urlscan.io logo urlscan.io
SecurityTrails logo

www.latimes.com Open in urlscan Pro
143.204.245.121  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW...
Effective URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANq...
Submission: On April 17 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 119 IPs in 10 countries across 102 domains to perform 500 HTTP transactions. The main IP is 143.204.245.121, located in United States and belongs to AMAZON-02, US. The main domain is www.latimes.com.
TLS certificate: Issued by Amazon on May 19th 2020. Valid for: a year.
This is the only time www.latimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 199.60.103.254 209242 (CLOUDFLAR...)
1 143.204.245.121 16509 (AMAZON-02)
23 3.124.119.57 16509 (AMAZON-02)
12 143.204.245.6 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 143.204.90.71 16509 (AMAZON-02)
3 13.225.87.41 16509 (AMAZON-02)
1 184.30.212.16 16625 (AKAMAI-AS)
8 151.101.113.194 54113 (FASTLY)
17 142.250.186.98 15169 (GOOGLE)
4 2a03:2880:f02... 32934 (FACEBOOK)
8 143.204.247.127 16509 (AMAZON-02)
1 104.108.145.83 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
5 178.250.2.131 44788 (ASN-CRITE...)
4 184.31.84.150 16625 (AKAMAI-AS)
5 22 34.98.64.218 15169 (GOOGLE)
4 213.19.162.41 26667 (RUBICONPR...)
4 18.156.195.47 16509 (AMAZON-02)
9 25 185.33.221.89 29990 (ASN-APPNEX)
4 3.125.137.77 16509 (AMAZON-02)
1 199.232.137.44 54113 (FASTLY)
2 2a02:26f0:710... 20940 (AKAMAI-ASN1)
2 151.101.113.140 54113 (FASTLY)
1 2 107.178.250.234 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.204.245.52 16509 (AMAZON-02)
1 104.108.145.107 16625 (AKAMAI-AS)
2 2600:9000:202... 16509 (AMAZON-02)
1 151.101.13.2 54113 (FASTLY)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 199.232.136.157 54113 (FASTLY)
3 6 143.204.245.38 16509 (AMAZON-02)
3 54.241.108.168 16509 (AMAZON-02)
1 151.139.128.11 20446 (HIGHWINDS3)
1 2600:9000:206... 16509 (AMAZON-02)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 142.250.186.34 15169 (GOOGLE)
2 64.202.112.159 22075 (AS-OUTBRAIN)
1 3.227.227.165 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
23 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2620:119:50e4... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
2 13.33.139.105 16509 (AMAZON-02)
1 104.244.42.5 13414 (TWITTER)
1 19 52.95.118.60 16509 (AMAZON-02)
5 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2.16.107.122 20940 (AKAMAI-ASN1)
2 35.186.226.184 15169 (GOOGLE)
5 35.168.95.93 14618 (AMAZON-AES)
3 2a03:2880:f12... 32934 (FACEBOOK)
4 184.30.24.193 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
8 18.157.108.214 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 23.209.68.8 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2607:f8b0:400... 15169 (GOOGLE)
20 34 142.250.186.66 15169 (GOOGLE)
8 44 104.108.145.8 16625 (AKAMAI-AS)
1 18 52.48.251.151 16509 (AMAZON-02)
6 104.111.230.142 16625 (AKAMAI-AS)
5 5 18.156.0.31 16509 (AMAZON-02)
10 25 3.64.73.215 16509 (AMAZON-02)
4 104.76.201.56 16625 (AKAMAI-AS)
2 138.201.84.252 24940 (HETZNER-AS)
3 151.101.113.108 54113 (FASTLY)
5 5 185.29.135.227 30419 (MEDIAMATH...)
2 3 2620:116:800d... 16509 (AMAZON-02)
3 10 37.157.3.29 198622 (ADFORM)
2 8 52.214.32.209 16509 (AMAZON-02)
4 4 2001:678:cb4:... 56396 (TURN)
2 4 35.186.253.211 15169 (GOOGLE)
5 9 2a00:1288:110... 34010 (YAHOO-IRD)
5 5 18.157.138.23 16509 (AMAZON-02)
10 10 35.156.19.236 16509 (AMAZON-02)
2 2 52.214.7.146 16509 (AMAZON-02)
4 7 54.154.158.183 16509 (AMAZON-02)
1 4 88.99.165.19 24940 (HETZNER-AS)
2 2 188.42.191.196 7979 (SERVERS-COM)
2 2 3.127.51.194 16509 (AMAZON-02)
3 4 64.202.112.127 22075 (AS-OUTBRAIN)
1 1 50.16.38.94 14618 (AMAZON-AES)
1 1 3.220.131.242 14618 (AMAZON-AES)
1 193.122.128.135 31898 (ORACLE-BM...)
2 169.197.150.7 398989 (DEEPINTENT)
4 4 70.42.32.191 13789 (INTERNAP-...)
2 2 18.158.182.200 16509 (AMAZON-02)
1 1 213.19.147.151 26120 (RHYTHMONE)
1 1 198.148.27.139 19189 (PULSEPOINT)
4 4 151.101.114.49 54113 (FASTLY)
2 104.108.144.214 16625 (AKAMAI-AS)
1 18.195.155.181 16509 (AMAZON-02)
1 1 124.146.215.42 2514 (INFOSPHER...)
2 2 193.0.160.128 54312 (ROCKETFUEL)
2 2 185.184.8.30 204995 (RTB-HOUSE...)
5 11 69.173.144.165 26667 (RUBICONPR...)
4 9 72.21.206.140 16509 (AMAZON-02)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.194.148.31 14618 (AMAZON-AES)
2 2a00:1450:401... 15169 (GOOGLE)
1 35.244.174.68 15169 (GOOGLE)
1 1 185.183.112.148 60350 (VP)
1 2 52.30.135.179 16509 (AMAZON-02)
1 1 66.155.71.150 13768 (COGECO-PEER1)
1 1 159.253.128.188 36351 (SOFTLAYER)
1 2 54.204.142.198 14618 (AMAZON-AES)
1 63.251.232.170 29791 (VOXEL-DOT...)
1 1 3.248.28.111 16509 (AMAZON-02)
1 192.132.33.46 18568 (BIDTELLECT)
1 1 35.241.40.233 15169 (GOOGLE)
2 2 51.178.20.139 16276 (OVH)
1 185.64.190.78 62713 (AS-PUBMATIC)
2 88.99.70.21 24940 (HETZNER-AS)
1 4 138.201.63.117 24940 (HETZNER-AS)
1 46.228.164.11 56396 (TURN)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 143.204.90.81 16509 (AMAZON-02)
1 178.250.0.173 44788 (ASN-CRITE...)
1 104.244.42.67 13414 (TWITTER)
1 2a02:2638::1c 44788 (ASN-CRITE...)
1 54.173.41.153 14618 (AMAZON-AES)
1 2602:803:c003... 26667 (RUBICONPR...)
1 3.123.239.130 16509 (AMAZON-02)
14 37.157.2.248 198622 (ADFORM)
1 52.208.253.191 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
500 119
2    199.60.103.254 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
info.silobreaker.com
1    143.204.245.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-121.cph50.r.cloudfront.net
www.latimes.com
23    3.124.119.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
activate.platform.californiatimes.com
activate.latimes.com
12    143.204.245.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-6.cph50.r.cloudfront.net
ca-times.brightspotcdn.com
3    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    143.204.90.71 (United States)

ASN16509 (AMAZON-02, US)
ssor.platform.californiatimes.com
3    13.225.87.41 (United States)

ASN16509 (AMAZON-02, US)
libs.platform.californiatimes.com
1    184.30.212.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
8    151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
17    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
4    2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
8    143.204.247.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-247-127.cph50.r.cloudfront.net
c.amazon-adsystem.com
1    104.108.145.83 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-83.deploy.static.akamaitechnologies.com
s.ntv.io
4    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
4    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
22    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
latimes-d.openx.net
eu-u.openx.net
us-u.openx.net
u.openx.net
4    213.19.162.41 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
c2shb.ssp.yahoo.com
25    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
secure.adnxs.com
4    3.125.137.77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
tlx.3lift.com
1    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
2    2a02:26f0:7100:288::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
2    151.101.113.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
www.redditstatic.com
alb.reddit.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    143.204.245.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-52.cph50.r.cloudfront.net
sc-static.net
1    104.108.145.107 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-107.deploy.static.akamaitechnologies.com
amplify.outbrain.com
2    2600:9000:2021:a400:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    151.101.13.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
a.quora.com
2    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
6    143.204.245.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-38.cph50.r.cloudfront.net
sb.scorecardresearch.com
3    54.241.108.168 (San Jose, United States)

ASN16509 (AMAZON-02, US)
jadserve.postrelease.com
1    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
assets.revcontent.com
1    2600:9000:206f:5600:a:b27c:d040:93a1 (United States)

ASN16509 (AMAZON-02, US)
ext.chtbl.com
1    2a02:26f0:1700:494::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
www.googleadservices.com
2    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
1    3.227.227.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
q.quora.com
3    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
7    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
2    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com
23    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2620:119:50e4:101::6cae:b55 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
2    13.33.139.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-139-105.cph50.r.cloudfront.net
web.chtbl.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
19    52.95.118.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
5    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    2.16.107.122 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ntvcld-a.akamaihd.net
2    35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
5    35.168.95.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-95-93.compute-1.amazonaws.com
www.i.matheranalytics.com
3    2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    184.30.24.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-193.deploy.static.akamaitechnologies.com
ct.pinterest.com
4    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
8    18.157.108.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
prebid-a.rubiconproject.com
3    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    23.209.68.8 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
a.teads.tv
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
15    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a02:26f0:6c00:181::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s8t.teads.tv
1    2607:f8b0:4008:804::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
34    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
44    104.108.145.8 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
js-sec.indexww.com
dsum.casalemedia.com
18    52.48.251.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
6    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
25    3.64.73.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
4    104.76.201.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
t.teads.tv
2    138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
hal9000.redintelligence.net
3    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
5    185.29.135.227 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
cms.quantserve.com
10    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
track.adform.net
8    52.214.32.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
9    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
5    18.157.138.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
10    35.156.19.236 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    52.214.7.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
r.scoota.co
7    54.154.158.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
4    88.99.165.19 (Germany)

ASN24940 (HETZNER-AS, DE)
hal900028.redintelligence.net
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    3.127.51.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-51-194.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
4    64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    50.16.38.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
1    3.220.131.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
1    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
4    70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    18.158.182.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ad.360yield.com
1    213.19.147.151 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    104.108.144.214 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cs.emxdgt.com
1    124.146.215.42 (Setagaya-ku, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
creativecdn.com
11    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
9    72.21.206.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com
s.amazon-adsystem.com
1    2a02:fa8:8806:13::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    34.194.148.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
beacon.lynx.cognitivlabs.com
2    2a00:1450:401b:807::2001 (Ireland)

ASN15169 (GOOGLE, US)
5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
id.rlcdn.com
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    52.30.135.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-135-179.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    54.204.142.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
um2.eqads.com
1    63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    3.248.28.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
dmp.brand-display.com
2    51.178.20.139 (France)

ASN16276 (OVH, FR)
gu.dyntrk.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    88.99.70.21 (Germany)

ASN24940 (HETZNER-AS, DE)
cdn.contentspread.net
4    138.201.63.117 (Ketsch, Germany)

ASN24940 (HETZNER-AS, DE)
hal90003.redintelligence.net
1    46.228.164.11 (United Kingdom)

