform.californiatimes.com/caltimes/latimes/code/ 887 B
1 KB 8ms
8ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://activate.platform.californiatimes.com/caltimes/latimes/code/b968c5f59230e4c8415d574fa4bbfbdb.js?conditionId0=4913902
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6080e7e7885a2e682f2d7da4846a74e04a549f86b2204fb1b2c5d8d46e9596c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:40 GMT
last-modified: Wed, 13 Oct 2021 01:53:11 GMT
server: nginx
etag: "61663c07-377"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 887

GET
H2 200 65d8c88553c7bfe44206c3481e86d87a.js Show response
activate.platform.californiatimes.com/caltimes/latimes/code/ 128 KB
20 KB 10ms
10ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://activate.platform.californiatimes.com/caltimes/latimes/code/65d8c88553c7bfe44206c3481e86d87a.js?conditionId0=4849544
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c9f185ce417e45970ebffde69880e7fd560e2c63b7ecdace7057a9baa291aee5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:40 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 01:53:11 GMT
server: nginx
etag: W/"61663c07-2012c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 7767b41b32e8460f1b610509f757eb41.js Show response
activate.platform.californiatimes.com/caltimes/latimes/code/ 115 KB
10 KB 9ms
9ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://activate.platform.californiatimes.com/caltimes/latimes/code/7767b41b32e8460f1b610509f757eb41.js?conditionId0=4853386&conditionId1=4853390&conditionId2=4875790&conditionId3=4853391&conditionId4=4853389&conditionId5=4863749
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8b322d4c61c50cfdc0a35f7307589a017c3060b54d3a2a48f0851425ab09caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:40 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 01:22:35 GMT
server: nginx
etag: W/"616634db-1cb27"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 dd658ba69acc0c9a6c57ad99ee7e8a19.js Show response
activate.platform.californiatimes.com/caltimes/latimes/code/ 1 KB
782 B 8ms
8ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://activate.platform.californiatimes.com/caltimes/latimes/code/dd658ba69acc0c9a6c57ad99ee7e8a19.js?conditionId0=4864545
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1d4815608e9cde74d93030bc79c525c049060fac5ed82aeacfffe301852b69cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:40 GMT
content-encoding: gzip
last-modified: Fri, 02 Jul 2021 16:31:20 GMT
server: nginx
etag: W/"60df3f58-561"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 fa40d706ae3ab8c22b6bd269259e1f51.js Show response
activate.platform.californiatimes.com/caltimes/latimes/code/ 653 B
826 B 8ms
8ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://activate.platform.californiatimes.com/caltimes/latimes/code/fa40d706ae3ab8c22b6bd269259e1f51.js?conditionId0=4849544
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d357fc6caa2a50825ab1a12ebf30692e57b0263d48af5f5b26eb53ce47a09a16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:40 GMT
last-modified: Tue, 21 Sep 2021 17:18:21 GMT
server: nginx
etag: "614a13dd-28d"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 653

GET
H2 200 8004b0f59be7d959c194bbcac43add72.js Show response
activate.platform.californiatimes.com/caltimes/latimes/code/ 78 KB
6 KB 8ms
8ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://activate.platform.californiatimes.com/caltimes/latimes/code/8004b0f59be7d959c194bbcac43add72.js?conditionId0=4849974
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 654ad4e6d10d7319e6dc93c14e20f9e8bc91fa553cebf246597d8e1b53ac85a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:40 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 21:55:11 GMT
server: nginx
etag: W/"611598bf-13790"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 pubads_impl_2021101201.js Show response
securepubads.g.doubleclick.net/gpt/ 361 KB
122 KB 29ms
28ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124532
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Oct 2021 15:49:40 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 308 B
178 B 57ms
29ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.latimes.com

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ca8019a51ee83bf4383c6865f08ab77117cb1ea6971776393e2f63f97181d32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Oct 2021 15:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 153
x-xss-protection: 0
expires: Fri, 15 Oct 2021 15:49:40 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 29ms
10ms XHR
application/javascript 18.66.241.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.241.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 53069
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 01:02:33 GMT
server: AmazonS3
date: Fri, 15 Oct 2021 01:16:28 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: NSpoKfO0NHNubv0ajvFQSYqKr3rlBFuPiryNYREbsP8qCSGF77XotQ==

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202110141220/ 180 KB
58 KB 6ms
6ms Script
application/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202110141220/wrap.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9eff78a9f29c9828c1382db95605031958ba2647a448b6da0f4f9a9737daba0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:49:40 GMT
Content-Encoding: gzip
Age: 115
X-Cache: HIT
Connection: keep-alive
Content-Length: 58949
x-amz-id-2: 011+A6SZUmWQnWpgZXicJUeR68Yo+P+Mjm2rUxdd67t2mJksWyoJla1FT76VPpxu9nfGlSR4Ec8=
X-Served-By: cache-hhn4061-HHN
Last-Modified: Thu, 14 Oct 2021 16:22:38 GMT
Server: AmazonS3
X-Timer: S1634312981.962616,VS0,VE0
ETag: "9749b1432555d8b99a84af6a43100ca0"
x-amz-request-id: WQC6CVCKYZXHK3E4
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 333

GET
H2 200 pxid Show response
68547f8f-2fd8-4ff3-9b63-51e86e2edee8.prmutv.co/v2.0/ 46 B
455 B 107ms
29ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://68547f8f-2fd8-4ff3-9b63-51e86e2edee8.prmutv.co/v2.0/pxid?k=5d77544a-6fe3-4644-bf31-bccb6eef1a61
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 50c831faf5f116b62f8a979de75973dab8ae0913e6c62a9df7a4ae2c82cd66ab

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.latimes.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 66
via: 1.1 google

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
693 B 42ms
13ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 15 Oct 2021 15:49:41 GMT
X-Proxy-Origin: 216.131.111.174; 216.131.111.174; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 091b8054-81b1-4f41-8cba-c206a4b42997
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.latimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 246 B
434 B 59ms
22ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=5d77544a-6fe3-4644-bf31-bccb6eef1a61
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 58a6e36d9b9032be70052ebf42201b8dfab1ae87a0040082565900dcd521bfce

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.latimes.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 178
via: 1.1 google

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 2 B
96 B 64ms
27ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=5d77544a-6fe3-4644-bf31-bccb6eef1a61
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.latimes.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 22
via: 1.1 google

GET
H2 200 meter Show response
metering.platform.latimes.com/v1/ 340 B
681 B 590ms
227ms Fetch
application/json 44.233.11.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://metering.platform.latimes.com/v1/meter?meterKey=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&productCode=latspot&referrerUrl=https%3A%2F%2Fapple.news%2F&contentType=story
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.11.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-11-96.us-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 0b2cb5a461129ba4f781bef1ee401249c8e749f32a45afd04a8782cbdd56a7bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
server: awselb/2.0
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.latimes.com
cache-control: max-age=0
access-control-allow-credentials: true
content-length: 340

GET
BLOB 200
OK 15058d88-5bf2-4b41-9af8-12423761a996
https://www.latimes.com/ 48 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.latimes.com/15058d88-5bf2-4b41-9af8-12423761a996
Requested by: Host: www.latimes.com
URL: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e6f83f681fd7e47a49c64590d2a8f6e23119dc2770f31ee41d5c1ac4ba8d5e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 48835

GET
BLOB 200
OK fc7fd681-080b-40fd-9cf7-c02046e7a51e
https://www.latimes.com/ 22 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.latimes.com/fc7fd681-080b-40fd-9cf7-c02046e7a51e
Requested by: Host: www.latimes.com
URL: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5deda249739f77d933b02a1caba16db92c92aca4fe4c21566ad3a85d65b61ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 22400

GET
H2 200 subscriptions.js Show response
static.chartbeat.com/js/ 32 KB
10 KB 23ms
7ms Script
application/x-javascript 13.32.114.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/subscriptions.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.114.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-114-145.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: bfee3aaae52a8e772c619f79150bb21d5e6ece8a846b966b3bd283a4a7f4ed6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:14:04 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 23:57:21 GMT
server: nginx
age: 2137
etag: W/"60948261-7e73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: cntlwj_MuvQpPz3sdQ1TDNX79t7hs16AIYXHFAmyXRaFtIpHdiaF0Q==
expires: Fri, 15 Oct 2021 17:14:04 GMT

POST
H2 200 identify Show response
api.permutive.com/v2.0/ 50 B
326 B 63ms
29ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=5d77544a-6fe3-4644-bf31-bccb6eef1a61
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 3b498c9897b766dad1e27ab1fbf24178f7db6ad97bcaa852080eac84bebef653

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.latimes.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 70
via: 1.1 google

GET
H2 200 /
activate.latimes.com/pc/caltimes/ 42 B
507 B 160ms
98ms Image
image/gif 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.latimes.com/pc/caltimes/?pulse2001=https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&pulse2002=https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&pulse2003=lat:california:robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder:story.&pulse2004=www.latimes.com&pulse2005=latimes&pulse2006=california&pulse2007=/california&pulse2008=robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&pulse2009=robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&pulse2010=story&pulse2011=story&pulse2012=Robert%20Durst%20sentenced%20to%20life%20for%20Susan%20Berman%20murder%20%20Los%20Angeles%20Times&pulse2013=22&pulse2021=story&pulse2027=https://apple.news/&pulse2035=signed-out&pulse2038=216.131.111.174&pulse2039=1600x1200&pulse2040=lat&pulse2041=false&pulse2045=landscape&pulse2046=%3E1224&pulse2047=0-99&pulse2048=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/93.0.4577.63%20Safari/537.36&pulse2068=%20&pulse2071=%20&pulse2113=%20&pulse2119=%20&pulse2127=%20&pulse2128=%20&pulse2131=0000017c-71aa-d191-ad7e-f7ff7dc20000&pulse2134=Robert%20Durst%20sentenced%20to%20life%20in%20prison%20for%20murdering%20Susan%20Berman&pulse2135=James%20Queally&pulse2137=10-14-2021%2003:03&pulse2140=latimes&pulse2141=latimes&pulse2152=Myung%20J%20Chun%20%20Los%20Angeles%20Times&pulse2153=%20&pulse2168=%20&pulse2179=%20&pulse2215=latimes&pulse2286=1186&pulse2287=https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&pxlid=6132489044328421443&pbrd=1&pch=4&pei=2&pulse2216=0000017c-811a-d1b1-a1fe-cb7f59b70000&c_rdp=0
Requested by: Host: www.latimes.com
URL: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:49:41 GMT
server: nginx
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-cache, no-store, must-revalidate
x-ens-event-id: a1952444-1b95-4021-8ece-344735c2e0c6
x-offsite-uuid: bdb70074-d095-4b2e-a378-a9f9f15fd8cc
access-control-allow-headers: *
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 7ms
7ms Script
application/x-javascript 13.32.114.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.114.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-114-145.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 7222bdb705a3d4af9ac5d4f1375a3709bc77578dcc0e1f3b5caf55fd14af959c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:01:14 GMT
content-encoding: gzip
last-modified: Fri, 09 Jul 2021 00:14:48 GMT
server: nginx
age: 2907
etag: W/"60e794f8-11377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: AtA_EOsjm3LoNqkTUqN6XMKvH4d7tLODaSExPmnAhWAJPZqutpFAHA==
expires: Fri, 15 Oct 2021 17:01:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 78ms
29ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-40841508-1&l=adsData