ASN56396 (TURN, GB)
r.turn.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    143.204.90.81 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    178.250.0.173 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
3pd.criteo.com
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    54.173.41.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ping.chartbeat.net
1    2602:803:c003:200::37 (United States)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
1    3.123.239.130 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-239-130.eu-central-1.compute.amazonaws.com
protected-by.clarium.io
14    37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    52.208.253.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
io.fusedeck.net
12    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:800::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
60 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
static.doubleclick.net
334 KB
46 googlesyndication.com
pagead2.googlesyndication.com
a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com
tpc.googlesyndication.com
5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
317 KB
42 casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
51 KB
36 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
aax.amazon-adsystem.com
101 KB
31 rubiconproject.com
ads.rubiconproject.com
fastlane.rubiconproject.com
prebid-a.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
beacon-ams3.rubiconproject.com
133 KB
29 3lift.com
tlx.3lift.com
eb2.3lift.com
12 KB
28 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
69 KB
26 openx.net
latimes-d.openx.net
eu-u.openx.net
us-u.openx.net
rtb.openx.net
u.openx.net
6 KB
26 californiatimes.com
activate.platform.californiatimes.com
ssor.platform.californiatimes.com
libs.platform.californiatimes.com
205 KB
24 adform.net
c1.adform.net
track.adform.net
s1.adform.net
450 KB
18 gumgum.com
rtb.gumgum.com
5 KB
18 yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
8 KB
12 youtube.com
www.youtube.com
738 KB
12 brightspotcdn.com
ca-times.brightspotcdn.com
382 KB
11 google.com
adservice.google.com
www.google.com
13 KB
10 bidswitch.net
x.bidswitch.net
4 KB
10 redintelligence.net
hal9000.redintelligence.net
hal900028.redintelligence.net
hal90003.redintelligence.net
21 KB
8 adsrvr.org
match.adsrvr.org
2 KB
8 googletagservices.com
www.googletagservices.com
256 KB
8 fastly.net
confiant-integrations.global.ssl.fastly.net
290 KB
7 bidr.io
match.prod.bidr.io
3 KB
7 teads.tv
a.teads.tv
s8t.teads.tv
t.teads.tv
134 KB
7 outbrain.com
amplify.outbrain.com
tr.outbrain.com
sync.outbrain.com
5 KB
7 matheranalytics.com
js.matheranalytics.com
www.i.matheranalytics.com
44 KB
7 criteo.com
bidder.criteo.com
3pd.criteo.com
gum.criteo.com
2 KB
6 indexww.com
js-sec.indexww.com
6 KB
6 google.de
adservice.google.de
www.google.de
832 B
6 scorecardresearch.com
sb.scorecardresearch.com
2 KB
5 w55c.net
pm.w55c.net
4 KB
5 turn.com
ad.turn.com
r.turn.com
2 KB
5 mathtag.com
sync.mathtag.com
3 KB
5 ampproject.org
cdn.ampproject.org
108 KB
5 bing.com
bat.bing.com
c.bing.com
10 KB
4 everesttech.net
sync-tm.everesttech.net
909 B
4 zemanta.com
b1sync.zemanta.com
1 KB
4 pinterest.com
ct.pinterest.com
2 KB
4 google-analytics.com
www.google-analytics.com
21 KB
4 facebook.net
connect.facebook.net
162 KB
3 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
18 KB
3 quantserve.com
pixel.quantserve.com
cms.quantserve.com
1 KB
3 gstatic.com
csi.gstatic.com
fonts.gstatic.com
www.gstatic.com
17 KB
3 facebook.com
www.facebook.com
637 B
3 linkedin.com
px.ads.linkedin.com
www.linkedin.com
3 KB
3 chtbl.com
ext.chtbl.com
web.chtbl.com
5 KB
3 postrelease.com
jadserve.postrelease.com
5 KB
3 googleapis.com
ajax.googleapis.com
94 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
2 KB
2 contentspread.net
cdn.contentspread.net
114 KB
2 dyntrk.com
gu.dyntrk.com
1 KB
2 eqads.com
um2.eqads.com
563 B
2 demdex.net
dpm.demdex.net
2 KB
2 creativecdn.com
creativecdn.com
695 B
2 rfihub.com
p.rfihub.com
1 KB
2 360yield.com
ad.360yield.com
618 B
2 deepintent.com
match.deepintent.com
83 B
2 creative-serving.com
ads.creative-serving.com
1 KB
2 betweendigital.com
ads.betweendigital.com
1013 B
2 scoota.co
r.scoota.co
1 KB
2 snapchat.com
tr.snapchat.com
566 B
2 criteo.net
static.criteo.net
51 KB
2 yimg.com
s.yimg.com
7 KB
2 quora.com
a.quora.com
q.quora.com
14 KB
2 chartbeat.com
static.chartbeat.com
34 KB
2 pinimg.com
s.pinimg.com
18 KB
2 latimes.com
www.latimes.com
activate.latimes.com
63 KB
2 silobreaker.com
info.silobreaker.com
4 KB
1 ytimg.com
i.ytimg.com
18 KB
1 ggpht.com
yt3.ggpht.com
4 KB
1 fusedeck.net
io.fusedeck.net
44 KB
1 clarium.io
protected-by.clarium.io
345 B
1 chartbeat.net
ping.chartbeat.net
169 B
1 twitter.com
analytics.twitter.com
651 B
1 smaato.net
s.ad.smaato.net
689 B
1 brand-display.com
dmp.brand-display.com
319 B
1 bttrack.com
bttrack.com
380 B
1 adroll.com
d.adroll.com
112 B
1 adgrx.com
cm.adgrx.com
408 B
1 simpli.fi
um.simpli.fi
619 B
1 sitescout.com
pixel-sync.sitescout.com
299 B
1 adotmob.com
sync.adotmob.com
682 B
1 rlcdn.com
id.rlcdn.com
66 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
380 B
1 dotomi.com
casale-match.dotomi.com
181 B
1 socdm.com
tg.socdm.com
830 B
1 emxdgt.com
cs.emxdgt.com
1 contextweb.com
bh.contextweb.com
659 B
1 1rx.io
sync.1rx.io
307 B
1 technoratimedia.com
sync.technoratimedia.com
294 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 stackadapt.com
sync.srv.stackadapt.com
606 B
1 akamaihd.net
ntvcld-a.akamaihd.net
51 KB
1 t.co
t.co
448 B
1 reddit.com
alb.reddit.com
125 B
1 googleadservices.com
www.googleadservices.com
14 KB
1 licdn.com
snap.licdn.com
2 KB
1 revcontent.com
assets.revcontent.com
10 KB
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 sc-static.net
sc-static.net
6 KB
1 googletagmanager.com
www.googletagmanager.com
33 KB
1 redditstatic.com
www.redditstatic.com
7 KB
1 taboola.com
cdn.taboola.com
22 KB
1 ntv.io
s.ntv.io
103 KB
500 102
Domain Requested by
34 cm.g.doubleclick.net 20 redirects googleads.g.doubleclick.net
eu-u.openx.net
rtb.gumgum.com
eb2.3lift.com
www.latimes.com
5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
29 dsum-sec.casalemedia.com 7 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
um2.eqads.com
25 eb2.3lift.com 10 redirects activate.platform.californiatimes.com
eb2.3lift.com
23 tpc.googlesyndication.com activate.platform.californiatimes.com
info.silobreaker.com
www.latimes.com
a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
22 ib.adnxs.com 6 redirects activate.platform.californiatimes.com
acdn.adnxs.com
eb2.3lift.com
22 activate.platform.californiatimes.com www.latimes.com
activate.platform.californiatimes.com
19 pagead2.googlesyndication.com activate.platform.californiatimes.com
a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.latimes.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
www.googletagservices.com
18 rtb.gumgum.com 1 redirects aax-eu.amazon-adsystem.com
rtb.gumgum.com
17 aax-eu.amazon-adsystem.com 1 redirects activate.platform.californiatimes.com
aax-eu.amazon-adsystem.com
rtb.gumgum.com
ssum-sec.casalemedia.com
c.amazon-adsystem.com
info.silobreaker.com
17 securepubads.g.doubleclick.net www.latimes.com
activate.platform.californiatimes.com
info.silobreaker.com
www.googletagservices.com
securepubads.g.doubleclick.net
14 s1.adform.net info.silobreaker.com
s1.adform.net
12 www.youtube.com aax-eu.amazon-adsystem.com
www.youtube.com
12 ca-times.brightspotcdn.com www.latimes.com
ca-times.brightspotcdn.com
10 x.bidswitch.net 10 redirects
9 s.amazon-adsystem.com 4 redirects eb2.3lift.com
ssum-sec.casalemedia.com
9 pr-bh.ybp.yahoo.com 5 redirects eu-u.openx.net
ssum-sec.casalemedia.com
9 eu-u.openx.net 2 redirects activate.platform.californiatimes.com
eu-u.openx.net
8 match.adsrvr.org 2 redirects eu-u.openx.net
eb2.3lift.com
ssum-sec.casalemedia.com
www.latimes.com
8 us-u.openx.net 2 redirects eu-u.openx.net
8 www.googletagservices.com info.silobreaker.com
activate.platform.californiatimes.com
a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com
a.teads.tv
securepubads.g.doubleclick.net
5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
8 prebid-a.rubiconproject.com activate.platform.californiatimes.com
8 c.amazon-adsystem.com www.latimes.com
activate.platform.californiatimes.com
c.amazon-adsystem.com
info.silobreaker.com
8 confiant-integrations.global.ssl.fastly.net www.latimes.com
activate.platform.californiatimes.com
aax-eu.amazon-adsystem.com
confiant-integrations.global.ssl.fastly.net
7 track.adform.net info.silobreaker.com
aax-eu.amazon-adsystem.com
s1.adform.net
7 match.prod.bidr.io 4 redirects eu-u.openx.net
ssum-sec.casalemedia.com
7 www.google.com 1 redirects info.silobreaker.com
www.latimes.com
5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
www.youtube.com
7 googleads.g.doubleclick.net activate.platform.californiatimes.com
a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com
info.silobreaker.com
www.latimes.com
5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
www.youtube.com
6 js-sec.indexww.com activate.platform.californiatimes.com
ssum-sec.casalemedia.com
6 eus.rubiconproject.com aax-eu.amazon-adsystem.com
activate.platform.californiatimes.com
eus.rubiconproject.com
6 ssum-sec.casalemedia.com 1 redirects aax-eu.amazon-adsystem.com
js-sec.indexww.com
ssum-sec.casalemedia.com
6 sb.scorecardresearch.com 3 redirects www.latimes.com
5 pixel.rubiconproject.com 1 redirects www.latimes.com
5 token.rubiconproject.com 3 redirects eus.rubiconproject.com
info.silobreaker.com
5 pm.w55c.net 5 redirects
5 sync.mathtag.com 5 redirects
5 ups.analytics.yahoo.com 5 redirects
5 cdn.ampproject.org confiant-integrations.global.ssl.fastly.net
5 www.i.matheranalytics.com www.latimes.com
5 bidder.criteo.com activate.platform.californiatimes.com
4 hal90003.redintelligence.net 1 redirects 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
hal90003.redintelligence.net
4 sync-tm.everesttech.net 4 redirects
4 b1sync.zemanta.com 4 redirects
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 hal900028.redintelligence.net 1 redirects a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com
hal900028.redintelligence.net
4 rtb.openx.net 2 redirects eu-u.openx.net
4 ad.turn.com 4 redirects
4 t.teads.tv www.latimes.com
4 ct.pinterest.com activate.platform.californiatimes.com
www.latimes.com
4 www.google-analytics.com activate.platform.californiatimes.com
www.latimes.com
4 adservice.google.com activate.platform.californiatimes.com
securepubads.g.doubleclick.net
4 adservice.google.de activate.platform.californiatimes.com
securepubads.g.doubleclick.net
4 tlx.3lift.com activate.platform.californiatimes.com
4 c2shb.ssp.yahoo.com activate.platform.californiatimes.com
4 fastlane.rubiconproject.com activate.platform.californiatimes.com
4 latimes-d.openx.net activate.platform.californiatimes.com
4 htlb.casalemedia.com activate.platform.californiatimes.com
4 connect.facebook.net www.latimes.com
activate.platform.californiatimes.com
3 dsum.casalemedia.com ssum-sec.casalemedia.com
3 c.bing.com eb2.3lift.com
3 secure.adnxs.com 3 redirects
3 c1.adform.net 3 redirects
3 acdn.adnxs.com activate.platform.californiatimes.com
3 www.facebook.com www.latimes.com
activate.platform.californiatimes.com
3 jadserve.postrelease.com activate.platform.californiatimes.com
www.latimes.com
3 libs.platform.californiatimes.com www.latimes.com
3 ajax.googleapis.com www.latimes.com
hal900028.redintelligence.net
hal90003.redintelligence.net
2 aax.amazon-adsystem.com www.latimes.com
2 cdn.contentspread.net hal900028.redintelligence.net
hal90003.redintelligence.net
2 gu.dyntrk.com 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 creativecdn.com 2 redirects
2 p.rfihub.com 2 redirects
2 ads.pubmatic.com rtb.gumgum.com
ads.pubmatic.com
2 ad.360yield.com 2 redirects
2 match.deepintent.com rtb.gumgum.com
ssum-sec.casalemedia.com
2 ads.creative-serving.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 r.scoota.co 2 redirects
2 pixel.quantserve.com 2 redirects
2 hal9000.redintelligence.net a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com
5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
2 www.google.de www.latimes.com
2 a.teads.tv info.silobreaker.com
activate.platform.californiatimes.com
2 tr.snapchat.com www.latimes.com
2 bat.bing.com activate.platform.californiatimes.com
www.latimes.com
2 web.chtbl.com activate.platform.californiatimes.com
2 px.ads.linkedin.com 1 redirects www.latimes.com
2 a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com activate.platform.californiatimes.com
2 tr.outbrain.com activate.platform.californiatimes.com
www.latimes.com
2 static.criteo.net activate.platform.californiatimes.com
2 s.yimg.com activate.platform.californiatimes.com
2 static.chartbeat.com activate.platform.californiatimes.com
2 js.matheranalytics.com 1 redirects www.latimes.com
2 s.pinimg.com activate.platform.californiatimes.com
2 info.silobreaker.com 1 redirects
1 www.gstatic.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 io.fusedeck.net aax-eu.amazon-adsystem.com
1 protected-by.clarium.io aax-eu.amazon-adsystem.com
1 beacon-ams3.rubiconproject.com info.silobreaker.com
1 ping.chartbeat.net
1 gum.criteo.com activate.platform.californiatimes.com
1 analytics.twitter.com activate.platform.californiatimes.com
1 3pd.criteo.com activate.platform.californiatimes.com
1 s.ad.smaato.net 1 redirects
1 s.tribalfusion.com 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 cms.quantserve.com 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
1 r.turn.com 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
1 image6.pubmatic.com ads.pubmatic.com
1 dmp.brand-display.com 1 redirects
1 bttrack.com ssum-sec.casalemedia.com
1 d.adroll.com 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 um.simpli.fi 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 sync.adotmob.com 1 redirects
1 id.rlcdn.com www.latimes.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 casale-match.dotomi.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com rtb.gumgum.com
1 bh.contextweb.com 1 redirects
1 sync.1rx.io 1 redirects
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 u.openx.net 1 redirects
1 csi.gstatic.com securepubads.g.doubleclick.net
1 s8t.teads.tv activate.platform.californiatimes.com
1 stats.g.doubleclick.net activate.platform.californiatimes.com
1 ntvcld-a.akamaihd.net www.latimes.com
1 t.co www.latimes.com
1 www.linkedin.com 1 redirects
1 q.quora.com www.latimes.com
1 alb.reddit.com www.latimes.com
1 www.googleadservices.com activate.platform.californiatimes.com
1 activate.latimes.com www.latimes.com
1 snap.licdn.com activate.platform.californiatimes.com
1 ext.chtbl.com activate.platform.californiatimes.com
1 assets.revcontent.com activate.platform.californiatimes.com
1 static.ads-twitter.com activate.platform.californiatimes.com
1 a.quora.com activate.platform.californiatimes.com
1 amplify.outbrain.com activate.platform.californiatimes.com
1 sc-static.net activate.platform.californiatimes.com
1 www.googletagmanager.com activate.platform.californiatimes.com
1 www.redditstatic.com activate.platform.californiatimes.com
1 cdn.taboola.com activate.platform.californiatimes.com
1 s.ntv.io activate.platform.californiatimes.com
1 ads.rubiconproject.com www.latimes.com
1 ssor.platform.californiatimes.com www.latimes.com
1 www.latimes.com info.silobreaker.com
500 157
Subject Issuer Validity Valid
info.silobreaker.com
Cloudflare Inc ECC CA-3		 2020-06-30 -
2021-06-30		 a year crt.sh
www.latimes.com
Amazon		 2020-05-19 -
2021-06-19		 a year crt.sh
activate.platform.californiatimes.com
Go Daddy Secure Certificate Authority - G2		 2019-09-24 -
2021-09-24		 2 years crt.sh
cdn.ca-times.psdops.com
Amazon		 2020-10-16 -
2021-11-15		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
ssor.platform.californiatimes.com
Amazon		 2021-04-17 -
2022-05-16		 a year crt.sh
*.platform.californiatimes.com
Amazon		 2020-06-16 -
2021-07-16		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-04-05 -
2022-04-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-01-25 -
2022-02-01		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.3lift.com
Amazon		 2020-07-04 -
2021-08-05		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2020-07-16 -
2021-08-04		 a year crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-08 -
2021-07-06		 6 months crt.sh
js.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-19 -
2022-04-19		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-11 -
2022-02-15		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2020-03-09 -
2021-06-08		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2020-06-01 -
2021-06-02		 a year crt.sh
quora.com
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-24 -
2021-05-12		 2 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-08-14 -
2021-08-19		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-26		 a year crt.sh
assets.revcontent.com
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
ext.chtbl.com
Amazon		 2021-01-25 -
2022-02-22		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
activate.latimes.com
Go Daddy Secure Certificate Authority - G2		 2020-05-20 -
2021-05-30		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-08 -
2021-07-06		 6 months crt.sh
*.quora.com
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-04-15 -
2021-10-15		 6 months crt.sh
web.chtbl.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-28 -
2022-01-27		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-04-12 -
2021-10-12		 6 months crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2020-07-15 -
2021-09-13		 a year crt.sh
tr.snapchat.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-01-23		 a year crt.sh
www.i.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-28 -
2022-01-27		 2 years crt.sh
www.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
teads.tv
R3		 2021-02-18 -
2021-05-19		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
redintelligence.net
R3		 2021-02-19 -
2021-05-20		 3 months crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-16 -
2022-03-17		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
um3.eqads.com
Amazon		 2020-07-24 -
2021-08-24		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
contentspread.net
R3		 2021-02-01 -
2021-05-02		 3 months crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-31 -
2022-03-31		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-08 -
2021-08-08		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-09 -
2022-02-07		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2020-04-03 -
2022-04-26		 2 years crt.sh
*.fusedeck.net
Amazon		 2021-04-03 -
2022-05-02		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
edgestatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh

This page contains 58 frames:

Primary Page: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Frame ID: 6DBF38AF1577364FCB1D5CB7446BC843
Requests: 181 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-vmg_3lift&dcc=t
Frame ID: 7C0A8518D207E195F4F7A340C149D069
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=dbe625aa-7ced-4e1d-8918-88782123af97
Frame ID: 6FE314325CE3AAA1BCD624648187D3B0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuII2vFbHH4cYvXZ70QEKqwZKA-PG5JzvqwwBAqEfgQRlBeoD0fSopyCi9OZ17NJ-basFnAlaySIGdOAT0I4yfPCjb11AaSOecbUw26__fMGtGIDXHZHkBJvVDboDjSLzLOAzqDIa7TttO0zNhGIfpdUeL_n1Z_t9tSW13ChGf2L3576kRhNs9rv59qX6I8VeisnBQ-ylhiayKs9iiyidW2JCsnRapo17mj_p-Jf8JDGcMikeAIgSSQ_L4p4i55ikPoezaXgNTaLTAUMoCLAPczseWXKvqUJuzx2prQ2KlcGRUjdbIFCD3l9RQ&sai=AMfl-YSRD4IGrGFCdZAYLfQV5ilk41MDETsDTUO9KDatR2IFBTJ7JmT1sgEVUmwhO5M06tDD836TgPsO1Df6hu7qxqtm7OofV_6TOHscN2ObqH8Tq2WpTwI17wGqIIOo8Gk&sig=Cg0ArKJSzDSGpZO1QIrnEAE&adurl=
Frame ID: 632CF37668E526F2BD30879EE1C3FE84
Requests: 10 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 389B210B42143F5CA42D47EF2E8083E2
Requests: 1 HTTP requests in this frame

Frame: https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 888B0E3FCEFCD047C44F25A3B776C0E6
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: C136B80BCC43AC46CD3DCD2BC3D0A790
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8Nl-0Wa2RdFSig9IhjT4bKmZQ6Xva-PhgqojP8yjUHPvJU3t_RfwSWfEXNz_bgx8ldSJOr0IFqVGC9v6NyW4h5pQgMpXzmhjTSi3ysWSvj-tIrask3yQeMeSQdRLwRf2JEe3_OXyisD-tAsxti81zVmSWOvBh_oG_p4dj-8iDCtVk7mt5id5LE6SiVEPVEI5zy-u2gJfmUv2JKqRjqGT-ciTPoDgGEYetNwJKpWa-Qx7ChLSExw0PsS8OL1xUPIOz_UYYowLND5NONkVJxH3WAB95dm84YdZAGWNfobtrS3n7YNdefsKbc09IC5o&sig=Cg0ArKJSzCZdebm6m51GEAE&urlfix=1&adurl=
Frame ID: A80D9D6D4211CB76CB23780036976A22
Requests: 5 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-vmg_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 7D398CA3413B71E84519A6006EE1EDC9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYiKbFlQEwAQ&v=APEucNVG2_iBPy0yhDyJs_LtDM_HctBEK1RbSA5XDTSYGyQvc5mnqRqclt9DFITDNAG3yxM6LIeh7ea5VOylVbAD3xR9qjkzDfupIlfhhJS8ln2eu42nTRMXM7PpTRgqToyBC7j6z1m5MQrCKyNqdoqvNMYottQwF6w1sip0d70EH1Sh_8WhWbkJ4H1QxuXYDTaFZWb4hHT5dRo0OibLpHeY_Xk7GQn2-Q
Frame ID: F553054DA25CD7C5746064F1BFD8AF50
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: C64C88DDBCF9E5D2BA50C8C28A2316E5
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Frame ID: 095E3E07897A75E48D2ADE3A9E8164D7
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: 1DEC53E781A1730DCF54AD0784323B43
Requests: 3 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-8WcxW2p1l2OI8tqvTGXbRPLfVoSwb_Q-&
Frame ID: A532E91221B5A997707D6708812D1DD8
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=11167679642594761015
Frame ID: 167EC73B8F386AA629D275374B45BA9D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 507983E3AD3B480AB02861B65FBF7A5A
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3A77C56758E273F17CB9A89E207C6391
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Frame ID: F9BE1BB5ECF12805201AAE7B91AF3E6F
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Frame ID: 0A460DD20D48B1889BB567B139A8C926
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FCD108AADB99D6B77617BDF6996883F4
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4591CC465A1464D48E2E3457CCD8D736
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Frame ID: A62AB2F829AA94381EFEA21BD57525E3
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 204448AEF3BEC4C6EDBBADDB6BC39924
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1YNY
Frame ID: BE657025E79F9B93860E14B7E9F062F6
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0BE45F7CA6B5030B4DCA74AC318E8C78
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Frame ID: BE825E84284ED5CCE336FB9C63CE443D
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Frame ID: D47315420A09410B94EE720656484C14
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 59493ED0D12B71F715505165FA25DDAE
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Frame ID: 199A47581941E1B8B391FEE0E139C8D8
Requests: 11 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: D84EA366ABDE8A0BB0CD72F887F403F1
Requests: 11 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=a933607b-3f9c-4100-97a8-1d2a0e452464&gdpr=&gdpr_consent=
Frame ID: 62F6165E5579AE5E2F56E904D26F32BE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YHs-nAAANzApdABg&gdpr=&gdpr_consent=&_test=YHs-nAAANzApdABg
Frame ID: 8209D1E393ECBE267A1C04616996E386
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xMWVkYTEyMy1kMTZlLTRmNDQtODA4MS1lNGE1ODVkZWE2MjQ=&gdpr=&gdpr_consent=
Frame ID: 8A99C026D46C73483C670F26636B2E09
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 4491CAFA62E7BDFB208314261FFAF0C3
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=50016032-4ad4-4d9a-b9ca-db93bdb6eb91&t=1621281948
Frame ID: 22C41DDC7642133BE24CCB103AEDC7C1
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: AD02D62096AFC4A10F18FC2C9EB6727A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YHs-ncCo8YwAAGg6KUgAAAAA
Frame ID: C68FE20511053C6F9364F798A39841F9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871878969296785799
Frame ID: A3EB8EBB66634A47C3BB8180770FD17B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=vXGcuko3VAGVPrbjk75M&pi=gumgum&tc=1
Frame ID: E366BF947806146EC0BB94E763B0AA10
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 8337317B6B91EF872BA925C30EA828AE
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5FA27A53D8088C9AD8F487F6A4247EA3
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: ED59729AA247EC467DC82E4A0384BE4F
Requests: 10 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=13628300161032900710592011567028&a=99c9ade3
Frame ID: 97EB2011EF07529E84521CD123E44617
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 97EEFC1735020AD327F038CE084C9B85
Requests: 2 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 4980A352DCD4ECB66427133A7C2BE635
Requests: 2 HTTP requests in this frame