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a77dceb8e2bedf97d02190fb23601a7cf3ec6f574b8ddf0474085333e2142e97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38586
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Oct 2021 15:49:41 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 283ms
94ms Image
image/gif 107.20.138.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=latimes.com&p=%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&u=C8ykTnYICUPCS3InJ&d=latimes.com&g=3908&g0=california&g1=James%20Queally&g4=story&n=1&f=00001&c=0&x=0&m=0&y=7526&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=https%3A%2F%2Fapple.news%2F&b=596&_s=%7B%22l%22%3A%22%22%2C%22uuid%22%3A%22NA%22%2C%22ga%22%3A%22%20%22%7D&t=6a-LLCnRIThBtafz9B4wLByREVjn&V=128&i=Robert%20Durst%20sentenced%20to%20life%20in%20prison%20for%20murdering%20Susan%20Berman&tz=0&_acct=anon&sn=1&sv=CPNNgk_CH8NBN8B0ICVgE3JBVoJPJ&sr=https%3A%2F%2Fapple.news%2F&sd=1&im=067b0fff&_
Requested by: Host: www.latimes.com
URL: https://www.latimes.com/california/story/2021-10-14/robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.138.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-138-141.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:49:41 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 90ms
26ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 6515
date: Fri, 15 Oct 2021 14:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 15 Oct 2021 16:01:06 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 50ms
21ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2176
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 15 Oct 2021 16:13:25 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
28ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=783533224&t=pageview&_s=1&dl=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&dr=https%3A%2F%2Fapple.news%2F&dp=%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&ul=en-us&de=UTF-8&dt=Robert%20Durst%20sentenced%20to%20life%20for%20Susan%20Berman%20murder%20%20Los%20Angeles%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDACUIhBAAAAC~&jid=1669121789&gjid=917477110&cid=1104700610.1634312981&tid=UA-40841508-1&_gid=997297253.1634312981&_r=1&gtm=2ouad0&cd2=california&cd4=lat%3Acalifornia%3Arobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder%3Astory.&cd5=22&cd6=story&cd8=story&cd9=robert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&cd97=&cd102=&cd37=&cd38=&cd103=&cd98=https%3A%2F%2Fapple.news%2F&cd124=&cd95=&cd96=signed-out&cd127=&cd111=&cd14=216.131.111.174&cd42=0-99&cd43=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&cd19=0000017c-71aa-d191-ad7e-f7ff7dc20000&cd13=James%20Queally&cd34=&cd15=10-14-2021%2003%3A03&cd16=&cd119=&cd29=&cd17=latimes&cd18=latimes&cd20=&cd7=&cd11=&cd10=&cd21=&cd22=Myung%20J%20Chun%20%20Los%20Angeles%20Times&cd33=%20&cd32=&cd53=&cd49=&cd50=&cd51=&cd52=&cd54=&cd69=&cd44=%3E1224&cd128=&cd129=&cd130=&cd131=&cd24=1186&cd23=&cd165=false&cd166=latimes&cd167=6132489044328421443&cd168=&cd169=&cd170=&cd171=&cd172=&cd108=&cd173=&cd174=0&cd175=&cd176=&cd177=&cd1=%22latimes%22&did=dNjIxNT&cd12=Robert%20Durst%20sentenced%20to%20life%20in%20prison%20for%20murdering%20Susan%20Berman&z=459445959

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:49:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.latimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 26ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra: DE-HE
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200111-IAD, cache-hhn11557-HHN

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 125ms
24ms Script
application/javascript 199.232.80.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1bd4245e90be5fdb85b55be8d976ef43dd849a650d927aa8e57d0995703593f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "24aad983602411080a3eb3958de67f02"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 scevent.min.js Show response
sc-static.net/ 16 KB
7 KB 50ms
21ms Script
application/javascript 52.222.236.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-124.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: a5ecc75908c7d2b54b2c339f79e698a55517ff23a7494c9652bdd073678eecd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA56-P4
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 6290
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
x-amz-cf-id: 67kM9qY65UFlBieSxRErl2QpKXp9Gq8RVCL5o00CbaVWKHHvz2amVA==

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 22 KB
7 KB 24ms
6ms Script
application/javascript 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 7125a66456daa35dd3e3e8cca4b9523e05caf0b4fa5bd5874676e7c6db40f3aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 14 Jul 2021 17:50:00 GMT
server: snooserv
etag: "912f60c72fda50b2f21068c65115175d"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7018

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 24ms
7ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

86bf486c6eb0cfebd37b935926a7c5c81ff674200a8a2aee6f601ccd76699387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25966
x-xss-protection: 0
pragma: public
x-fb-debug: rJeht0jvPygQWPdos9N0cYfilKYufVF5208S+vsPR2lxQxtYxlnAp4gTm0WoHSvy8rdrIRzrY/6cmWB2lrccqQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 15 Oct 2021 15:49:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1335255/ 74 KB
25 KB 80ms
52ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1335255/tfa.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f05dc15073bcfc5a60be17a08711dbf1fd2aee43007e283c4abeab4dc0000909

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: YidXAMBFy0eXYwQfsc6ncfrvUcDfpjY2
content-encoding: gzip
etag: "48f07d51e36d084105b57fdac4392096"
age: 47
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 24754
x-amz-id-2: BQr8xzXrWnGJtw7megpv5zwukaEW9bUh66dTqihcnJaIGJEX2OAcSfS37fV7dFs9pCv0mUd8qms=
x-served-by: cache-hhn4021-HHN
last-modified: Mon, 09 Aug 2021 10:25:57 GMT
server: AmazonS3
x-timer: S1634312982.537546,VS0,VE1
date: Fri, 15 Oct 2021 15:49:41 GMT
vary: Accept-Encoding
x-amz-request-id: EXAQ1DYF84YY5CVH
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 65
x-cache-hits: 1

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 64ms
19ms Script
application/javascript 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 15 Oct 2021 15:29:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1207
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5639
x-amz-id-2: nM3OYDtGv0QE2Y5WI922Jvsrl6AL5dYeiGSXYZdJ4OxXb/Xqo2FzByYErNlXh6q7BEMReAVxsPQ=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 27 May 2021 13:00:20 GMT
server: ATS
etag: "6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 5BW85AS1TT34EH05
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 qevents.js Show response
a.quora.com/ 39 KB
14 KB 29ms
13ms Script
text/plain 151.101.1.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding: gzip
etag: "f32ebb1e93a72c0a57add6d07f688510"
age: 2841
x-cache: HIT, HIT
content-length: 13681
x-amz-id-2: sX2W3P13quEiouGyZX3vDp30QZ1EVqYmAhar0JXdo1O+Jj3GkWSdJIbfIU2lBqU7ACH8A94mE0A=
x-served-by: cache-bwi5167-BWI, cache-hhn4029-HHN
last-modified: Fri, 25 Oct 2019 19:28:38 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer: S1634312981.494394,VS0,VE0
date: Fri, 15 Oct 2021 15:49:41 GMT
vary: Accept-Encoding
x-amz-request-id: FK4XNRMR4KYGPPWY
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 2, 758

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 73ms
39ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1009384521&l=adsData

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f6f004ba351f90a7ba00d4343f3ff47370f6c5a97cff4558e569b6a83d9a3dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39120
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Oct 2021 15:49:41 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 35ms
10ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:49:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 12:12:10 GMT
Server: AkamaiNetStorage
ETag: "973e2603f46b719eecf8139c22b897a0:1633349530.816673"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Fri, 15 Oct 2021 16:09:41 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 22ms
7ms Script
application/x-javascript 18.66.96.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.96.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 04:12:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 41844
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: LFgTqV_hAkR-UJ0-2buZrUT7DypK7Dcud5aF_dcoN_NVFuHN2chITA==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036462&ns__t=Fri%20Oct%2015%202021%2015:49:41%20GMT+0000%20(GMT)&ns_c=UTF-8&c8=Robert%20Durst%20sentenced%20to%20life%20for%20Susan%20Berman%20murder%20-...
https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=Fri%20Oct%2015%202021%2015%3A49%3A41%20GMT%200000%20(GMT)&ns_c=UTF-8&c8=Robert%20Durst%20sentenced%20to%20life%20for%20Susan%20Berman%20mur...

64 B
329 B

8ms
8ms

Image
image/gif

13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=Fri%20Oct%2015%202021%2015%3A49%3A41%20GMT%200000%20(GMT)&ns_c=UTF-8&c8=Robert%20Durst%20sentenced%20to%20life%20for%20Susan%20Berman%20murder%20-%20Los%20Angeles%20Times&c7=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&c9=https%3A%2F%2Fapple.news%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: TG79OvpOQHismq-PSudA-1Kuluq8gTD4FcOmjC_105pfGKtfmngIDw==

Redirect headers

date: Fri, 15 Oct 2021 15:49:41 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=Fri%20Oct%2015%202021%2015%3A49%3A41%20GMT%200000%20(GMT)&ns_c=UTF-8&c8=Robert%20Durst%20sentenced%20to%20life%20for%20Susan%20Berman%20murder%20-%20Los%20Angeles%20Times&c7=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&c9=https%3A%2F%2Fapple.news%2F
content-length: 415
x-amz-cf-id: OndJQarquDykBtnY6b3YxqHzpM4dpgNl4XRcwHVrmr_VSvYoIFJ9sA==

GET
H2 200 trackable.js Show response
ext.chtbl.com/ 4 KB
4 KB 71ms
9ms Script
application/javascript 18.66.248.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ext.chtbl.com/trackable.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:14:39 GMT
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
last-modified: Fri, 12 Feb 2021 20:28:32 GMT
server: AmazonS3
age: 2107
etag: "4a494dbb82444463b6fd8bff0e5593d6"
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
cache-control: max-age=3600
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 4092
x-amz-cf-id: LH1XvwSQHqIv2WvRhYYZJwQ2wJhrrOHuzE0zitlZuNCYAb4T0yLiog==

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6036462/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
349 B

9ms
6ms

Script
application/javascript

13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:47:47 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 115
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 0
x-amz-cf-id: h_P3vOfuLN1PRIf8CGP73GanI7xVJgwCT_Kzncxy-osetBAisG5mAw==

Redirect headers

date: Fri, 15 Oct 2021 15:49:41 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: 4iaiHA3xCR0lKpGkGrofwnKA0wPKv53iMAJtxApwE4WE4Q6vS3isGw==

GET
H2 200 rev.js Show response
assets.revcontent.com/master/ 26 KB
10 KB 65ms
14ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/rev.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 894694eee28fc463a83875d519e70afaf5f40ac7c042d6114c4ee86d156b4067

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 15:23:49 GMT
server: AmazonS3
x-amz-request-id: 1P2G3WFG5YBGERCW
etag: "46482d4733f3f6c1f93601a6274bc264"
x-hw: 1634312981.cds132.am5.hn,1634312981.cds236.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 9617
x-amz-id-2: JKuTV8b7Te83ZDLj9H8h15F7wMhKFGxLcpaMIg/sXjFpulXbaKMVfdkKo10AImg356v14UGYW1g=

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 36ms
10ms Script
application/x-javascript 2.16.186.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-19.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:49:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=29248
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 425ms
406ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1634312981499&id=t2_5wzfk9al&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=1a17fc56-eebe-447a-bcd2-d12c959eaa9a&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_a797b96e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
463 B 68ms
20ms XHR
text/plain 66.102.1.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-40841508-1&cid=1104700610.1634312981&jid=1669121789&gjid=917477110&_gid=997297253.1634312981&_u=6GDACUIgBAAAAC~&z=1021087954

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 15 Oct 2021 15:49:41 GMT
content-type: text/plain
access-control-allow-origin: https://www.latimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 632456800236234 Show response
connect.facebook.net/signals/config/ 490 KB
144 KB 16ms
8ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/632456800236234?v=2.9.47&r=stable

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

92f6c2b327cd8c9ec8157cc9764e6ba95f31dc8b99710507ab735bb17c5c3d25

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 147050
x-xss-protection: 0
pragma: public
x-fb-debug: 3cK4pGbTC0r5OSTPv/0j/AwNJ4zNsbSs7toAJjMeHcEkxhKCga8pM1PT77nkEnJXwjfie51Yjt/Ofq3/UoA4Ug==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 15 Oct 2021 15:49:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
660 B 143ms
116ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuumm&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=1fd83e12-f485-4f57-8034-a0f80ad384a3&tw_document_href=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 15 Oct 2021 15:49:41 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 40e122e1c750193dd41eee553b34f51bbc608337f59e498d9c7ad64b8f983c94
x-transaction: 046bf110de77b3cc
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
455 B 135ms
116ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuumm&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=1fd83e12-f485-4f57-8034-a0f80ad384a3&tw_document_href=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 15 Oct 2021 15:49:41 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 9fd771601b49b33fa59824fedba805ea0d5c74439d8664b6887a7dc7d6761014
x-transaction: 0d80807e06126fff
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame D65D 0
182 B 102ms
29ms Document
text/html 18.202.51.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=uakr1sk&ref=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&upid=swei7dz&upv=1.1.0
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.51.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-51-91.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=uakr1sk&ref=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&upid=swei7dz&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.latimes.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/ca8cb1bde9414b2583b370368e30f53e/ 43 B
423 B 385ms
98ms Image
image/gif 3.224.194.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/ca8cb1bde9414b2583b370368e30f53e/pixel?j=1&u=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&tag=ViewContent&ts=1634312981519

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.194.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-194-150.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:49:41 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,ff7f4718a24b3734ba4808cd3f03b50b,10.0.0.64,27026,216.131.111.174,,122607538674,1,1634312981.876,0.005,,.,0,0,0.000,0.004,-,0,0,203,135,67,10,26847,,,,,,-,
Content-Type: image/gif

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 430ms
98ms Script
application/javascript 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00d9d340b52282c19bd79c17bede8ae26c
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: gzip
X-TraceId: 8e6027d9924be22816ddd77b3e87cc00
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 410ms
88ms Image
image/gif 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00d9d340b52282c19bd79c17bede8ae26c&obApiVersion=1.1&obtpVersion=1.5.2&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&optOut=false&bust=08037985524955396
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:49:41 GMT
Cache-Control: no-cache
X-TraceId: 2b1628b559f3c7a5be9892d9fa3fca80
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 46 B
334 B 286ms
29ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=dbe625aa-7ced-4e1d-8918-88782123af97

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

67da2bab9fe643d334b2c67ed71ddacd86b432bbabeb9a3b13c209e98929f169

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
via: 1.1 google
server: nginx/1.17.3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 791D 0
41 B 289ms
47ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=dbe625aa-7ced-4e1d-8918-88782123af97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=dbe625aa-7ced-4e1d-8918-88782123af97
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.latimes.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/

Response headers

server: nginx/1.17.3
date: Fri, 15 Oct 2021 15:49:41 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 10135027.json Show response
s.yimg.com/wi/config/ 2 B
449 B 58ms
20ms XHR
application/json 87.248.118.22
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10135027.json

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.22 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:22:14 GMT
x-content-type-options: nosniff
age: 1647
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: SZK3TDSNG069FZCX
x-amz-id-2: u65puh2/57s/qTxcpUKaI/2U1ewUwuh/qAdmZLIsqQQRl0ZqRIf9p1hnSxMJivCpUbp+CeQg2lI=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2437484&time=1634312981548&url=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susa...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2437484%26time%3D1634312981548%26url%3Dhttps%253A%252F%252Fwww.latimes.com%252Fca...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2437484&time=1634312981548&url=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susa...

0
81 B

142ms
142ms

Image
application/javascript

108.174.11.69
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2437484&time=1634312981548&url=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.11.69 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-11-69.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:42 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-eda6
content-type: application/javascript
content-length: 0
x-li-uuid: Th71lv8+rhbQow7jYysAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXOZiS/uK6iSyDQsimTMg==
pragma: no-cache
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: C8CBBCA3602F4503A0C37BDB6F8210F6 Ref B: VIEEDGE1015 Ref C: 2021-10-15T15:49:42Z
date: Fri, 15 Oct 2021 15:49:41 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2437484&time=1634312981548&url=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 p Show response
tr.snapchat.com/ Frame 1D43 0
428 B 255ms
35ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 347
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.latimes.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.latimes.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://www.latimes.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/

Response headers

server: nginx/1.17.3
date: Fri, 15 Oct 2021 15:49:41 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBiQ0AIAgEsIlI+EQYRy8yBcPbStz2WCArgPwpqFQPVTYD0fsiZyTMTbRShj/3qwmzMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
426 B 24ms
7ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=632456800236234&ev=PageView&dl=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&rl=https%3A%2F%2Fapple.news%2F&if=false&ts=1634312981585&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1634312981585.366936962&it=1634312981511&coo=false&dpo=&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 15 Oct 2021 15:49:41 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 103ms
47ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-40841508-1&cid=1104700610.1634312981&jid=1669121789&_u=6GDACUIgBAAAAC~&z=1943883250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:49:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 72ms
36ms Image
image/gif 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-40841508-1&cid=1104700610.1634312981&jid=1669121789&_u=6GDACUIgBAAAAC~&z=1943883250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:49:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=632456800236234&ev=ViewContent&dl=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&rl=https%3A%2F%2Fapple.news%2F&if=false&ts=1634312981594&cd[value]=1&cd[currency]=USD&cd[content_name]=story&cd[content_ids]=%5B%220000017c-71aa-d191-ad7e-f7ff7dc20000%22%5D&cd[sub_status]=&cd[signed_in_status]=signed-out&sw=1600&sh=1200&v=2.9.47&r=stable&a=tmensighten&ec=1&o=30&fbp=fb.1.1634312981585.366936962&it=1634312981511&coo=false&dpo=&eid=fabbbd29-880c-47bc-8bd6-66470b855adc&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 15 Oct 2021 15:49:41 GMT

GET
H2 200 json Show response
trc.taboola.com/1335255/trc/3/ 2 KB
1 KB 26ms
25ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1335255/trc/3/json?tim=1634312981603&data=%7B%22id%22%3A330%2C%22ii%22%3A%22%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1634312981596%2C%22cv%22%3A%2220210809-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder%22%2C%22e%22%3A%22https%3A%2F%2Fapple.news%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dlatimes-direct-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1634312981602%2C%22ref%22%3A%22https%3A%2F%2Fapple.news%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder%22%2C%22tos%22%3A4%2C%22ssd%22%3A1%2C%22scd%22%3A15%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 903098aede75afd949fa9e5721cf84976c1672d0c7db266c803b5d946ba82108

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 16
date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: gzip
server: nginx
x-timer: S1634312982.616230,VS0,VE16
x-served-by: cache-hhn4021-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 32ms
32ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1009384521&l=adsData&cx=c

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

92f9a5b097c02d022ff8a9e4857aa02894f4c28072e67aec5eeeaf58b79b409e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39103
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Oct 2021 15:49:41 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 103ms
43ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ea0ccf3eab05a27a83fdc3a0c60ede70d4d2f18bf8be6cbdcc221d43ad5686ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14430
x-xss-protection: 0
server: cafe
etag: 16924264664223707549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 15 Oct 2021 15:49:41 GMT

GET
H/1.1 200
OK sp.pl
sp.analytics.yahoo.com/ 43 B
964 B 141ms
46ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2015%20Oct%202021%2015%3A49%3A41%20GMT&n=0&b=Robert%20Durst%20sentenced%20to%20life%20for%20Susan%20Berman%20murder%20-%20Los%20Angeles%20Times&.yp=10135027&f=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&e=https%3A%2F%2Fapple.news%2F&enc=UTF-8&yv=1.10.1&tagmgr=gtm%2Censighten

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:49:41 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Fri, 15 Oct 2021 15:49:41 GMT

POST
H2 200 track Show response
web.chtbl.com/ 49 B
379 B 193ms
193ms XHR
application/json 18.66.248.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.chtbl.com/track
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: uvicorn /
Resource Hash: bb30148d9df7671c14f2cd5be91e6b7a1488932efb740a80b66f39052744c168

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/json;charset=UTF-8

Response headers

date: Fri, 15 Oct 2021 15:49:42 GMT
via: 1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
server: uvicorn
x-amz-cf-pop: DUS51-P1
vary: Origin
access-control-allow-methods: OPTIONS,POST
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-headers: *
content-length: 49
x-amz-cf-id: osV6-5ukylhU3OlC6Czrpm3Ynk5FSp9OLqEUmUhsE4mkH0xa9o_28w==

OPTIONS
H2 200 track
web.chtbl.com/ Frame 0
0 254ms
194ms Preflight
application/json 18.66.248.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.chtbl.com/track
Protocol: H2
Server: 18.66.248.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.latimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 49
date: Fri, 15 Oct 2021 15:49:41 GMT
server: uvicorn
access-control-allow-methods: OPTIONS,POST
access-control-allow-headers: *
access-control-allow-origin: *
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Mk28a9cJFTUc88e6dyqdBgEzOtugzYghbYLI3khm36IbM6ZAS52Ebw==

GET
H2 200 AGSKWxWNRTLfkmZ_sB2gaYcMwjHW1OyLmcTmtJOPv6HNKumJTauxzlfTMSjTw7tv-vkwII2cqII2iFaBM6uEI0sboUs= Show response
fundingchoicesmessages.google.com/f/ 69 KB
25 KB 109ms
55ms Script
application/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWNRTLfkmZ_sB2gaYcMwjHW1OyLmcTmtJOPv6HNKumJTauxzlfTMSjTw7tv-vkwII2cqII2iFaBM6uEI0sboUs=

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

db825f40b226a791264cbc35fd777ec1bfdc1ff05015e013c1416c14a4e1e5fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nrq+XCI1QYVZMFA4qKAFIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-nrq+XCI1QYVZMFA4qKAFIQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-nrq+XCI1QYVZMFA4qKAFIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-nrq+XCI1QYVZMFA4qKAFIQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
notices.californiatimes.com/gdpr/latimes.com/
Redirect Chain

https://www.latimes.com/subscriptions/img/logo-lat-full-black.svg
https://notices.californiatimes.com/gdpr/latimes.com/

0
0

49ms
7ms

Image
text/html

13.32.121.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notices.californiatimes.com/gdpr/latimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-108.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

content-security-policy: upgrade-insecure-requests;
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1
date: Fri, 15 Oct 2021 15:49:41 GMT
x-cache: Miss from cloudfront
location: https://notices.californiatimes.com/gdpr/latimes.com/
content-length: 0
x-amz-cf-id: Uv8FicXEmJeH69pL3FZk_cko18SxZF8Og2r0_1QwbUaBvs6ahU3FDg==

GET
H2 200 main.30b4c3f2.js Show response
s.pinimg.com/ct/lib/ 54 KB
19 KB 24ms
24ms Script
application/javascript 199.232.80.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.30b4c3f2.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5d1fb4408d347e7a05bb2af2eb9d0441fa4c25c8aa48281f9b7037f7e356b4a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "ada80a35a89edb0ab09f92e1a70d178d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 18906
access-control-expose-headers: X-CDN