Frame: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9CC1AABC5415CD7663614C50D7E3358A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVJ63rRYlun2C9p2XHstro1tweMoybBmUyLmMZVB6N3noh6GakPRLYYzeBi88xm_YDacUB9uCetrcoYgk-d7iFGygkHhXbmFdhZSfjkh3eVJj53628spfuZdwHro3EbGkkdVmaYMmDfmI3Ma1kuqE83CAbidww8xqsk_xGVo3sNaweDUlZD5vbD-VkIBlp7T_r9F0VSI9mecbOQgCtaa3ysummdyA
Frame ID: CFA015E2A3799805913566287FF8E330
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 37B19AEC48CCF89F4BB182E105D623B8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D54E33670CE24AD451A0DA68D1250E8B
Requests: 3 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=23200300178898500710584011567003&a=95be9f7f
Frame ID: 3374A5B20BED7CFFB06BB760A1E81864
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 670BA406CE1D9900680B0E7C24CF4595
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.latimes.com
Frame ID: D53FBC2A06E11077AC067814E3860C8A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: AE442717709719EB560EA0FFE6D27A37
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZkOMah1TFKKMKz6T25UcqaTfAe1cVKx0s9Igf9iaeKOdLw8aYoksVOCsjDWloJF7IILx9z_2EHQOcieAhrQknCiO81j5KcameWGtA6OU1kjRu9sK-hFOaDw2S_ehVPI-Wo9BbGNLrGH1SEa5mdF8i3X0nSC7yb58mWSHuURWVbgkDWKLPS1vmsIgP4Hst6gH9kfkel-yUeLn3HNFHJjy6w5hj4OSaThH4L6ZkEyttMIsvratbV7cZXKnD3JI9AwNY9uM37OZCcmd944ifa5v86Mt30eh12TjKJw9XFhCm2J6OEUhf5_uRqcIkfko&sig=Cg0ArKJSzMMCxGGg3scvEAE&urlfix=1&adurl=
Frame ID: 755FC06E6271D071B6C9A04568C3FEEC
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/e/dtb/admi?b=IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0&rnd=3198343944861618689958034&pp=22vwg0&p=myjchs&crid=2676:45400975&ep=%7B%22ce%22%3A%221%22%7D
Frame ID: D330E5D2F4E8756F6AD19A242B58AABC
Requests: 26 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Frame ID: BF67E2A0FB4C2BF8F7A4AA00BE8E2EAE
Requests: 2 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2070608/9542029/9542029.js?ADFassetID=9542029&bv=257
Frame ID: 21DA2D906437F1B557DF4C0EE444EE06
Requests: 15 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
Frame ID: 5EE57F69491A09D06399C589395E4781
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P... Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-Hwr... HTTP 307
    https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=9... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

500
Requests

100 %
HTTPS

32 %
IPv6

102
Domains

157
Subdomains

119
IPs

10
Countries

4613 kB
Transfer

12621 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1 Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1?_ud=4b9d9857-dc5e-4b02-a11e-f54afdec23f3&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://js.matheranalytics.com/s/ma12767/212934200/all/ml.js?cb=1561 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma12767/all/9/ml.br.js
Request Chain 74
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036462&ns__t=Sat%20Apr%2017%202021%2022:05:42%20GMT+0200%20(Central%20European%20Summer%20Time)&ns_c=UTF-8&c8=Why%20so%20many%20people%20want%20to%20believe%20Biden%20stole%20the%20election%20-%20Los%20Angeles%20Times&c7=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=Sat%20Apr%2017%202021%2022%3A05%3A42%20GMT%200200%20(Central%20European%20Summer%20Time)&ns_c=UTF-8&c8=Why%20so%20many%20people%20want%20to%20believe%20Biden%20stole%20the%20election%20-%20Los%20Angeles%20Times&c7=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&c9=
Request Chain 84
  • https://sb.scorecardresearch.com/c2/6036462/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 107
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2437484&time=1618689943825&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2437484%26time%3D1618689943825%26url%3Dhttps%253A%252F%252Fwww.latimes.com%252Fopinion%252Fstory%252F2020-12-06%252Fdonald-trump-election-fraud-lies-psychology%253F_hsmi%253D96965274%2526_hsenc%253Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2437484&time=1618689943825&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&liSync=true
Request Chain 111
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-vmg_3lift HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-vmg_3lift&dcc=t
Request Chain 180
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jyYZjW-IoHIBBj-n-Zxg&google_cver=1
Request Chain 193
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHs-mx9lSUBZaOSBKbcRiAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jyYZjW-IoHIBBj-n-Zxg&google_cver=1
Request Chain 195
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Request Chain 197
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-8WcxW2p1l2OI8tqvTGXbRPLfVoSwb_Q-&
Request Chain 198
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=11167679642594761015
Request Chain 203
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1618689947451&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=95697910&cs_ucfr= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1618689947451&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=95697910&cs_ucfr=
Request Chain 207
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Request Chain 208
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Request Chain 211
  • https://eb2.3lift.com/sync?us_privacy=1YNY& HTTP 302
  • https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Request Chain 216
  • https://eb2.3lift.com/sync?us_privacy=1YNY& HTTP 302
  • https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Request Chain 218
  • https://eb2.3lift.com/sync?us_privacy=1YNY& HTTP 302
  • https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Request Chain 223
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2e13607b-3f9c-4f00-b41d-ef157c0d38b7
Request Chain 224
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ItgdwieOE8M53E_EJdoHkSXbHsY53RmUIIwwVI8V
Request Chain 225
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8843288730370667303
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2E4MzlmY2UtMTg1My02ZmE2LTc2ODctM2E5ZmM4NDhiZmM4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2E4MzlmY2UtMTg1My02ZmE2LTc2ODctM2E5ZmM4NDhiZmM4&google_tc=
Request Chain 228
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJGb-odnXyCCr0cOk9r6wnQ&google_cver=1
Request Chain 229
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3521235041686194610&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 230
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=ibrGOHiiiCyFEyyR0bNLEg==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 232
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=nlR0h2df1LxRco5
Request Chain 233
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=4edc20c6-b4f1-4685-ae83-5609b5367290&ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=29&expires=30&user_id=4edc20c6-b4f1-4685-ae83-5609b5367290&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=1de1b6ff-212e-4791-8a5c-224bb3ccf682 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=1de1b6ff-212e-4791-8a5c-224bb3ccf682
Request Chain 234
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFETlZFN0E5bjhBQUNuVGlqVERIdw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 236
  • https://hal900028.redintelligence.net/request.php?zone=vydnfpw7kpbp&nw=20&renderingType=javascript&namespace=4078b1676c&subid=&uid=b1443312ad8c10ae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCcFwIlz97YJuPNsKIrAS6m5D4B4_g-IZT3aaLpMoM8C4QASCvwLZwYJUCyAEJqQIgAuV8Ixq0PqgDAaoE7wFP0ItHiUWcl5cLi9lr757NfAjVMBGil-yBTfNPslyhVDHoLT26d768slfzLv4AEMKeJcrKVQe5P-3W52dWoc_PEN6_Qk8-ZpAlDMTvR9vOpuTa6C6vggHAP3lDcUVQUI_aJI-MyaxlTgNOVJRKRxFZFarqqteI9NxWSSJgUExUF-61QM-f1gMKTCNup8xQVFg1k1qS8b5_sWgzUDnvxmOKdf9GIB1XRyOFJQ9UZXKYNT-eA61TdPAlZiS_DiGPnmNOyRB-WPZw_dP1t7N0C6XWfaW4osdepPTWZzPwfG9jn4nLGw68MD3oQqn_9dQubsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo1teYwc7LVcafzwDx4hcHvj5BUtBgW8jT2j5s1_3rf32Kk5Z0SpL7ecOjYkrMwc7V5nY_bwmjum_QR6E%26sig%3DAOD64_3kJHMskRsow7DCtuq4-BfVDacnRQ%26client%3Dca-pub-1409437888781518%26dbm_c%3DAKAmf-DydHeqO4N96MdxiVLNbyg4Dq-WWd1z9dMdwxOrXBlxE0f-Kv00cgPRu2UwQ7d5XJJE3iJjmtwIKHkh-37ws_KtfzooT9TtiP6sEGiHu4vS34IMW71LkezsN2jGItMVU6ZrRAQQD3BGrmIliFtRcwONNmeLGA%26cry%3D1%26dbm_d%3DAKAmf-CmFOki9lOdmXVVScB0TGYa52CVeuvSHaWX49Z59pom3BQqq-48DUjT0Qojm4B4y8Qlzm7Vv4x1nEDtSYA8deYrxi6GEQPTxQ2ScXxlc8SCUyJmaDEeacqbtwi0ellLPhcaZ4ziKCDaAnokbrfPSTgioa2mFVBSU0dZOP4DSYsTkI2i-21G-a4HyxvmeCUnYcJ1-KTHwz96PgUWplLpmbb84CZt8C1MH7O5gczXGnmDvo_r7Z1jt4qYKYd66AExREXgs9-WjTQ4E7X_FHGferd0z597OVRLN1Ce16QVDnIsqR6E9qKbh5T1tpJ9GDoryH0Xl_EZvDj7xHmzpv8iKTWst2TuXi1QLjlfxN2F50bLQc_XZr41-Os9hUqyQWsPrfJyYfoTAwqv1-nm11KZ4GFyFhP4PXOXGAg8YV05VoGKyGwVliFrCASUnnwtBs-iKcDmkrxCV-JVfpRjOWDfR9qTqVmHt8vg7GwdUten8mh781Jug2_xOLAxzkrLrJT-XzzsoULLC4H-X6A7XEJ2_rISog6Dv7bsJ-NA5P0_5oqGRkyY_swvjIYcH2KoFdxbMyQt6Z5ZmSOSzeRoAjt4rA9vCH4V6Ckbjt-qFSfsPY22kVYgN6XlVmYsmT5b2DF8QsRrog3ejaSGNPtgkoHQdrO4j8pVBcvrIJC0UTSYG0ra9G-R9hCc885v9xBPPBam-0sMh_VN-YSgHC7obKYpGZcwfQFmkg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.latimes.com%2F&ancestorOrigins=https%3A%2F%2Fwww.latimes.com&random=2293414473227&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
  • https://hal900028.redintelligence.net/request.php?zone=vydnfpw7kpbp&nw=20&renderingType=javascript&namespace=4078b1676c&subid=&uid=b1443312ad8c10ae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCcFwIlz97YJuPNsKIrAS6m5D4B4_g-IZT3aaLpMoM8C4QASCvwLZwYJUCyAEJqQIgAuV8Ixq0PqgDAaoE7wFP0ItHiUWcl5cLi9lr757NfAjVMBGil-yBTfNPslyhVDHoLT26d768slfzLv4AEMKeJcrKVQe5P-3W52dWoc_PEN6_Qk8-ZpAlDMTvR9vOpuTa6C6vggHAP3lDcUVQUI_aJI-MyaxlTgNOVJRKRxFZFarqqteI9NxWSSJgUExUF-61QM-f1gMKTCNup8xQVFg1k1qS8b5_sWgzUDnvxmOKdf9GIB1XRyOFJQ9UZXKYNT-eA61TdPAlZiS_DiGPnmNOyRB-WPZw_dP1t7N0C6XWfaW4osdepPTWZzPwfG9jn4nLGw68MD3oQqn_9dQubsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo1teYwc7LVcafzwDx4hcHvj5BUtBgW8jT2j5s1_3rf32Kk5Z0SpL7ecOjYkrMwc7V5nY_bwmjum_QR6E%26sig%3DAOD64_3kJHMskRsow7DCtuq4-BfVDacnRQ%26client%3Dca-pub-1409437888781518%26dbm_c%3DAKAmf-DydHeqO4N96MdxiVLNbyg4Dq-WWd1z9dMdwxOrXBlxE0f-Kv00cgPRu2UwQ7d5XJJE3iJjmtwIKHkh-37ws_KtfzooT9TtiP6sEGiHu4vS34IMW71LkezsN2jGItMVU6ZrRAQQD3BGrmIliFtRcwONNmeLGA%26cry%3D1%26dbm_d%3DAKAmf-CmFOki9lOdmXVVScB0TGYa52CVeuvSHaWX49Z59pom3BQqq-48DUjT0Qojm4B4y8Qlzm7Vv4x1nEDtSYA8deYrxi6GEQPTxQ2ScXxlc8SCUyJmaDEeacqbtwi0ellLPhcaZ4ziKCDaAnokbrfPSTgioa2mFVBSU0dZOP4DSYsTkI2i-21G-a4HyxvmeCUnYcJ1-KTHwz96PgUWplLpmbb84CZt8C1MH7O5gczXGnmDvo_r7Z1jt4qYKYd66AExREXgs9-WjTQ4E7X_FHGferd0z597OVRLN1Ce16QVDnIsqR6E9qKbh5T1tpJ9GDoryH0Xl_EZvDj7xHmzpv8iKTWst2TuXi1QLjlfxN2F50bLQc_XZr41-Os9hUqyQWsPrfJyYfoTAwqv1-nm11KZ4GFyFhP4PXOXGAg8YV05VoGKyGwVliFrCASUnnwtBs-iKcDmkrxCV-JVfpRjOWDfR9qTqVmHt8vg7GwdUten8mh781Jug2_xOLAxzkrLrJT-XzzsoULLC4H-X6A7XEJ2_rISog6Dv7bsJ-NA5P0_5oqGRkyY_swvjIYcH2KoFdxbMyQt6Z5ZmSOSzeRoAjt4rA9vCH4V6Ckbjt-qFSfsPY22kVYgN6XlVmYsmT5b2DF8QsRrog3ejaSGNPtgkoHQdrO4j8pVBcvrIJC0UTSYG0ra9G-R9hCc885v9xBPPBam-0sMh_VN-YSgHC7obKYpGZcwfQFmkg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.latimes.com%2F&ancestorOrigins=https%3A%2F%2Fwww.latimes.com&random=2293414473227&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Request Chain 237
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4025638199951690162&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 238
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=ibrGOHiiiCyFEyyR0bNLEg==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 240
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=nlR0h2df1LxRco5
Request Chain 241
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dopenx%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dopenx%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=9ca8cc52-5908-526b-a947-ce58c93cf1c7&ssp=openx&expires=30&user_group=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=c50738e3-0638-46f0-bd51-ad706dcf96ce
Request Chain 242
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFSkEwN0E5bjhBQUNxcjVrV2FQUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 245
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=3739850456940124250
Request Chain 246
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_11eda123-d16e-4f44-8081-e4a585dea624&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_11eda123-d16e-4f44-8081-e4a585dea624&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=c50738e3-0638-46f0-bd51-ad706dcf96ce HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=c50738e3-0638-46f0-bd51-ad706dcf96ce HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=28653c43-7bd1-4882-b098-a68bb1f68bea&ssp=gumgum2&expires=30&user_group=5&bsw_param=c50738e3-0638-46f0-bd51-ad706dcf96ce HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=1de1b6ff-212e-4791-8a5c-224bb3ccf682
Request Chain 247
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Dy0cZMTtT-bxLsJdLM-IlC91xiFMNEoRSM0hNtVQ2ZOFKmsuO4RxBZTWK8HlwwWx%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Dy0cZMTtT-bxLsJdLM-IlC91xiFMNEoRSM0hNtVQ2ZOFKmsuO4RxBZTWK8HlwwWx%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_11eda123-d16e-4f44-8081-e4a585dea624&obuid=ENC(Dy0cZMTtT-bxLsJdLM-IlC91xiFMNEoRSM0hNtVQ2ZOFKmsuO4RxBZTWK8HlwwWx) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DDy0cZMTtT-bxLsJdLM-IlC91xiFMNEoRSM0hNtVQ2ZOFKmsuO4RxBZTWK8HlwwWx%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=openx&obUid=Dy0cZMTtT-bxLsJdLM-IlC91xiFMNEoRSM0hNtVQ2ZOFKmsuO4RxBZTWK8HlwwWx&uid=e6fd6503-aeca-0cfe-0008-328bba11b683
Request Chain 248
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=a1d1e874-f931-0954-041c-70cbcafa70ee
Request Chain 249
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-d5e1ffce-48c1-4408-609e-44eb8d46f28e$ip$84.17.53.159
Request Chain 250
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-ot0_4nBE2pf8rm6JeIQrwmZQuINRvzY4L26h~A
Request Chain 251
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=4dbb9611-9fb8-11eb-92c8-493c66029fd8
Request Chain 254
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_11eda123-d16e-4f44-8081-e4a585dea624&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=
Request Chain 255
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=b7d74238-11fe-442a-985b-ec4acff48b67
Request Chain 256
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Request Chain 257
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=xusr4b8dBdI6&ev=1&pid=558355
Request Chain 259
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=a933607b-3f9c-4100-97a8-1d2a0e452464&gdpr=&gdpr_consent=
Request Chain 260
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YHs-nAAANzApdABg HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YHs-nAAANzApdABg&gdpr=&gdpr_consent=&_test=YHs-nAAANzApdABg
Request Chain 263
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=50016032-4ad4-4d9a-b9ca-db93bdb6eb91&t=1621281948
Request Chain 265
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YHs-ncCo8YwAAGg6KUgAAAAA
Request Chain 266
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1871878969296785799
Request Chain 267
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=vXGcuko3VAGVPrbjk75M&pi=gumgum&tc=1
Request Chain 268
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 269
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMeO1MDQhlTzeUtFr8qzSSM&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 278
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTExNjc2Nzk2NDI1OTQ3NjEwMTU%3D
Request Chain 280
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/11167679642594761015?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-knnYJb5E2oSlLVM_3l1X_UTPfSbUMyn0TH.A0nRogQ--~A&dongle=0883
Request Chain 281
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3739850456940124250&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 282