GET
H2 200 / Show response
ct.pinterest.com/user/ 509 B
592 B 197ms
35ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613340406388&cb=1634312981687
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 07d37037fac00adaab8d3068112bf139d2249facc615e9fc6674ce90f103f48c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.latimes.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPU56QXpOMkk1WVdNdE5EUmhZaTAwWmpWaUxXRmxOamd0WVdObE5qTmpObUpsT0RZNA
x-pinterest-rid: 2108150081247627
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
content-length: 364
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
247 B 194ms
33ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613340406388&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder%22%2C%22ref%22%3A%22https%3A%2F%2Fapple.news%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2230b4c3f2%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1634312981689
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:49:41 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1425730773639268
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
327 B 193ms
34ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22page_title%22%3A%22Robert%20Durst%20sentenced%20to%20life%20for%20Susan%20Berman%20murder%20%20Los%20Angeles%20Times%22%7D&tid=2613340406388&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder%22%2C%22ref%22%3A%22https%3A%2F%2Fapple.news%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2230b4c3f2%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1634312981690
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:49:41 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 5979613068649255
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1009384521/ 3 KB
2 KB 83ms
35ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1009384521/?random=1634312981757&cv=9&fst=1634312981757&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaad0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&ref=https%3A%2F%2Fapple.news%2F&tiba=Robert%20Durst%20sentenced%20to%20life%20for%20Susan%20Berman%20murder%20-%20Los%20Angeles%20Times&hn=www.googleadservices.com&gbcov=0&async=1&rfmt=3&fmt=4

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

644c29da20ea7f01ac79db3fdee491e0e6a46ddb275fa7cbd538169caecba67c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1138
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWIonfR3gpIq3YAJVhgGkiw1OBL43Wwji85WtjvMDwHhXP9czKFrbqmwsUnLb8R6bdG20E2GWcHisHsKjlXvZs= Show response
fundingchoicesmessages.google.com/el/ 0
26 B 77ms
36ms XHR
text/html 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWIonfR3gpIq3YAJVhgGkiw1OBL43Wwji85WtjvMDwHhXP9czKFrbqmwsUnLb8R6bdG20E2GWcHisHsKjlXvZs=?pvid=C0BE9495-282B-478A-BC05-AA0E1097FA67&anonid=9D7106CB-ECAF-4A44-9FDC-0EDB301BC5AA

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P9ikmPCi5VRUNBoZdNqsuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-P9ikmPCi5VRUNBoZdNqsuQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:49:41 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.latimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-P9ikmPCi5VRUNBoZdNqsuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-P9ikmPCi5VRUNBoZdNqsuQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXqVYxzww1C1EufRWoCrBx_EmdTFHGof6URDvJMlxrCRS-Ke3DjVDOC9XB_PALv6tzsYWw2l1mQs0GPSr60dYE= Show response
fundingchoicesmessages.google.com/f/ 61 KB
22 KB 98ms
51ms Script
application/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXqVYxzww1C1EufRWoCrBx_EmdTFHGof6URDvJMlxrCRS-Ke3DjVDOC9XB_PALv6tzsYWw2l1mQs0GPSr60dYE=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM0MzEyOTgxLDgzMjAwMDAwMF0sIkMwQkU5NDk1LTI4MkItNDc4QS1CQzA1LUFBMEUxMDk3RkE2NyIsIjlENzEwNkNCLUVDQUYtNEE0NC05RkRDLTBFREIzMDFCQzVBQSIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5sYXRpbWVzLmNvbS9jYWxpZm9ybmlhL3N0b3J5LzIwMjEtMTAtMTQvcm9iZXJ0LWR1cnN0LXNlbnRlbmNlZC10by1saWZlLWluLXByaXNvbi1mb3Itc3VzYW4tYmVybWFuLW11cmRlciJd

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

376b7387da360668287c9d3e9ccdb4cdbf7380543c35a9b6cfd4fef832153e6a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4fOizAu71CmBxpckTqHqvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4fOizAu71CmBxpckTqHqvA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-4fOizAu71CmBxpckTqHqvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4fOizAu71CmBxpckTqHqvA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1009384521/ 42 B
64 B 84ms
36ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1009384521/?random=1634312981757&cv=9&fst=1634310000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaad0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&ref=https%3A%2F%2Fapple.news%2F&tiba=Robert%20Durst%20sentenced%20to%20life%20for%20Susan%20Berman%20murder%20-%20Los%20Angeles%20Times&async=1&fmt=3&is_vtc=1&random=4035922019&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:49:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1009384521/ 42 B
64 B 52ms
29ms Image
image/gif 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1009384521/?random=1634312981757&cv=9&fst=1634310000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaad0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&ref=https%3A%2F%2Fapple.news%2F&tiba=Robert%20Durst%20sentenced%20to%20life%20for%20Susan%20Berman%20murder%20-%20Los%20Angeles%20Times&async=1&fmt=3&is_vtc=1&random=4035922019&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.163 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:49:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
198 B 52ms
38ms XHR
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/md/
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:49:41 GMT
referrer-policy: origin
x-cdn: fastly
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1916384422476647
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ct.html Show response
www.pinterest.de/ Frame 14D4
Redirect Chain

https://www.pinterest.com/ct.html
https://www.pinterest.de/ct.html

413 B
4 KB

236ms
212ms

Document
text/html

151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/ct.html

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

09d7c38898bdb3af296cbb48a9f6a9cba99bbdfaa417640eb9e55f27d9466445

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-6afed78ea2a022d87675ffa335524f34' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com; media-src 'self' .pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1526301529706715; frame-ancestors *
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.pinterest.de
:scheme: https
:path: /ct.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.latimes.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
set-cookie: csrftoken=12024162f32e50c94d606ac6a2f9b89f; path=/; expires=Sat, 15 Oct 2022 15:49:42 GMT; samesite=lax; secure _pinterest_sess=TWc9PSYzWkxLZW1JZmpaWk5xSCs5eTNyQlFla09nd3IwaTJCT0RseDZkd1JxUWhrOHJ2cVF1cUhTRGQwUTRib0R4bHVwYndpUGxBTzVKSFR3QmNKbGxZd2pBNGJDN21NOFlKYTlZWEY3K0tSZVExSXZlc2tSTUowemV0T1l6Y3JJcER0OSZoNUJGM092c09MRGxSVUhyM0MwNDU4SnQ0eUk9; path=/; expires=Mon, 10 Oct 2022 15:49:42 GMT; samesite=none; secure; httponly _auth=0; path=/; expires=Mon, 10 Oct 2022 15:49:42 GMT; secure; httponly _pinterest_referrer=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.pinterest.com _routing_id="164ba0aa-5e66-474c-a35a-577a82edade8"; Max-Age=86400; Path=/; HttpOnly
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-6afed78ea2a022d87675ffa335524f34' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1526301529706715; frame-ancestors *
content-security-policy-report-only: script-src 'nonce-6afed78ea2a022d87675ffa335524f34' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
x-envoy-upstream-service-time: 108
content-encoding: gzip
referrer-policy: origin
x-pinterest-rid: 1526301529706715
date: Fri, 15 Oct 2021 15:49:42 GMT
vary: User-Agent, Accept-Encoding
x-cdn: fastly
pinterest-generated-by: coreapp-webapp-prod-0a03d2c6
pinterest-version: afcd65c

Redirect headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location: https://www.pinterest.de/ct.html
x-envoy-upstream-service-time: 94
content-encoding: gzip
referrer-policy: origin
set-cookie: _routing_id="75ac0b23-f6c9-4104-b65e-ab46d9e33a73"; Max-Age=86400; Path=/; HttpOnly
x-pinterest-rid: 1562022515617109
date: Fri, 15 Oct 2021 15:49:42 GMT
vary: User-Agent, Accept-Encoding
x-cdn: fastly
pinterest-generated-by: coreapp-webapp-prod-0a03e951
pinterest-version: afcd65c

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0E40 0
15 B 8ms
7ms Document
text/plain 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 13746
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.latimes.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.latimes.com/
accept-encoding: gzip, deflate, br
cookie: fr=0Yf2OWYLXNheGHQCQ..BhaaMV...1.0.BhaaMV.
Upgrade-Insecure-Requests: 1
Origin: https://www.latimes.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.latimes.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Fri, 15 Oct 2021 15:49:42 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 15ms
7ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

872c79b9e63b318d412eb1da800f4cce09e53f5b82db3ab565bfc048a05bacad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.latimes.com/
Origin: https://www.latimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 7BsZ7JARKZ2FdvYfgS1nag==
cross-origin-resource-policy: cross-origin
expires: Fri, 15 Oct 2021 16:00:39 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: acr5UGvaR0rLbhiV5E6Xji12z4cO7kji/StTzosMPai0oNjbP0l57beVv+CBlEsj6TX5eeHDqgdfONEaT3EvEA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 8579b829afe362fd8515517882a4d79f
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 15 Oct 2021 15:49:42 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "a3e21068428d360a703f78a3e1e58194"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 264 KB
74 KB 8ms
8ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c59fa0f957c32f52f0225fd5c29a4e1a

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

716009dd48bc3959c536c64418dffe8c041f8b1c583ae6ba0189a51de780f073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.latimes.com/
Origin: https://www.latimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: syA7WH6IWu/xBlPW4yDnzg==
cross-origin-resource-policy: cross-origin
expires: Sat, 15 Oct 2022 14:00:43 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76168
x-fb-rlafr: 0
x-fb-debug: TXQCnxKuJrWX/5PW5vaHO1nkI5uWM5Zqwh6yYrMrHQbJMZBz92DQfbP77NeeMUtNuKzQr5nXQR1+qbBoCdHhpw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: b8d3b672cb93c9e03cd65199fa6a9e41
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 15 Oct 2021 15:49:42 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "c5cf4f7df575d4b36bbb4c498994ceaa"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 14D4 0
3 KB 149ms
149ms Other
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?rid=1526301529706715

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-1779fa506f8f3065e99d27b6f910dd1f' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com; media-src 'self' .pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1811077837697648; frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
pinterest-generated-by: coreapp-webapp-prod-0a011d7b
x-cdn: fastly
content-security-policy-report-only: script-src 'nonce-1779fa506f8f3065e99d27b6f910dd1f' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 34
x-pinterest-rid: 1811077837697648
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Fri, 15 Oct 2021 15:49:42 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
vary: User-Agent, Accept-Encoding
pinterest-version: afcd65c
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-1779fa506f8f3065e99d27b6f910dd1f' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1811077837697648; frame-ancestors 'self'
timing-allow-origin: https://www.pinterest.de

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 14D4 0
3 KB 178ms
177ms Other
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-52888d2e8eb9ca28ce8c237721b41ac2' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com; media-src 'self' .pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1353523158209125; frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
pinterest-generated-by: coreapp-webapp-prod-0a03e2b2
x-cdn: fastly
content-security-policy-report-only: script-src 'nonce-52888d2e8eb9ca28ce8c237721b41ac2' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 30
x-pinterest-rid: 1353523158209125
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Fri, 15 Oct 2021 15:49:42 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
vary: User-Agent, Accept-Encoding
pinterest-version: afcd65c
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-52888d2e8eb9ca28ce8c237721b41ac2' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1353523158209125; frame-ancestors 'self'
timing-allow-origin: https://www.pinterest.de

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 14D4 0
3 KB 176ms
176ms Other
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-677605f35903a87947bd86faa1a2bbff' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com; media-src 'self' .pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=6939155276038925; frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
pinterest-generated-by: coreapp-webapp-prod-0a03c362
x-cdn: fastly
content-security-policy-report-only: script-src 'nonce-677605f35903a87947bd86faa1a2bbff' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 33
x-pinterest-rid: 6939155276038925
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Fri, 15 Oct 2021 15:49:42 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
vary: User-Agent, Accept-Encoding
pinterest-version: afcd65c
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-677605f35903a87947bd86faa1a2bbff' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=6939155276038925; frame-ancestors 'self'
timing-allow-origin: https://www.pinterest.de

GET
H3 200 adtop728. Show response
fundingchoicesmessages.google.com/f/AGSKWxV0ihzWN6XRpedcaw27wvgzIm91BHqSTzvJ_Ui97ZfvoCA70xdQLnTElsTLRXqJbIfUkVR9UGEEX6fggga7YgHeaKXSBpQEFZQ18Mwg7uGXFujegYx6vihM64P1Y6LfLiM07c0oEUUlgYCXZOS0PfAEI92Lw... 54 B
106 B 37ms
37ms Script
application/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV0ihzWN6XRpedcaw27wvgzIm91BHqSTzvJ_Ui97ZfvoCA70xdQLnTElsTLRXqJbIfUkVR9UGEEX6fggga7YgHeaKXSBpQEFZQ18Mwg7uGXFujegYx6vihM64P1Y6LfLiM07c0oEUUlgYCXZOS0PfAEI92Lw3mjoDJAdJ6kXW09uY9fufqC0RwTIWBjkB2zNhoMvuxfxyELJ2bdIz6H-6vsYnGyhxjoC1kFLRqfikhhssI=/_=admeta&/ads.js./pub/js/ad./adkingpro-/adtop728.

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

d94492850cdbac974b0642fa258b03f5579329ca91ec37ee4ab76b5ce9d78649

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-WN304zTlCnsqqclP8yr4ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-WN304zTlCnsqqclP8yr4ZQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-WN304zTlCnsqqclP8yr4ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-WN304zTlCnsqqclP8yr4ZQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
595 B 86ms
25ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 07:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 07:12:58 GMT

POST
H3 204 AGSKWxUTHuNE8UOUyGeV6CiiirK1sf6dYWv69kuDerTvz9KECg66-20IIWw06dqBfrBMypMpve3eTEt6hCUbsNl2KV4uHAStv8_F-HB1XN5fd4QRAYGo5QPIzAQ2spbkR9lTWUQ9CT60DRip640HbQFd3Ai_EFQuo_1esFx13VDGeY7saG_0yYghwJdz87qd Show response
fundingchoicesmessages.google.com/el/ 0
26 B 38ms
37ms XHR
text/html 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUTHuNE8UOUyGeV6CiiirK1sf6dYWv69kuDerTvz9KECg66-20IIWw06dqBfrBMypMpve3eTEt6hCUbsNl2KV4uHAStv8_F-HB1XN5fd4QRAYGo5QPIzAQ2spbkR9lTWUQ9CT60DRip640HbQFd3Ai_EFQuo_1esFx13VDGeY7saG_0yYghwJdz87qd

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bBUtNkQGXO6zK3jU9DjAnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-bBUtNkQGXO6zK3jU9DjAnw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:49:42 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.latimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bBUtNkQGXO6zK3jU9DjAnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-bBUtNkQGXO6zK3jU9DjAnw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JbPvhHvOh5QGHdipFTCtEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-JbPvhHvOh5QGHdipFTCtEA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:49:42 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.latimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JbPvhHvOh5QGHdipFTCtEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-JbPvhHvOh5QGHdipFTCtEA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5nC8JhktyiBLhbe5ZJOcCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-5nC8JhktyiBLhbe5ZJOcCg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:49:42 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.latimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-5nC8JhktyiBLhbe5ZJOcCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-5nC8JhktyiBLhbe5ZJOcCg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWAhmC_Rbhfl9IOIakx8XiP38R8vc45Ezt0cBEZapmGgkqJfPW0IgpK8lCKbaqkAtpXVHXmBl8YETBoAWSAj1Z75gy2_ue6cFncVKQzx35Vc7e-zUaz0KdtSuO9uq_J5P0GQ1yoAR8DrOCWJxgIfcJUpJ7sI54jq3LtUEBsualpCbXq9xNRA8P6ynzm Show response
fundingchoicesmessages.google.com/f/ 42 KB
15 KB 54ms
54ms Script
application/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWAhmC_Rbhfl9IOIakx8XiP38R8vc45Ezt0cBEZapmGgkqJfPW0IgpK8lCKbaqkAtpXVHXmBl8YETBoAWSAj1Z75gy2_ue6cFncVKQzx35Vc7e-zUaz0KdtSuO9uq_J5P0GQ1yoAR8DrOCWJxgIfcJUpJ7sI54jq3LtUEBsualpCbXq9xNRA8P6ynzm?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM0MzEyOTgyLDY0NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsNl1dLCJodHRwczovL3d3dy5sYXRpbWVzLmNvbS9jYWxpZm9ybmlhL3N0b3J5LzIwMjEtMTAtMTQvcm9iZXJ0LWR1cnN0LXNlbnRlbmNlZC10by1saWZlLWluLXByaXNvbi1mb3Itc3VzYW4tYmVybWFuLW11cmRlciJd

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

54be353a93f11fed2c1807a7d7b726aa323ff676f529bb7fcb06680bdc335ae0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HLB9csw+adHcANUkS1WE1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-HLB9csw+adHcANUkS1WE1w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Oct 2021 15:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-HLB9csw+adHcANUkS1WE1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-HLB9csw+adHcANUkS1WE1w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TUYlfXqQ4qgKMG5sbZ134A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-TUYlfXqQ4qgKMG5sbZ134A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:49:42 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.latimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TUYlfXqQ4qgKMG5sbZ134A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-TUYlfXqQ4qgKMG5sbZ134A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX_90lCHgZgdYfLOhvkJe1UNWVcAtHHb-A1PM02QpoWhvbw3SJ1gd2WHtGa_R2MNNJq6dZEZ_SJnxXDoY8pP1vjRgnlrzmP08xY6eaxI1vvUIHSuYr90MjjUkh5Yyp6SA-_3MUySZ4cEVirk4t7ruWANqxa42-ibo7g4NSmXIeamE2fO8Wlalx0s43_ Show response
fundingchoicesmessages.google.com/el/ 0
26 B 37ms
37ms XHR
text/html 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX_90lCHgZgdYfLOhvkJe1UNWVcAtHHb-A1PM02QpoWhvbw3SJ1gd2WHtGa_R2MNNJq6dZEZ_SJnxXDoY8pP1vjRgnlrzmP08xY6eaxI1vvUIHSuYr90MjjUkh5Yyp6SA-_3MUySZ4cEVirk4t7ruWANqxa42-ibo7g4NSmXIeamE2fO8Wlalx0s43_