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=11167679642594761015 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11167679642594761015&dcc=t
Request Chain 283
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMeO1MDQhlTzeUtFr8qzSSM&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 288
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTExNjc2Nzk2NDI1OTQ3NjEwMTU%3D
Request Chain 290
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/11167679642594761015?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-knnYJb5E2oSlLVM_3l1X_UTPfSbUMyn0TH.A0nRogQ--~A&dongle=0883
Request Chain 291
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3739850456940124250&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 292
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=11167679642594761015 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11167679642594761015&dcc=t
Request Chain 293
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 297
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMeO1MDQhlTzeUtFr8qzSSM&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 298
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTExNjc2Nzk2NDI1OTQ3NjEwMTU%3D
Request Chain 300
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/11167679642594761015?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-knnYJb5E2oSlLVM_3l1X_UTPfSbUMyn0TH.A0nRogQ--~A&dongle=0883
Request Chain 301
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3739850456940124250&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 302
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=11167679642594761015 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11167679642594761015&dcc=t
Request Chain 303
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 309
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KNM67AUD-1-H8Q&ex=d-rubiconproject.com&status=ok
Request Chain 310
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEJKASYtAfoMQtStjMH9as9Q&google_cver=1
Request Chain 312
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB&dcc=t
Request Chain 313
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YHs-nI5ptGwGCKyi8eK4JAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF8fKl7W84aOK5MVqP6OQAU&google_cver=1
Request Chain 315
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1618776350
Request Chain 316
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=5e51783e-a1b9-4534-8a63-3a06756da5be&expiration=1650225952
Request Chain 317
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a933607b-3f9c-4100-97a8-1d2a0e452464
Request Chain 327
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YNY HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/v5r9rqdAxq1ixk4tdkOdMw?csrc=&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7635419384855118915
Request Chain 328
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1YNY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NNjdBVUQtMS1IOFE=&us_privacy=1YNY
Request Chain 331
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YHs-nAAANzApdABg&us_privacy=1YNY
Request Chain 332
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1YNY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjJhNzk3Zjc2OWVhMGMyZDZhYmEwZWVlYTlhMGZhNDJiNDQyMzZlZg&us_privacy=1YNY
Request Chain 333
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a933607b-3f9c-4100-97a8-1d2a0e452464
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECklLc4EaTO_azAoLhwV1hk&google_cver=1
Request Chain 335
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3739850456940124250
Request Chain 337
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB
Request Chain 338
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YHs-nAAANzApdABg
Request Chain 340
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=061f2204050114495f525d8b&expiration=[EXPIRATION]
Request Chain 341
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YHs-nI5ptGwGCKyi8eK4JAAA%261181 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YHs-nI5ptGwGCKyi8eK4JAAA%261181
Request Chain 342
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878969296785799
Request Chain 344
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4025638199951690162
Request Chain 345
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=5_EWX-KnGF789URZ4PMMDODyFVv89BIJ5aWEj5H1
Request Chain 346
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1621281952
Request Chain 347
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8843288730370667303&expiration=1619899550
Request Chain 348
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3739850456940124250
Request Chain 349
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a933607b-3f9c-4100-97a8-1d2a0e452464
Request Chain 350
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=19C2D881768C4EE989A7169C42F153D7
Request Chain 352
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 359
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=nlR0h2df1LxRco5
Request Chain 360
  • https://d.adroll.com/cm/index/ssp HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 363
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=368a8bd1-f6ca-ad89-70f2d697
Request Chain 364
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030003_607b3fa2c9bcb&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030003_607b3fa2c9bcb
Request Chain 365
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YHs-nI5ptGwGCKyi8eK4JAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF8fKl7W84aOK5MVqP6OQAU&google_cver=1
Request Chain 382
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=68c06cc3-b32b-4024-a478-466a0595d4a9&expiration=1626552352 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=68c06cc3-b32b-4024-a478-466a0595d4a9&expiration=1626552352&C=1
Request Chain 386
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_dbm=&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCCzRszu_JZ31FscRe0m7k&google_cver=1
Request Chain 387
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHs-oPOTvHbcpWlYCy.98wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCCzRszu_JZ31FscRe0m7k&google_cver=1&google_hm=2
Request Chain 392
  • https://hal90003.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=1628b5ff93&subid=&uid=6dc2bfc76a472206&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjLYXnj97YLq_IYe33wPmoqWoAo_g-IZT9aiLpMoM8C4QASCvwLZwYJUCyAEJqQIgAuV8Ixq0PqgDAaoE8gFP0Gljp0lb4EdcMgNiZhlF9gha3RD18QM3D_tBbbIWIEJW0IuH-9EWbRb5YlHGo2jg0xENGGxFkDgKy7ohobENL4emwacPWk9Ek-NjydtOXMQb6woxvH3PgAmrElb4_IfejWby1PK5NMk7X0ZfocaJuIL2o17ut9BysIMLp4ZvR5H6-JjzHGdTVo1LkJ5aGTjXPk7wnuzBdpa6SIcbI6cIK6KAhP4t5_W6j7YqwmsA-M-snne3cjYL1mWZDpmdUJSTBBgkFt24j9BZz2zNFtLu_r1HCrTKF2bWktBfBcBAJBnVVfip6c3k2ilbOGiPgjARJcAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo8oRWIojfhKDAfrJOLiv3Cg%26sig%3DAOD64_3IS7M56jYmeh1kARuZPSZuqcu1dw%26client%3Dca-pub-1409437888781518%26dbm_c%3DAKAmf-Cla-gdA8iDBlZT43DIvDTg83WFO6b0DeO79XK3uyNg_nXGc_4TrUbZu0lVRBPGXug7KwxiB7rqkQkEXYFWMtzuMQAevrhTfccVZpyH3wX7085oRnck0lHjkcTizG66_Av1sfF3iItxHhzgCsZugkBANVAz-w%26cry%3D1%26dbm_d%3DAKAmf-DGirQ5Wfqfj4c5HtvNiRcCJgiNJjRPChIzFlgTRwp2Ln9OVkE0tXUykt488Atiu8kjAz8eoVfXeDlSTGHfbHyYQ4lu1y3ozPl0yF4xj9mt91jeyY_9El4srVYDbknwayohENQO6keBDZSIsQ1nXgyFkySJ_HwIZYUmEcVkaPX7ERB5wb7slBjIqrmlETfEKOi58VvgiMTs9IBhLbmXemUGrty6cPlYIwUfhelIbXxFVnF5HAPTsdGp3uPF1k4rWUzV21TpLOtvYlf6OsV-DLmXum7UdHKeK-5R09L0QSEJAT9sD-N5W94RrDKzZaXkqmuJ_dEBmGYk6avyG4iCggrIiNSe6PGZWF8iE143uTHqJrSZnd2Wtn4rgRekycvdDHZkC7H6QNTZR6b-xgMnBH_B5ceSOanf1CrDLNyO-qeA_Axj_aF1p1RTGyXr3EZi28MfRwgRaEGU96quPF1_j0wvIbP3nBHke3xofAPtiEEVuFirjs1gfs7cStD58a9DRvaEBkhLDl3xMPrmimw1shKe0utXdiPwG7GZt9v0aLvmkbQJ8AXtN2JTSTZeXUg19xMxE2xGr0Ry3sxWPk-2NG_znlC_mrTnSiHqaywoiU4FKLIBp21LXKa3QamkoxdwZbeFN6sd6jmzvd-mghqZ4l3CbBc62bmxRKmlpgsK8HXMCYpXqbcLnYlpi4tPz-Ubf4RvSy-AP6Q9rNGOFteMdob23boZPA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.latimes.com%2F&ancestorOrigins=https%3A%2F%2Fwww.latimes.com%2Chttps%3A%2F%2Fwww.latimes.com&random=4729719290886&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
  • https://hal90003.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=1628b5ff93&subid=&uid=6dc2bfc76a472206&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjLYXnj97YLq_IYe33wPmoqWoAo_g-IZT9aiLpMoM8C4QASCvwLZwYJUCyAEJqQIgAuV8Ixq0PqgDAaoE8gFP0Gljp0lb4EdcMgNiZhlF9gha3RD18QM3D_tBbbIWIEJW0IuH-9EWbRb5YlHGo2jg0xENGGxFkDgKy7ohobENL4emwacPWk9Ek-NjydtOXMQb6woxvH3PgAmrElb4_IfejWby1PK5NMk7X0ZfocaJuIL2o17ut9BysIMLp4ZvR5H6-JjzHGdTVo1LkJ5aGTjXPk7wnuzBdpa6SIcbI6cIK6KAhP4t5_W6j7YqwmsA-M-snne3cjYL1mWZDpmdUJSTBBgkFt24j9BZz2zNFtLu_r1HCrTKF2bWktBfBcBAJBnVVfip6c3k2ilbOGiPgjARJcAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo8oRWIojfhKDAfrJOLiv3Cg%26sig%3DAOD64_3IS7M56jYmeh1kARuZPSZuqcu1dw%26client%3Dca-pub-1409437888781518%26dbm_c%3DAKAmf-Cla-gdA8iDBlZT43DIvDTg83WFO6b0DeO79XK3uyNg_nXGc_4TrUbZu0lVRBPGXug7KwxiB7rqkQkEXYFWMtzuMQAevrhTfccVZpyH3wX7085oRnck0lHjkcTizG66_Av1sfF3iItxHhzgCsZugkBANVAz-w%26cry%3D1%26dbm_d%3DAKAmf-DGirQ5Wfqfj4c5HtvNiRcCJgiNJjRPChIzFlgTRwp2Ln9OVkE0tXUykt488Atiu8kjAz8eoVfXeDlSTGHfbHyYQ4lu1y3ozPl0yF4xj9mt91jeyY_9El4srVYDbknwayohENQO6keBDZSIsQ1nXgyFkySJ_HwIZYUmEcVkaPX7ERB5wb7slBjIqrmlETfEKOi58VvgiMTs9IBhLbmXemUGrty6cPlYIwUfhelIbXxFVnF5HAPTsdGp3uPF1k4rWUzV21TpLOtvYlf6OsV-DLmXum7UdHKeK-5R09L0QSEJAT9sD-N5W94RrDKzZaXkqmuJ_dEBmGYk6avyG4iCggrIiNSe6PGZWF8iE143uTHqJrSZnd2Wtn4rgRekycvdDHZkC7H6QNTZR6b-xgMnBH_B5ceSOanf1CrDLNyO-qeA_Axj_aF1p1RTGyXr3EZi28MfRwgRaEGU96quPF1_j0wvIbP3nBHke3xofAPtiEEVuFirjs1gfs7cStD58a9DRvaEBkhLDl3xMPrmimw1shKe0utXdiPwG7GZt9v0aLvmkbQJ8AXtN2JTSTZeXUg19xMxE2xGr0Ry3sxWPk-2NG_znlC_mrTnSiHqaywoiU4FKLIBp21LXKa3QamkoxdwZbeFN6sd6jmzvd-mghqZ4l3CbBc62bmxRKmlpgsK8HXMCYpXqbcLnYlpi4tPz-Ubf4RvSy-AP6Q9rNGOFteMdob23boZPA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.latimes.com%2F&ancestorOrigins=https%3A%2F%2Fwww.latimes.com%2Chttps%3A%2F%2Fwww.latimes.com&random=4729719290886&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Request Chain 400
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEG0WJBSzedENlgkjko260BI&google_cver=1&google_push=AQvitUK79U-2-LSEbNdI3QVqt58PxOEWVu0xOnHTnbpisXbAX-mKWsI7_R2lSp1trcMo1aNW_bl2XULyPhv_pUAyhG9-A5MpPTQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzMzNjkxNTMyMzUzMzk4NjIyNg== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEJ7B9bSXTMAPA48KnsQjkM0&google_cver=1
Request Chain 402
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPJsTBdzdIZ4Y2vzF7BewsQ&google_cver=1&google_push=AQvitUKIjJH-egoJb74ZPpxEcEXoUhmW6L4kX_kJjF5E0xexAqyLclD_gXvMJqxY_cZb4SgCmzpfdR5RXk_-yQDGW1AeRrCNli4U&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUKIjJH-egoJb74ZPpxEcEXoUhmW6L4kX_kJjF5E0xexAqyLclD_gXvMJqxY_cZb4SgCmzpfdR5RXk_-yQDGW1AeRrCNli4U%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPJsTBdzdIZ4Y2vzF7BewsQ&google_cver=1&google_push=AQvitUKIjJH-egoJb74ZPpxEcEXoUhmW6L4kX_kJjF5E0xexAqyLclD_gXvMJqxY_cZb4SgCmzpfdR5RXk_-yQDGW1AeRrCNli4U&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUKIjJH-egoJb74ZPpxEcEXoUhmW6L4kX_kJjF5E0xexAqyLclD_gXvMJqxY_cZb4SgCmzpfdR5RXk_-yQDGW1AeRrCNli4U%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 403
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO08DDQX38fRTzZ3BJCvDyc&google_cver=1&google_push=AQvitUJ8MLAZcvLtTfKUtywj2-wHDBeHEdfmGEA-RMLE-U9Wx55iC6XCatjsxBesB32_wCGyzxosXLRo6-MsOQe2qUCGaaMgfWkk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NNjdFTkUtMS1FTENZ&google_push=AQvitUJ8MLAZcvLtTfKUtywj2-wHDBeHEdfmGEA-RMLE-U9Wx55iC6XCatjsxBesB32_wCGyzxosXLRo6-MsOQe2qUCGaaMgfWkk
Request Chain 404
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEohcjxEDirR5i02hToDXDs&google_cver=1&google_push=AQvitUINgCxzYwH2ttN3cnJt4ilFHp-ilKvvZdH8lLYMjbm5YCmx2CeYTYXP3wxNf6KzOutImafOZMGpoSakptzH-lveGCufWBSC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=57deaef958ecddd4cd4f&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUINgCxzYwH2ttN3cnJt4ilFHp-ilKvvZdH8lLYMjbm5YCmx2CeYTYXP3wxNf6KzOutImafOZMGpoSakptzH-lveGCufWBSC
Request Chain 405
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHnWpy1XFWkleTWpHTcyALE&google_cver=1&google_push=AQvitUInxteGvqNHarM33_nJh3OpZqdxfNUvastksbZa2hLbl-1QJOuYdSGKk4Rgv85JmskqRfTiU_jV-KVbDaHsl2k2mYm3IUxk HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUInxteGvqNHarM33_nJh3OpZqdxfNUvastksbZa2hLbl-1QJOuYdSGKk4Rgv85JmskqRfTiU_jV-KVbDaHsl2k2mYm3IUxk&google_gid=CAESEHnWpy1XFWkleTWpHTcyALE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTIwMTk2NTg0NzYwNjE2NDUyNg%3D%3D&google_push=AQvitUInxteGvqNHarM33_nJh3OpZqdxfNUvastksbZa2hLbl-1QJOuYdSGKk4Rgv85JmskqRfTiU_jV-KVbDaHsl2k2mYm3IUxk
Request Chain 406
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGfRh5H7hbO0bXcqqZAm7Gw&google_cver=1&google_push=AQvitUJ1x7NNynb-3qImWRIcrG8CRKwxhmnbfvf9fdfETs4rhLQoFnik6XSdYkTF4Su9bw3dJw-FeYhReccSUbX81LaUKxuDfvWRYQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGfRh5H7hbO0bXcqqZAm7Gw&google_cver=1&google_push=AQvitUJ1x7NNynb-3qImWRIcrG8CRKwxhmnbfvf9fdfETs4rhLQoFnik6XSdYkTF4Su9bw3dJw-FeYhReccSUbX81LaUKxuDfvWRYQ&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SWHNSempaRTJ1RnQxVkxsQjN6TkU5SXRHV2FEdHRxOH5B&google_push=AQvitUJ1x7NNynb-3qImWRIcrG8CRKwxhmnbfvf9fdfETs4rhLQoFnik6XSdYkTF4Su9bw3dJw-FeYhReccSUbX81LaUKxuDfvWRYQ