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bQgWE1/B1HkBfWp2AejacA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-bQgWE1/B1HkBfWp2AejacA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:49:42 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.latimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bQgWE1/B1HkBfWp2AejacA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-bQgWE1/B1HkBfWp2AejacA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-/7C5Ttq+oZ4brU1vOVGYyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-/7C5Ttq+oZ4brU1vOVGYyg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:49:42 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.latimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-/7C5Ttq+oZ4brU1vOVGYyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-/7C5Ttq+oZ4brU1vOVGYyg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-30h4gkUjSPtO3X1Ygm0szQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-30h4gkUjSPtO3X1Ygm0szQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:49:42 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.latimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-30h4gkUjSPtO3X1Ygm0szQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-30h4gkUjSPtO3X1Ygm0szQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wf29acjBJuccXNLu6gZnRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-wf29acjBJuccXNLu6gZnRQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:49:42 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.latimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wf29acjBJuccXNLu6gZnRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-wf29acjBJuccXNLu6gZnRQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1335255/log/3/ 0
247 B 47ms
17ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1335255/log/3/unip?en=pre_d_eng_tb&tos=1565&scd=15&ssd=1&est=1634312981599&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1634312983164&vi=1634312981596&ri=4b2e95f4e017fd648f802b58d38d948e&ref=https%3A%2F%2Fapple.news%2F&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://www.latimes.com
pragma: no-cache
date: Fri, 15 Oct 2021 15:49:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 r.rnc
activate.platform.californiatimes.com/privacy/v1/b/ 0
106 B 8ms
8ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/privacy/v1/b/r.rnc?n=1&c=2715&i=5nb7jm&p=latimes&s=25306&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTA4IiwiY2xpZW50SWQiOjI3MTUsInB1Ymxpc2hQYXRoIjoibGF0aW1lcyIsImluc3RhbmNlSWQiOiI1bmI3am0iLCJwYWNrZXQiOjEsIm1vZGUiOiJlbmZvcmNlWgDyJ29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLMA8QxodHRwczovL2FqYXguZ29vZ2xlYXBpcy5jb20UAPMDL2xpYnMvanF1ZXJ5LzMuNS4xDQDwDy5taW4uanMiLCJ0eXBlIjoic2NyaXB0Iiwic3RhcqsAwDYzNDMxMjk4MDc4NpkARWQiOjEUAKA5MDUsInNvdXJjPAAxbXV0kQCiT2JzZXJ2ZXJDTEgAMHR1cx0BMW9hZMYAQGFzb27FANRdLCJkYXRhUGF0dGVyEgC5bGlzdCI6W10sImlqAF83ODZ9LPcABf8ac2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L3RhZy9qcy9ncHTrABUuOTDrAC81M-sAVS85MOsAB_ECYy5hbWF6b24tYWRzeXN0ZW3kAfEAYmFvLWNzbS9hcHMtY29tCQBJX2NzbfAAMnhocpABCtgBPzk1N-0AABc37QCyWEhSX01BTkFHRVJBAALRAW9hbGxvd2XUASg_OTU36QD_B0BhYXgyzwE5dGFnxQEPoAMILzkxyAEAFzjIAbBpbnNlcnRCZWZvclAEMnN0YckBH2yaAysvOTHGAR0P3QAhHzLdAAwPfQRKLzky4wAI4W9uZmlhbnQtaW50ZWdyAgXxBHMuZ2xvYmFsLnNzbC5mYXN0bHmKBPAMR2ZCR0tfUDNBZHp3MWh2VFRrUWplYmV3Nlo0nwTQX2FuZF9wcmViaWQvY1cAH2f8ARUuODkfASc2MvwBDx8BSi84OR8BB_ZQNjg1NDdmOGYtMmZkOC00ZmYzLTliNjMtNTFlODZlMmVkZWU4LnBybXV0di5jby92Mi4wL3B4aWQ_az01ZDc3NTQ0YS02ZmUzLTQ2NDQtYmYzMS1iY2NiNmVlZjFhNjG6Bg_fBAUuNzgbAQAUAAW3Bg_fBEYvNzgXAf8fcmliLmFkbni6CH9nZXR1aWRq4wEQD_4CACc3Of4CD-MBRw_6AggPzAC5YGFwaS5wZaYDMWl2ZXMIAakD9ANnZW9pcD9pbmNsdWRlPWdlbyYMADZpc3AMAH9wX2hhc2gm0gM1Ljgz0gMAFAAP0gNPLzgz0gMHDyMBjx80EgNRDyMBIG93YXRzb27xBTYvODQfAgAP_ABTHzQfAh4P_AA9HzX8AAAIpA0PCgVGLzg1_AAHAcwIDyMJFDJncHQCCQDdDv8FdmUvMjAyMTEwMTQxMjIwL3dyYXATCRQtOTbEDUcxMDc2AwMPEwlJLzk2xA0ID68ODEJncHQvzA5jX2ltcGxfAgE_MjAx-wAVHzX7AAAYOdINoGFwcGVuZENoaWy_DQ8JDDQvOTX0AGoNFQYpMTD0AA_vAUofNRkGH49pZGVudGlmefgENCAxMYwRKGVuNhECFAAPFwdNAGYAD_wDBw8XBwQP_gBTCO8DD_oERA_-AAsAWwPBaWMuY2hhcnRiZWF0OwlianMvc3Viyg9PaW9uc9cDEz4xMDPXAygxMNcDD-EPQgB4AA_fAQcP4QA6HjTEAwrhAA_EA0g_MTA0xAMID-cABQXZAW9fdmlkZW_KARQtMTXOECkxMcIKD-kASS8xNc4QCDN3d3dBFpItYW5hbHl0aWONDQYOAA8vFhIgMTJsBwuPBDc0MTGABw-uAkMvMjcpFggP3gA4DVYQGjHeAA_CAUkfMloQCQ_kAAb_AnBsdWdpbnMvdWEvbGlua2lkrgIULTQw-Rc4MTQ2WwUPygFDLzQwygEhD-YAJgCcAgywAgnmAA_SAUkvNDFFFQgAfQQP2BgB8AxqL2NvbGxlY3Q_dD1kYyZhaXA9MSZfcj0zJnYJAPUYdj1qOTMmdGlkPVVBLTQwODQxNTA4LTEmY2lkPTExMDQ3MDA2MTAuzhkwMSZqGgCwNjY5MTIxNzg5JmcQAPgJOTE3NDc3MTEwJl9naWQ9OTk3Mjk3MjUzOAD_EF91PTZHREFDVUlnQkFBQUFDfiZ6PTEwMjEwODc5NTTBEQ09MTUwuxYCFAAPuwhOLzUweAH_gbFjZG4udGFib29sYTAJ_whsaWJ0cmMvdW5pcC8xMzM1MjU1L3RmYb8EFR02HhQ4MTUxzRsPvwREHzYcFAiTdHIuc25hcGNoEwoDyQP2KG9yL2lzX2VuYWJsZWQ_cGlkcz1kYmU2MjVhYS03Y2VkLTRlMWQtODkxOC04ODc4MjEyM2FmOTdhA1JmZXRjaKUbCeYbPTE1MhoQAhQABWMDX0ZFVENI6BtBAGgAD0EKB_IAY29ubmVjdC5mYWNlYm9vsh1zc2lnbmFscwUZ8A8vNjMyNDU2ODAwMjM2MjM0P3Y9Mi45LjQ3JnI9c3QsAQYBAQJWCw8CAQIeMXUJKDU4PwsP4QVJLzUxdQkI8gFhc3NldHMucmV2Y29udGVuJwyvbWFzdGVyL3JlduoCFR03yh04MTU4AhwP4gBJLzQ3zh0IkXdlYi5jaHRibNEDVnRyYWNrtAEPuhkDPjE2MxYGARQABbMCD9MNRS82MxYGCA_LALg8ZXh0lgEATgMPbwIWDhgKCqABD28CSw8eChIgYWSMIjJpY2XGDFFwYWdlYV0dA_Ajb19hc3luY_IAFC42MfYLNzY3MNQMD_IASS82MVAcCAb2Cw_yADwONQUvNzY9B08fNi8FAadhYm91dDpibGFuPQRTaWZyYW3PIArzBhA4HBEL0gsQOLUlBUAEDwcVQT8xODAIBQigZnVuZGluZ2Nob5MCg21lc3NhZ2Vzcg8BHAXwcmVsL0FHU0tXeFdJb25mUjNncElxM1lBSlZoZ0draXcxT0JMNDNXd2ppODVXdGp2TUR3SGhYUDljektGcmJxbXdzVW5MYjhSNmJkRzIwRTJHV2NIaXNIc0tqbFh2WnM9P3B2aWQ9QzBCRTk0OTUtMjgyQi00NzhBLUJDMDUtQUEwRTcVkEZBNjcmYW5vbvIL_xRENzEwNkNCLUVDQUYtNEE0NC05RkRDLTBFREIzMDFCQzVBQcwFDh84OgMAARQABYwBD8wFRR84NgMJD48B5w4UCy84MTIfUD8xODEWCwAP2QMdHjIJFSg4MsoJD9kDQx8y4BgID0oCDxRm2AP2Rk5SVExma21aX3NCMmdhWWNNd2pIVzFPeUxtY1RtdEpPUHY2SE5LdW1KVGF1eHpsZlRNU2pUdzd0di12a3dJSTJjcUlJMmlGYUJNNnVFSTBzYm9Vcz2CAw8CCwcuNjS_Big4Mx4cDzgBQi82NLgGCA84AZMPLgMADzgBUQ8rAwAE6isPOAGSD4gcAApwAg8vCUoPjxwJDz8BF_FoWHFWWXh6d3cxQzFFdWZSV29DckJ4X0VtZFRGSEdvZjZVUkR2Sk1seHJDUlMtS2UzRGpWRE9DOVhCX1BBTHY2dHpzWVd3MmwxbVFzMEdQU3I2MGRZRT0_ZmNjcz1XMjUxYkd3c1cxdGRMRnRkWFN4dWRXeHNMRzUYAHJiblZzYkN4FADzeEZzeE5qTTBNekV5T1RneExEZ3pNakF3TURBd01GMHNJa013UWtVNU5EazFMVEk0TWtJdE5EYzRRUzFDUXpBMUxVRkJNRVV4TURrM1JrRTJOeUlzSWpsRU56RXdOa05DTFVWRFFVWXRORUUwTkMwNVJrUkRMVEJGUkVJek1ERkNRelZCUVNJc5QAFGIIAPCUTjExZExDSm9kSFJ3Y3pvdkwzZDNkeTVzWVhScGJXVnpMbU52YlM5allXeHBabTl5Ym1saEwzTjBiM0o1THpJd01qRXRNVEF0TVRRdmNtOWlaWEowTFdSMWNuTjBMWE5sYm5SbGJtTmxaQzEwYnkxc2FXWmxMV2x1TFhCeWFYTnZiaTFtYjNJdGMzVnpZVzR0WW1WeWJXRnVMVzExY21SbGNpSuQeD98uDT4xODN9Gig5NOYWDx0FQi84M3YaCA-mAv__Aw3dJBoxpgIPUwVJLzgz4SQIsXRyLm91dGJyYWluyQxwY2FjaGVkQ4Yx_yFJZD9tYXJrZXRlcklkPTAwZDlkMzQwYjUyMjgyYzE5YmQ3OWMxN2JlZGU4YWUyNmPNCBEuNTIeEig5N5oODwoBSS81MiISAA_HChsRMp8iCqAOODIxMKkmD3IEQQB3AA6OFQ-7ABwPbCIAPzIxMmoUVD8yMTBsJgsOUBafZW5fVVMvc2Rr6RETIDIyNhULmwEQM08QBa8OD5sBQi8yOCoLCA8pFwIP2QAfDcsKGjLZAA82A0gvMjIpMAkP4AAOED9FLP8SPWM1OWZhMGY5NTdjMzJmNTJmMDIyNWZkNWMyOWE0ZTFhPAQQLjIz0h44MjM0nCAPBgFJHzPYHg0QcEoyMnJlcwcYdmN0Lmh0bWzYAA_yEggdOa4TIDIzCCkPtwJKLzE4HzMJAJkUD9EAKA3vBgvRAA-pAUg_MTg57wYID5wJDwXKE_eqVVRIdU5FOFVPVXlHZVY2Q2lpaXJLMXNmNmRZV3Y2OWt1RGVyVHZ6OUtFQ2c2Ni0yMElJV3cwNmRxQmZyQk15cE1wdmUzZVRFdDZoQ1Vic05sMktWNHVIQVN0djhfRi1IQjFYTjVmZDRRUkFZR281UVBJekFRMnNwYmtSOWxUV1VROUNUNjBEUmlwNjQwSGJRRmQzQWlfRUZRdW9fMWVzRngxM1ZER2VZN3NhR18weVlnaHdKZHo4N3E5Cx94PTgCPTI1NVccODI1NTYLD9gTRAB6AA7HBg8eDxcPnQHTDaEZIDI17jkFDwQPnQFHD50ZCA86A_QPrAUAEDUUAA-dAU8PrwUJD50B9Q0NEDgyNTldDA86A0YfORAQMvDqVjBpaHpXTjZYUnBlZGNhdzI3d3ZnekltOTFCSHFTVHp2Sl9VaTk3WmZ2b0NBNzB4ZFFMblRFbHNUTFJYcUpiSWZVa1ZSOVVHRUVYNmZnZ2dhN1lnSGVhS1hTQnBRRUZaUTE4TXdnN3VHWEZ1amVnWXg2dmloTTY0UDFZNkxmTGlNMDdjMG9FVVVsZ1lDWFpPUzBQZkFFSTkyTHczbWpvREpBZEo2a1hXMDl1WTlmdWZxQzBSd1RJV0Jqa0Iyek5ob012dXhmeHlFTEoyYmRJejZILTZ2c1luR3loeGpvQzFrRkxScWZpa2hoc3NJPS9fPWFkbWV0YSYvAkAwanMuQTEA9D_2CWFkLi9hZGtpbmdwcm8tL2FkdG9wNzI4Lk4JDy8XBj0yNTViDj8yNTmgDU4vNTVbDgAP2QYXBGcYDwIC_zQOUAsPAgJSDywkCALCIBMyMx5hc3luZGljdD4BdRECHgAA-gICBkR_X3RvcF9leDU1FD0yNTUiGgvzAg9wC0gAfgAP0wn_Di42NJICARQADzYITi82NJUCCA82CPMBiQELNhIQNtQyD50B_3QO-hIvNjTzIFA_MjY0yB0qD6oO0R82awkAARQADzoDTw9uCQkCTgcPbAdGDmQMEDYZNgX0AA9kFkIfNas6CQ_xAEwOzRMP8QBSD8YTM_WsWF85MGxDSGdaZ2RZZkxPaHZrSmUxVU5XVmNBdEhIYi1BMVBNMDJRcG9XaHZidzNTSjFnZDJXSHRHYV9SMk1OTkpxNmRaRVpfU0pueFhEb1k4cFAxdmpSZ25scnptUDA4eFk2ZWF4STF2dlVJSFN1WXI5ME1qalVraDVZeXA2U0EtXzNNVXlTWjRjRVZpcms0dDdydVdBTnF4YTQyLWlibzdnNE5TbVhJZWFtRTJmTzhXbGFseDBzNDNfIt5ND8YTBBA3DzELuQYoNzHqDA_vDkUvNzHvDioFHAUPnQHKDjcDD50BVQ86A_8RDXMxIDI37CoFxQUPOgNHD2csMw86A8oOzg4PnQFVD8kdCA8tDRgPnQHKDpALEDfZKw86A1APkAszD50ByQCJAQwRCAAUAA-dAU8PZS0rDxEI0gCJAQ2dAQi-IA90BkYPnQH_Eg41GBA3qyYPOgNQDzgYMv-sV0FobUNfUmJoZmw5SU9JYWt4OFhpUDM4Ujh2YzQ1RXp0MGNCRVphcG1HZ2txSmZQVzBJZ3BLOGxDS2JhcWtBdHBYVkhYbUJsOFlFVEJvQVdTQWoxWjc1Z3kyX3VlNmNGbmNWS1F6eDM1VmM3ZS16VWF6MEtkdFN1Tzl1cV9KNVAwR1ExeW9BUjhEck9DV0p4Z0lmY0pVcEo3c0k1NGpxM0x0VUVCc3VhbHBDYlhxOXhOUkE4UDZ5bnptP1QtLXZ5TERZME5qVC0YYoAtA5Qtr1d6RXNXemNzTmz4LLI_MjY0wgoACbECD4cQQi82NL8KKgTmGg-uAv_gD9MLAA-uAlEP0AsqD64C_-cAzxUPqgkKD08dQ8AzMTI5ODI2NTJ9XX0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:43 GMT
cache-control: no-cache, no-store
server: nginx
expires: Fri, 15 Oct 2021 15:49:42 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 34 KB
10 KB 47ms
29ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: d891455e32c9a425e36e190047b1f58abeb7e3709eff687134ddea7ac9cfdd3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:44 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 19:11:47 GMT
x-msedge-ref: Ref A: CB3C7DD947F646A7BEB1D0F9C66BDDD5 Ref B: FRA31EDGE0509 Ref C: 2021-10-15T15:49:44Z
etag: "805b72e6bad71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10001

GET
H2 204 56259971.js Show response
bat.bing.com/p/action/ 0
129 B 30ms
30ms Script
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/56259971.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 15 Oct 2021 15:49:44 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: DCA1E9A6E46049CCB7FFDD34802A99B4 Ref B: FRA31EDGE0509 Ref C: 2021-10-15T15:49:44Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 32ms
32ms Image
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56259971&Ver=2&mid=02147c77-3c4b-4fb9-b55c-e217b63127d2&sid=847292b02dcf11ec8ee263ec6705ccc6&vid=8472c0902dcf11ec97859700bb0a852d&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Robert%20Durst%20sentenced%20to%20life%20for%20Susan%20Berman%20murder%20-%20Los%20Angeles%20Times&p=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder&r=https%3A%2F%2Fapple.news%2F&lt=891&evt=pageLoad&msclkid=N&sv=1&rn=423905
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 15 Oct 2021 15:49:44 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 95F60402391C406AA1C91F58FD8D907C Ref B: FRA31EDGE0509 Ref C: 2021-10-15T15:49:44Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 r.rnc
activate.platform.californiatimes.com/privacy/v1/b/ 0
106 B 11ms
10ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/privacy/v1/b/r.rnc?n=2&c=2715&i=5nb7jm&p=latimes&s=1024&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTA4IiwiY2xpZW50SWQiOjI3MTUsInB1Ymxpc2hQYXRoIjoibGF0aW1lcyIsImluc3RhbmNlSWQiOiI1bmI3am0iLCJwYWNrZXQiOjIsIm1vZGUiOiJlbmZvcmNlWgDyJ29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLMA8QVodHRwczovL2JhdC5iaW5nLmNvbQ0A8BpqcyIsInR5cGUiOiJzY3JpcHQiLCJzdGFydCI6MTYzNDMxMjk4NDQ2N3QAGGQUAKA1MjUsInNvdXJjPACwaW5zZXJ0QmVmb3KLAGBzdGF0dXPyADFvYWSbAEBhc29umgDUXSwiZGF0YVBhdHRlchIAuWxpc3QiOltdLCJpZABfNDY3fSzMAD4fOMwADDFtdXQ4AaJPYnNlcnZlckNMFAEP0gAzHzjSABRAcC9hY74Bry81NjI1OTk3MS6sARM-NTE54AAnNTGsAaBhcHBlbmRDaGlsmwEPqwE0PzUxOdkATS8yMNkAW8AzMTI5ODQ1MjB9XX0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:49:45 GMT
cache-control: no-cache, no-store
server: nginx
expires: Fri, 15 Oct 2021 15:49:44 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1335255/log/3/ 0
246 B 13ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1335255/log/3/unip?en=pre_d_eng_tb&tos=4566&scd=15&ssd=1&est=1634312981599&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1634312986165&vi=1634312981596&ri=4b2e95f4e017fd648f802b58d38d948e&ref=https%3A%2F%2Fapple.news%2F&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Fwww.latimes.com%2Fcalifornia%2Fstory%2F2021-10-14%2Frobert-durst-sentenced-to-life-in-prison-for-susan-berman-murder
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.latimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://www.latimes.com
pragma: no-cache
date: Fri, 15 Oct 2021 15:49:46 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 200 metrics Show response
api.permutive.com/v2.0/internal/ 2 B
105 B 23ms
23ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/internal/metrics?k=5d77544a-6fe3-4644-bf31-bccb6eef1a61
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.latimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 15 Oct 2021 15:49:46 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://www.latimes.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 22
via: 1.1 google

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-19 21:59:59	Name: X-AB Value: 4ee83e05b9f44b9e856e2f6b402c942e
.latimes.com/	1970-01-21 00:16:47	Name: permutive-id Value: 3fe4765a-02b6-4f0d-9e7e-a23739fe3430
.latimes.com/	1970-01-21 00:16:47	Name: permutive-session Value: %7B%22session_id%22%3A%22e65ffe67-83ba-4738-9381-7c9fc0aa72d0%22%2C%22last_updated%22%3A%222021-10-15T15%3A49%3A40.979Z%22%7D
.68547f8f-2fd8-4ff3-9b63-51e86e2edee8.prmutv.co/	1970-01-20 00:11:01	Name: pxid Value: f964ec9c-6a25-45e5-a94b-e8b12fa0585e
www.latimes.com/	1970-01-20 07:27:20	Name: _cb_ls Value: 1
www.latimes.com/	1970-01-20 07:27:20	Name: _cb Value: C8ykTnYICUPCS3InJ
www.latimes.com/	1970-01-20 07:27:20	Name: _chartbeat2 Value: .1634312981170.1634312981170.1.CPNNgk_CH8NBN8B0ICVgE3JBVoJPJ.1
www.latimes.com/	1970-01-19 21:58:34	Name: _cb_svref Value: https%3A%2F%2Fapple.news%2F
.latimes.com/	1970-01-21 17:46:32	Name: uuid Value: bdb70074-d095-4b2e-a378-a9f9f15fd8cc
.latimes.com/	1970-01-20 15:29:44	Name: _ga Value: GA1.2.1104700610.1634312981
.latimes.com/	1970-01-19 21:59:59	Name: _gid Value: GA1.2.997297253.1634312981
.latimes.com/	1970-01-19 21:58:33	Name: _gat_gtag_UA_40841508_1 Value: 1
.latimes.com/	1970-01-20 00:08:08	Name: _rdt_uuid Value: 1634312981499.1a17fc56-eebe-447a-bcd2-d12c959eaa9a
.scorecardresearch.com/	1970-01-20 15:15:20	Name: UID Value: 1ONDJQARQUDYKBTNY6B3YXg1634312982
.latimes.com/	1970-01-20 07:28:19	Name: _scid Value: 69e27369-665f-4d4e-be03-0f85a087b62e
.latimes.com/	1970-01-20 00:08:08	Name: _fbp Value: fb.1.1634312981585.366936962
.metering.platform.latimes.com/	1970-01-20 06:44:08	Name: c_sId Value: e4140616-fe31-4015-a393-7f1d44e31774
.facebook.com/	1970-01-20 00:08:08	Name: fr Value: 0Yf2OWYLXNheGHQCQ..BhaaMV...1.0.BhaaMV.
.latimes.com/	1970-01-20 00:08:08	Name: _gcl_au Value: 1.1.817792621.1634312982
www.latimes.com/	1970-01-20 06:44:08	Name: _wchtbl_uid Value: 87239eb3-a8e5-43ed-8251-d345ad2320f5
www.latimes.com/	1969-12-31 23:59:59	Name: _wchtbl_sid Value: ee3cd420-ca14-40d2-bbd6-5a0646bd7d8c
.twitter.com/	1970-01-20 15:29:44	Name: personalization_id Value: "v1_EpM+deJEnCPZ6pzRsePOwA=="
.yahoo.com/	1970-01-20 06:44:30	Name: A3 Value: d=AQABBBWjaWECEDKPdgN0fglznBudf3EXxEcFEgEBAQH0amFzYQAAAAAA_SMAAA&S=AQAAAqYqwH3ZDknCsYEBYobYw4o
.snapchat.com/	1970-01-20 07:20:08	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBiQ0AIAgEsIlI+EQYRy8yBcPbStz2WCArgPwpqFQPVTYD0fsiZyTMTbRShj/3qwmzMgAAAA==
.doubleclick.net/	1970-01-19 21:58:33	Name: test_cookie Value: CheckForPermission
.ct.pinterest.com/	1970-01-20 06:44:08	Name: _pinterest_ct_ua Value: "TWc9PSZmRVJucDE5SXZTUTFuS1VMNWJ1Q3ExZG02ZWprRDBkOU1zM0xwckFrWDZYeTlVOE5ORFM3N2trbEZKR2p3QlZDTHdGU1FFUVJuSURrM0FtUm51My80ZUFLeXpscDRGOU93OVp5TkROMzErcz0mTlFwSTh1UTdNQ09JSThzY0tURVV2MEFIVi84PQ=="
.latimes.com/	1970-01-20 06:44:08	Name: _pin_unauth Value: dWlkPU56QXpOMkk1WVdNdE5EUmhZaTAwWmpWaUxXRmxOamd0WVdObE5qTmpObUpsT0RZNA
.linkedin.com/	1970-01-19 22:41:44	Name: UserMatchHistory Value: AQJMOzyL1kR91gAAAXyEpQ2FOWdPRn7ags7DYpP73F-6FZr67p_nk1ZcubEgKw_BYcsmlGA-UY0qwA
.linkedin.com/	1970-01-19 22:41:44	Name: AnalyticsSyncHistory Value: AQL_rQZEjcLc_gAAAXyEpQ2FAuK1L1Y7f_PclteKbF7DzRl1D098AxUGIW-yAjyly1AYsKF2qMaJDtGUoJRtSg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:30:26	Name: bcookie Value: "v=2&11efeab6-c9d6-4299-8af5-802d00e046f5"
.linkedin.com/	1970-01-19 21:59:59	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2180:u=1:x=1:i=1634312981:t=1634399381:v=2:sig=AQG1A24ru8TJR60ot3dfXXZ5dWkAe24M"
www.latimes.com/	1970-01-19 21:58:33	Name: outbrain_cid_fetch Value: true
www.latimes.com/	1970-01-19 21:58:36	Name: _wchtbl_do_not_process Value: 1
www.latimes.com/	1970-01-19 21:58:36	Name: _wchtbl_pixel_sync Value: 0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 15:30:26	Name: bscookie Value: "v=1&202110151549428199292e-8277-4836-833e-da056a1ecd35AQGtMGcWWIFqjb5XcrA5w3xLYGmS7lVS"
www.pinterest.de/	1970-01-20 06:36:56	Name: _pinterest_sess Value: TWc9PSYzWkxLZW1JZmpaWk5xSCs5eTNyQlFla09nd3IwaTJCT0RseDZkd1JxUWhrOHJ2cVF1cUhTRGQwUTRib0R4bHVwYndpUGxBTzVKSFR3QmNKbGxZd2pBNGJDN21NOFlKYTlZWEY3K0tSZVExSXZlc2tSTUowemV0T1l6Y3JJcER0OSZoNUJGM092c09MRGxSVUhyM0MwNDU4SnQ0eUk9
.latimes.com/	1970-01-20 06:44:08	Name: FCNEC Value: [["AKsRol9I4iWEp9ppbADiEv14bL4OwuJPibyhkC9kuRQvfZvRUKNdKdxuHRUnF6R0PPZN3Mg_7_YsFuy3mw4OQOtzJCBh887AUlKX51okPQnYRN71dYzb36vKEm4gyFRJeAXRUcpzegfkDLkmpF-F4AEpI7CQFGawBg=="]]
.latimes.com/	1970-01-20 07:20:08	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1634312982716]]
.bing.com/	1970-01-20 07:20:08	Name: MUID Value: 0B949C29648864663DD58CF865036599
.latimes.com/	1970-01-19 21:59:59	Name: _uetsid Value: 847292b02dcf11ec8ee263ec6705ccc6
.latimes.com/	1970-01-20 07:20:08	Name: _uetvid Value: 8472c0902dcf11ec97859700bb0a852d