500 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTc...
info.silobreaker.com/e2t/tc/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fe31c763602d19c9c07432fa049c3749f79c6627886a45b0a280fbd439ba3cf

Request headers

:method
GET
:authority
info.silobreaker.com
:scheme
https
:path
/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:38 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=d0207d629490fd361774292ba88b9efa31618689938; expires=Mon, 17-May-21 20:05:38 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=1aa1217a4d3a87eb54d3e45ad36288e10b13322e-1618689938; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray
641844f5cdf1650f-FRA
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
0983096d9c0000650f88b9c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7k4rCGl5XMn3sXwp7wn4RYUCFnhKFj%2BeyMm1d1j4dP0s0JWEhGrmRfXk4ldVr%2BRgLuNkdqzD3CLtoVkSC0x9LLA0zjfe4zeflgWAxNszpmIHnMn3yg%3D%3D"}],"max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
content-encoding
br
Primary Request donald-trump-election-fraud-lies-psychology
www.latimes.com/opinion/story/2020-12-06/
Redirect Chain
  • https://info.silobreaker.com/events/public/v1/track/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1...
  • https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-...
279 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-121.cph50.r.cloudfront.net
Software
Apache Tomcat / Brightspot
Resource Hash
a2d1be88bb13a44fbe5f69ba8829764f1257120aea25adcdd991c952e2a746a7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:method
GET
:authority
www.latimes.com
:scheme
https
:path
/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1

Response headers

content-type
text/html;charset=UTF-8
cache-control
max-age=180
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
date
Sat, 17 Apr 2021 20:05:39 GMT
server
Apache Tomcat
x-powered-by
Brightspot
x-robots-tag
nofollow
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 cfdd20e60ffbfd2a5f3d8cc3027d54fb.cloudfront.net (CloudFront)
x-amz-cf-pop
CPH50-C1
x-amz-cf-id
6BhF2jMEchqpzWQsUppd7XymBhK9GWoZ1SthwmRZEE6PxSyhfjnz5Q==

Redirect headers

date
Sat, 17 Apr 2021 20:05:39 GMT
location
https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
cf-ray
641844f68e38650f-FRA
link
<https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU>; rel="canonical"
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
0983096e130000650f7f210000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-robots-tag
none
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7tQEjrOSGHifuyf7lrifv7F3uwvfiMy54rJlHGwI2IZI3mebrdUgEy1B%2FqIaqwAtiO1B39PEpLhack9FOzwAhzOBX6lEIXe738CqNtTHFrn8%2BYf8zA%3D%3D"}],"max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
Bootstrap.js
activate.platform.californiatimes.com/caltimes/latimes/ 		493 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fe9b3c40f08efa611a6393dd42f8cf68a2c0814e5e1c56b3ba204624e6bd2a7f

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:40 GMT
content-encoding
gzip
last-modified
Tue, 06 Apr 2021 21:52:13 GMT
server
nginx
etag
W/"606cd80d-7b55f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
styles-creative.min.3c28334e3e859031339302babe612088.gz.css
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/ 		241 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/styles-creative.min.3c28334e3e859031339302babe612088.gz.css
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-6.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea08f114219e1ad0e9a72a61a539af7550d48c378d2da24a366d6dc4e15ff06f

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 21:36:50 GMT
content-encoding
gzip
age
253731
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
38921
last-modified
Wed, 14 Apr 2021 21:18:34 GMT
server
AmazonS3
etag
"4dd09e0803d1ec248f5417a9c6389acd"
x-amz-version-id
IQjehijNL3M0fmTx_7TYwMZjIRFYK0bU
via
1.1 a14ac175c5535de44ce87bfddfa7ddbf.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
fWg1FxGL_IZJcNJOJbGIZqBqwH6uaLlOQUd8xRcTfKCk2Lnfp-hJhQ==
Core.min.81c7fc08ddb556ef913ab2e26309ac16.gz.js
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/ 		202 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/Core.min.81c7fc08ddb556ef913ab2e26309ac16.gz.js
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-6.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66fe80ef794ce93cc18c5cc78c8fe712fa568a76115c685cb35752c6c4cb4a25

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 21:36:50 GMT
content-encoding
gzip
age
253731
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43998
last-modified
Wed, 14 Apr 2021 21:17:25 GMT
server
AmazonS3
etag
"c5394729bcb9db3a663c30ea4b7b982c"
x-amz-version-id
GqeVfev5E.Pg8iKJkZ76LiQofqCYUtLg
via
1.1 a14ac175c5535de44ce87bfddfa7ddbf.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
content-type
text/javascript
x-amz-cf-id
vRNJWAGLDXndrtVbrCQqWl11nf4KZKUPTVn9IVol3c_-d71DPhsRnA==
Ads.min.581a7fa7a10268a2cec8d3ebd7f17e72.gz.js
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/ 		38 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/Ads.min.581a7fa7a10268a2cec8d3ebd7f17e72.gz.js
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-6.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43a510582ccf92750e1f2c580566c9b96faa380f36d0d666c23b3c9ef66e3fb8

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 21:36:50 GMT
content-encoding
gzip
age
253731
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
8798
last-modified
Wed, 14 Apr 2021 21:17:25 GMT
server
AmazonS3
etag
"2873ecbd7f602f573a2d31da9e456fd1"
x-amz-version-id
LZ7tR9esUFOvKkteJKYIU1hRls0sNgNq
via
1.1 a14ac175c5535de44ce87bfddfa7ddbf.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
content-type
text/javascript
x-amz-cf-id
5jvjNA7u2_7fW-jZI3GVH0ZPw878Q_9S0pI3NrChZ2IEF3JC1pz7Iw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 15:20:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17115
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Apr 2022 15:20:25 GMT
latspot.min.js
ssor.platform.californiatimes.com/reg/tribune/ 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssor.platform.californiatimes.com/reg/tribune/latspot.min.js
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.90.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
24d326a63f65ba62a9abd555bb74bc27cba9728587aa54799576b269ae01b0a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
402
x-cache
Hit from cloudfront
status
200 OK
x-request-id
46f1979c9f932d8c62a14dcb2bad3c30
x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.003291
x-content-digest
30027b0c4bd61002fb35b459ded903b57d6136bd
last-modified
Tue, 09 Mar 2021 08:38:48 GMT
server
Apache
x-host-info
ip-10-22-141-108; development
etag
16873302742847327881
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control
max-age=900, public, must-revalidate
x-amz-cf-pop
FRA50-C1
httpd-identifier
ip-10-22-141-108.us-west-2.compute.internal
x-amz-cf-id
jT6c1x7FYVqe196tz3waMhLCpREryJOBFXRHGZUbqo3PKIEeRlXJdg==
x-rack-cache
fresh
latspot.js
libs.platform.californiatimes.com/meteringjs/ 		168 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.platform.californiatimes.com/meteringjs/latspot.js
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5525e0d6f3cd7ec5a0be64d91501ffda2db89a2ffb52895479a9ae4aebad158c

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:58:42 GMT
content-encoding
br
etag
W/"5ee0eb4e4b9ad5fbb29a2323b150ee4d"
last-modified
Fri, 16 Apr 2021 16:55:57 GMT
server
AmazonS3
age
419
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
YW-Sgvo2PuEAc9eGEFkaOWLxTLQ1GVDi8Xs01iN_6BEWuk8ZcLv4Fg==
20520_latimes.js
ads.rubiconproject.com/prebid/ 		281 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/20520_latimes.js
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.212.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-212-16.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
357ee57c2e9ed9defdcb777b66b63c01e10adbc9bafabea146907c0730164a14

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Apr 2021 21:52:00 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=12483
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86147
Expires
Sat, 17 Apr 2021 23:33:43 GMT
config.js
confiant-integrations.global.ssl.fastly.net/GfBGK_P3Adzw1hvTTkQjebew6Z4/gpt_and_prebid/ 		99 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/GfBGK_P3Adzw1hvTTkQjebew6Z4/gpt_and_prebid/config.js
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7893b347476acdc54088886b51d4a623d22106078aba68ecbef90d1dce53002

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:40 GMT
Content-Encoding
gzip
Age
204
X-Cache
HIT
Connection
keep-alive
Content-Length
22820
x-amz-id-2
FHBERxFr12cDsYwJBgRvR3f9SdCArUGRl4+Bg6P2Gb+rVbP3HkADZ93QKL94Ctklo4AO3iTeDzo=
X-Served-By
cache-hhn4077-HHN
Last-Modified
Sat, 17 Apr 2021 19:34:16 GMT
Server
AmazonS3
X-Timer
S1618689940.199053,VS0,VE0
ETag
"eb7cfdacda2c67601d3186fd5f924e6b"
x-amz-request-id
2JXMJSE64DYDWPWG
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
2
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
bee022a4099fdb924d19ba7cdd46c87f30d360ccf955a7fdcb45f8f83ddf4b2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"846 / 281 of 1000 / last-modified: 1618610925"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21051
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:05:40 GMT
latest.js
libs.platform.californiatimes.com/modalityjs/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.platform.californiatimes.com/modalityjs/latest.js
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
faf9d8a0aaad67f389822224a487c77856849cbb97d4d5b37527f72fb676cf0e

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:51:02 GMT
content-encoding
br
etag
W/"50f13461b0b5d380ad78f2cc5824e047"
last-modified
Tue, 09 Mar 2021 00:31:37 GMT
server
AmazonS3
age
879
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
PxCxPi8fNdklDPlHrMtpiR_aF4s926QAWG2vxRTTBhThHx7RGNUKmg==
latest.js
libs.platform.californiatimes.com/newsletter-campaign-manager/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.platform.californiatimes.com/newsletter-campaign-manager/latest.js
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6462d923a5debc7d62c87102ceee55a4614dbdf691c6cea386d787c1ad89b9e

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:51:01 GMT
content-encoding
br
etag
W/"8f963aa91e936029044d96713f8034d8"
last-modified
Fri, 12 Mar 2021 19:29:37 GMT
server
AmazonS3
age
899
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ZPk0rMV9u7R7cX79O5DK5ztzyKi7EseDwbKfem2Z_zwRGgiFekra3w==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
033371b7ed2088166f1f2593517b3c329bc45b0655994614b56eb6cab5a6127b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
lK1XownymKaghUSc9MXKZw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1778
x-fb-rlafr
0
x-fb-debug
Be1vi3rcsk2+7CEo2Fe/0DCzL2OljCT0iwcC4Zz9ajPfGHMT5zDvPmrlnOqXHgXVZ2eFlowWIZ9832KWjUdMSg==
x-fb-trip-id
917726464
x-fb-content-md5
feed906b3211619e8f46e96917512d9f
x-frame-options
DENY
date
Sat, 17 Apr 2021 20:05:40 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"de5e43fe23cc0a14b4cdd40bf90d866f"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 17 Apr 2021 20:05:47 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		125 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-247-127.cph50.r.cloudfront.net
Software
Server /
Resource Hash
4905a742ec40bb99e91d6877bae12d79284ba3e1e8a42399f7bb2c3781fd3ae6

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:59:11 GMT
content-encoding
gzip
server
Server
age
388
etag
24ac8c0f0d59670e43bc0b1990070642
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
cntORbdinoTEg._SSRcm2IZ7YHrE5fKg
x-amz-cf-id
d5IBquKeSUZ-cNLBp4FU1f102vrxybL9tfe8EbkY0CpU-YuIRXHLcA==
/
ca-times.brightspotcdn.com/dims4/default/b1a4fbe/2147483647/strip/true/crop/3840x2560+0+0/resize/840x560!/quality/90/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ca-times.brightspotcdn.com/dims4/default/b1a4fbe/2147483647/strip/true/crop/3840x2560+0+0/resize/840x560!/quality/90/?url=https%3A%2F%2Fcalifornia-times-brightspot.s3.amazonaws.com%2F63%2F09%2F4372c746438a87a3e42831274411%2Fla-photos-1staff-656699-la-na-stop-the-steal-rally-jja-005.JPG
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-6.cph50.r.cloudfront.net
Software
Apache /
Resource Hash
94c9a3f553bf65b055372b7246bd009485abbdffca4e2e211fe5cbe4d64dc674

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 11:09:18 GMT
via
1.1 a14ac175c5535de44ce87bfddfa7ddbf.cloudfront.net (CloudFront)
server
Apache
age
32182
etag
9cb85e1c4ab379ef264cce198a8c1795
x-cache
Hit from cloudfront
content-type
image/jpeg
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-amz-cf-pop
CPH50-C1
x-robots-tag
nofollow
content-length
155265
x-amz-cf-id
TS91SvS8gKcC9lgSeUQXL0c4CBC_VLUa32P3PsS0IqCUrkxcLBz3Fw==
expires
Sun, 17 Apr 2022 11:09:18 GMT
BentonGothic-Medium.0af2a448f6d58f8dd85f039eba38b50f.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/BentonGothic-Medium.0af2a448f6d58f8dd85f039eba38b50f.woff2
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-6.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d12680bfc77396330439d134956e2f0c67c5ef889ad0b9396e5e22bba81dfdb