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-6afed78ea2a022d87675ffa335524f34' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

68547f8f-2fd8-4ff3-9b63-51e86e2edee8.edge.permutive.app
68547f8f-2fd8-4ff3-9b63-51e86e2edee8.prmutv.co
a.quora.com
activate.latimes.com
activate.platform.californiatimes.com
ads.rubiconproject.com
ajax.googleapis.com
alb.reddit.com
amplify.outbrain.com
analytics.twitter.com
api.permutive.com
apple.news
assets.revcontent.com
bat.bing.com
c.amazon-adsystem.com
ca-times.brightspotcdn.com
cdn.taboola.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
ct.pinterest.com
ext.chtbl.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
libs.platform.californiatimes.com
metering.platform.latimes.com
notices.californiatimes.com
pagead2.googlesyndication.com
ping.chartbeat.net
px.ads.linkedin.com
q.quora.com
s.pinimg.com
s.yimg.com
sb.scorecardresearch.com
sc-static.net
securepubads.g.doubleclick.net
snap.licdn.com
sp.analytics.yahoo.com
ssor.platform.californiatimes.com
static.ads-twitter.com
static.chartbeat.com
stats.g.doubleclick.net
t.co
tr.outbrain.com
tr.snapchat.com
trc-events.taboola.com
trc.taboola.com
web.chtbl.com
www.apple.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.latimes.com
www.linkedin.com
www.pinterest.com
www.pinterest.de
www.redditstatic.com
104.111.215.87
104.18.5.81
104.244.42.133
104.244.42.195
104.92.74.8
107.20.138.141
108.174.11.69
13.107.43.14
13.32.114.145
13.32.121.108
13.32.121.26
13.32.99.105
141.226.228.48
142.250.181.238
142.250.184.194
142.250.184.226
142.250.185.164
142.250.185.232
142.250.185.98
142.250.186.110
142.250.186.66
143.204.98.54
151.101.0.84
151.101.1.2
151.101.129.44
151.101.193.140
151.101.65.140
151.101.65.194
151.139.128.11
157.240.236.1
157.240.236.35
172.217.23.106
18.202.51.91
18.66.122.62
18.66.241.177
18.66.248.126
18.66.248.75
18.66.96.113
18.66.97.79
185.33.221.91
199.232.136.157
199.232.80.84
2.16.186.19
2.18.232.89
2.18.234.190
204.79.197.200
212.82.100.181
216.58.212.163
3.124.173.63
3.224.194.150
34.107.254.252
35.186.226.184
35.241.9.51
44.233.11.96
52.222.236.124
64.202.112.95
66.102.1.156
87.248.118.22
016aae8f0f82dc232da12bca20292f2c731d221a3b9742d6ec0b13842acaa43b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07d37037fac00adaab8d3068112bf139d2249facc615e9fc6674ce90f103f48c
09d7c38898bdb3af296cbb48a9f6a9cba99bbdfaa417640eb9e55f27d9466445
0b2cb5a461129ba4f781bef1ee401249c8e749f32a45afd04a8782cbdd56a7bf
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15f03f00c549d938e1751d428fe9236fc8a7a8b0669bca7684c43fd909c00a54
17cb46624aa395d84ddadf28566852e800733ccaa4fb2d513752c4beebf2467e
1bd4245e90be5fdb85b55be8d976ef43dd849a650d927aa8e57d0995703593f3
1cd2500f652e5f7611dc8735b1455d572a7aa1ccede57d8e375ff88023cf9ccd
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d4815608e9cde74d93030bc79c525c049060fac5ed82aeacfffe301852b69cf
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308
2adae6f323eb8d12543e1521f4d2d60c84c329a4524b256dda35b6e7c3d5dcac
2b8114446cdd178ea71ae3411ead7c11526cab9fb7213fee05f7b48c0f2b8651
2c419f753d2f4b332cc37d7b0a14326da3bf8b522d34d988ecd97d83f88f73d8
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
376b7387da360668287c9d3e9ccdb4cdbf7380543c35a9b6cfd4fef832153e6a
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3b498c9897b766dad1e27ab1fbf24178f7db6ad97bcaa852080eac84bebef653
3b7d2b4c5417a697678081ed3b344955f0b25e694171178b0c01e029b4a18e8b
3dab1e3a8b2f0d2106645d4b5c9a4642b6b1e50c3ba237ba25389c549eb43fc4
41daac81421329b7091d3ea33d91959ee08135224c28f3dcb523341fa2e90393
433ba35f0585ad9b09e08d422a99881fd47f621650587251e7f59555131d5ef9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
478f40d34579ccaab1908dfb272ce6d28ff4da0d2b8693d7fb075721f95b14b0
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4f7542a3d7d6b4897b9efc23c722af79a176dcd6cd90a8dbda50e4fa48c8dce4
50c831faf5f116b62f8a979de75973dab8ae0913e6c62a9df7a4ae2c82cd66ab
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54be353a93f11fed2c1807a7d7b726aa323ff676f529bb7fcb06680bdc335ae0
58a6e36d9b9032be70052ebf42201b8dfab1ae87a0040082565900dcd521bfce
5d1fb4408d347e7a05bb2af2eb9d0441fa4c25c8aa48281f9b7037f7e356b4a8
5d5ce3e571aef243a74cd29d4d165165c396b3b9c6a6cfec63a2d623987f21f9
603e88a690c49d42ecfd23639743414ef2f4fa059284a1794acbce524d9c21ca
6080e7e7885a2e682f2d7da4846a74e04a549f86b2204fb1b2c5d8d46e9596c0
644c29da20ea7f01ac79db3fdee491e0e6a46ddb275fa7cbd538169caecba67c
654ad4e6d10d7319e6dc93c14e20f9e8bc91fa553cebf246597d8e1b53ac85a2
67da2bab9fe643d334b2c67ed71ddacd86b432bbabeb9a3b13c209e98929f169
6decd7f21248abee8c3f6fc778ba53962940544f52319179e266fcaae87a7cbc
7125a66456daa35dd3e3e8cca4b9523e05caf0b4fa5bd5874676e7c6db40f3aa
716009dd48bc3959c536c64418dffe8c041f8b1c583ae6ba0189a51de780f073
7222bdb705a3d4af9ac5d4f1375a3709bc77578dcc0e1f3b5caf55fd14af959c
78f1a8f3787f77f7ab4fcbb12c87f5cd412556c04991cdadaacddcd9b5a3e68a
7d12680bfc77396330439d134956e2f0c67c5ef889ad0b9396e5e22bba81dfdb
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86bf486c6eb0cfebd37b935926a7c5c81ff674200a8a2aee6f601ccd76699387
872c79b9e63b318d412eb1da800f4cce09e53f5b82db3ab565bfc048a05bacad
894694eee28fc463a83875d519e70afaf5f40ac7c042d6114c4ee86d156b4067
8b322d4c61c50cfdc0a35f7307589a017c3060b54d3a2a48f0851425ab09caa7
8e6f83f681fd7e47a49c64590d2a8f6e23119dc2770f31ee41d5c1ac4ba8d5e9
903098aede75afd949fa9e5721cf84976c1672d0c7db266c803b5d946ba82108
92f6c2b327cd8c9ec8157cc9764e6ba95f31dc8b99710507ab735bb17c5c3d25
92f9a5b097c02d022ff8a9e4857aa02894f4c28072e67aec5eeeaf58b79b409e
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
970e676c52b275a819ab9170ec4427370cc6c7033aa2e6b0b9cb71b977b72542
98a798fe43083a8fc7ab16f78de61528dd1c7cf78eae5fd417bdbe1fe68e40b4
998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9
9eff78a9f29c9828c1382db95605031958ba2647a448b6da0f4f9a9737daba0d
a5ecc75908c7d2b54b2c339f79e698a55517ff23a7494c9652bdd073678eecd9
a77dceb8e2bedf97d02190fb23601a7cf3ec6f574b8ddf0474085333e2142e97
abe1b56150adaf5a63a856eeb4f9e83fd5ab7f036d2a6bd608ae41f407bc3909
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae6f56ae3ed68d87c1aa39bf21a3fdabb10a1347344a7605f1adb1f66caedc7a
b5deda249739f77d933b02a1caba16db92c92aca4fe4c21566ad3a85d65b61ac
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb30148d9df7671c14f2cd5be91e6b7a1488932efb740a80b66f39052744c168
bcff35cea618db4894095e3712ca4a91603b65888ce7de59016460b83c8917d7
be002b6bc7cd8b9043f09bcc3ddd290611ffa9f39e1923789414390a89e6c0a7
bfee3aaae52a8e772c619f79150bb21d5e6ece8a846b966b3bd283a4a7f4ed6f
c53ea495e43386054567a488d1e6e03f8b93b0bfb4cd85602212df7bf182a7ea
c9f185ce417e45970ebffde69880e7fd560e2c63b7ecdace7057a9baa291aee5
ca8019a51ee83bf4383c6865f08ab77117cb1ea6971776393e2f63f97181d32d
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d357fc6caa2a50825ab1a12ebf30692e57b0263d48af5f5b26eb53ce47a09a16
d891455e32c9a425e36e190047b1f58abeb7e3709eff687134ddea7ac9cfdd3b
d94492850cdbac974b0642fa258b03f5579329ca91ec37ee4ab76b5ce9d78649
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701
da79da69257cb3897ecfec1b6b87f7e6c1f2f012225f0b5fad0d883c6c05b085
db825f40b226a791264cbc35fd777ec1bfdc1ff05015e013c1416c14a4e1e5fa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded94c8116574205c09c29b6cfe362eb00915e99edefab4394ccc31ab5a16645
dee7e43b051bd156b70a40ac0e5c532f372d0f2d71632b41e79ec1f517c3c112
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea0ccf3eab05a27a83fdc3a0c60ede70d4d2f18bf8be6cbdcc221d43ad5686ec
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f05dc15073bcfc5a60be17a08711dbf1fd2aee43007e283c4abeab4dc0000909
f6f004ba351f90a7ba00d4343f3ff47370f6c5a97cff4558e569b6a83d9a3dab
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
faf9d8a0aaad67f389822224a487c77856849cbb97d4d5b37527f72fb676cf0e
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.latimes.com Open in urlscan Pro 13.32.121.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

138 Requests

99 %HTTPS

0 %IPv6

46 Domains

62 Subdomains

58 IPs

6 Countries

2392 kBTransfer

6004 kBSize

43 Cookies

31 Outgoing links

Page URL History

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.latimes.com Open in urlscan Pro
13.32.121.26 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

99 %
HTTPS

0 %
IPv6

46
Domains

62
Subdomains

58
IPs

6
Countries

2392 kB
Transfer

6004 kB
Size

43
Cookies

138 HTTP transactions
1 data transactions