Request headers

Origin
https://www.latimes.com
Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 00:18:02 GMT
via
1.1 2f96681b7e4a677eb6259e6f756581c2.cloudfront.net (CloudFront)
vary
Origin
age
330459
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14336
last-modified
Thu, 07 May 2020 19:28:36 GMT
server
AmazonS3
etag
"28ac691e5e6e27bbe25e29d7b864978b"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
P_Pz7NQ4dM8572jJobfHdniAHPA4pbz4
access-control-allow-origin
https://www.latimes.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
e3nX_IEGSXQ_sKAlaMNeJW8KKrb_2tdDwiAtzA86atXLvxCFw6W0og==
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
BentonGothic-Bold.0173e1397f3e876c231fe162dd06864a.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/BentonGothic-Bold.0173e1397f3e876c231fe162dd06864a.woff2
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-6.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c53ea495e43386054567a488d1e6e03f8b93b0bfb4cd85602212df7bf182a7ea

Request headers

Origin
https://www.latimes.com
Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 00:18:02 GMT
via
1.1 2f96681b7e4a677eb6259e6f756581c2.cloudfront.net (CloudFront)
vary
Origin
age
330459
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14180
last-modified
Thu, 07 May 2020 19:28:36 GMT
server
AmazonS3
etag
"4e123dc0e3e9bebc896cda50ed712ecf"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
vAsX.0H.a11CQTkYCEBS5Bh0UlciG0c9
access-control-allow-origin
https://www.latimes.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
Gu4wGzevOkeroDqUs7SM49Avdag3C9uwtslJwX80x9W9l9e7LO3wag==
KisFBDisplay-Roman.6f505bd99ff1b58341f6ac7abe7fc12a.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/KisFBDisplay-Roman.6f505bd99ff1b58341f6ac7abe7fc12a.woff2
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-6.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
016aae8f0f82dc232da12bca20292f2c731d221a3b9742d6ec0b13842acaa43b

Request headers

Origin
https://www.latimes.com
Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 00:18:02 GMT
via
1.1 2f96681b7e4a677eb6259e6f756581c2.cloudfront.net (CloudFront)
vary
Origin
age
330459
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
32204
last-modified
Thu, 07 May 2020 19:28:37 GMT
server
AmazonS3
etag
"8810b04f2244c556bdb193e6b775b56b"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
.hPQsYt.nBHijdVYe8.MwBFIUiEbzuLp
access-control-allow-origin
https://www.latimes.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
5HqmKjhnKQhtxBrRWGslFmL2eOqRCIhGKwbaAO71fraxszxooSymXw==
OpenSans-Regular.1f71c04f75cb2a99699887de21232e77.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/OpenSans-Regular.1f71c04f75cb2a99699887de21232e77.woff2
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-6.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Request headers

Origin
https://www.latimes.com
Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 00:18:03 GMT
via
1.1 2f96681b7e4a677eb6259e6f756581c2.cloudfront.net (CloudFront)
vary
Origin
age
330458
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14380
last-modified
Tue, 09 Jun 2020 19:24:10 GMT
server
AmazonS3
etag
"33543c5cc5d88f5695dd08c87d280dfd"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
2BGq1ldq6Zy9zv64LF1xUetI6qCsQIxP
access-control-allow-origin
https://www.latimes.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
AJJwQekE1EFpyrRwOOm-0bWFpeITF_XnHfXJdHYnjDh0aj_W9mM62Q==
KisFBDisplay-Bold.4046c096f268453d9b0ff36ff067feec.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/KisFBDisplay-Bold.4046c096f268453d9b0ff36ff067feec.woff2
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-6.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
603e88a690c49d42ecfd23639743414ef2f4fa059284a1794acbce524d9c21ca

Request headers

Origin
https://www.latimes.com
Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 00:18:02 GMT
via
1.1 2f96681b7e4a677eb6259e6f756581c2.cloudfront.net (CloudFront)
vary
Origin
age
330459
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
31908
last-modified
Thu, 07 May 2020 19:28:37 GMT
server
AmazonS3
etag
"3439c2cbafcfb9062b3acf1de85736bb"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
YSwtQZTZMrls1W1jJbskdEPk1RCSRgbz
access-control-allow-origin
https://www.latimes.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
m279vz1L0V9CV_vJ0Yp45gX3TOrCDJKORfJ2ds0byktYUVtvtOlMlw==
OpenSans-SemiBold.d359e4ab02cc5eaf5123835b4668307b.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/OpenSans-SemiBold.d359e4ab02cc5eaf5123835b4668307b.woff2
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-6.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Request headers

Origin
https://www.latimes.com
Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 00:18:26 GMT
via
1.1 2f96681b7e4a677eb6259e6f756581c2.cloudfront.net (CloudFront)
vary
Origin
age
330435
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14880
last-modified
Tue, 09 Jun 2020 19:24:10 GMT
server
AmazonS3
etag
"819af3d3abdc9f135d49b80a91e2ff4c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
JIe.n0KsVJCjLIndP3ZWDNDZD1hmaI7Y
access-control-allow-origin
https://www.latimes.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
TsCl0evPgBOqpJBeUFmPRwUFDjDpTSZ5QTwy6Xt7ftnzwmhU7ggysA==
1.gif
activate.platform.californiatimes.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activate.platform.californiatimes.com/privacy/v1/b/1.gif?n=0&c=2715&i=8thlsj&p=latimes&s=308&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNDU1IiwiY2xpZW50SWQiOjI3MTUsInB1Ymxpc2hQYXRoIjoibGF0aW1lcyIsImluc3RhbmNlSWQiOiI4dGhsc2oiLCJwYWNrZXQiOjAsIm1vZGUiOiJlbmZvcmNlWgDyJ29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLMA8BkiLCJ0eXBlIjoiYmlsbGluZyIsInN0YXJ0IjoxNjE4Njg5OTQwNjY2WgDAZCI6LTEsInNvdXJjMgACKwBhdHVzIjoiZgBAYXNvbmUA010sImRhdGFQYXR0ZXISAMAibGlzdCI6W119XX0
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:40 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sat, 17 Apr 2021 20:05:39 GMT
serverComponent.php
activate.platform.californiatimes.com/caltimes/latimes/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://activate.platform.californiatimes.com/caltimes/latimes/serverComponent.php?r=882.6166248946561&namespace=CalTimes&staticJsPath=activate.platform.californiatimes.com/caltimes/latimes/code/&publishedOn=Tue%20Apr%2006%2021:52:12%20GMT%202021&ClientID=2715&PageID=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4a559d469044f4ea0ce0402f5dc44dbe192f28f749f9d7a310b26f8316e5d839

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:40 GMT
cache-control
no-cache, no-store
content-type
text/javascript
server
nginx
content-encoding
gzip
vary
Accept-Encoding
expires
Sat, 17 Apr 2021 20:05:39 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gpt/202104121324/ 		191 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gpt/202104121324/wrap.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
158d7c3c8d931a587c66b7947fdc4a9e9c741dade62fff14a88430482835c4a2

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:40 GMT
Content-Encoding
gzip
Age
774
X-Cache
HIT
Connection
keep-alive
Content-Length
58345
x-amz-id-2
908L94XXz/NPt0KLX41VlOO4giUVLlYahLMwy6e+tsmEe3jKW4sfJCS/beaVT8/z3WqIaUhxItI=
X-Served-By
cache-hhn4077-HHN
Last-Modified
Mon, 12 Apr 2021 17:25:04 GMT
Server
AmazonS3
X-Timer
S1618689941.896835,VS0,VE0
ETag
"433db6c7dd2773cf1cb7be08520ec08b"
x-amz-request-id
5FMZFTNP4W280YTR
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
985
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid/202104121324/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/prebid/202104121324/wrap.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9f62c3875012662294f9653e4116e7ccb9b612202d6b43248e11cc39ad07893

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:40 GMT
Content-Encoding
gzip
Age
847
X-Cache
HIT
Connection
keep-alive
Content-Length
27577
x-amz-id-2
gwOdOfZUXyZ15vG77Ee8Xuue7kr8XuFI4SUGD9tZUnoex1koqRu+EdcHdgihSVVft8xXx+8YQzw=
X-Served-By
cache-hhn4077-HHN
Last-Modified
Mon, 12 Apr 2021 17:25:06 GMT
Server
AmazonS3
X-Timer
S1618689941.991619,VS0,VE0
ETag
"f56955ab8ecd49b50ae9336e4ece4ad4"
x-amz-request-id
AT0DWBSZBXNSFA06
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
1031
wrap.js
confiant-integrations.global.ssl.fastly.net/native/202104121324/ 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/native/202104121324/wrap.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b251e71f1986d056ac51fcdbc492a97fd915695dfaf4ca8a21670829ea9dfe62

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:40 GMT
Content-Encoding
gzip
Age
707
X-Cache
HIT
Connection
keep-alive
Content-Length
37415
x-amz-id-2
sNNjLTvNs0iBuQ6Ug1Ttu4QmStIfaR1QlDj3ySF5TRh8LbcF8hw9OTAADW1N5zTtUX6pKYOJQJ4=
X-Served-By
cache-hhn4058-HHN
Last-Modified
Mon, 12 Apr 2021 17:25:17 GMT
Server
AmazonS3
X-Timer
S1618689941.991330,VS0,VE0
ETag
"c0e8a4b520916c48c3a7c418874ddb4e"
x-amz-request-id
VYB1YPQJGTDJWBJD
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
42
sdk.js
connect.facebook.net/en_US/ 		216 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=e2d2ff92f16df1aa12ccd580eabee3e3&ua=modern_es6
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
33890fe8908cf63bffe808e7b65109aaa7821440231a1f010136611f3e07e404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.latimes.com
Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
TpLW/2456pBM+U5ewtcWmQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
65488
x-fb-rlafr
0
x-fb-debug
OflztP0Ry5MNOeQQYiljkbMp3g9cD6rZyDkHN4djjJmW8Y847pbStQjSIe6AF+p8yA/OufPkcllbXkEgD77+gA==
x-fb-content-md5
f71e5076dcaee7662557af4056cecf7e
x-frame-options
DENY
date
Sat, 17 Apr 2021 20:05:40 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"d753a11aef8debcf4bbd5e501b4149fd"
timing-allow-origin
*
priority
u=3,i
expires
Sun, 17 Apr 2022 18:20:41 GMT
pubads_impl_2021041301.js
securepubads.g.doubleclick.net/gpt/ 		295 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
31e420b79e7760a7860ed2fb595c4f11b498559791571fed7eb22be20c7fa5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 08:38:34 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106168
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:05:41 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-247-127.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
25780
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Sat, 17 Apr 2021 13:01:11 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 57af23226116253ff93e917fe6898ea3.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
CPH50-C1
x-amz-cf-id
pGjg9n3bVXPSnnb70DYF0nrkZPXVsDeF0WDymLDvem24Ri3OhdAnWA==
f72651f16a977d9b8debd2dcfdd737b3.10c8cc713f8c1307d4af35a1361dbf60.svg
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/f72651f16a977d9b8debd2dcfdd737b3.10c8cc713f8c1307d4af35a1361dbf60.svg
Requested by
Host: ca-times.brightspotcdn.com
URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/styles-creative.min.3c28334e3e859031339302babe612088.gz.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-6.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c4f8404b2bf35e9a5ad44252d596bca4e2338cf2b5291ad95fb83ab355957633

Request headers

Referer
https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/styles-creative.min.3c28334e3e859031339302babe612088.gz.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 23:31:36 GMT
via
1.1 a14ac175c5535de44ce87bfddfa7ddbf.cloudfront.net (CloudFront)
last-modified
Tue, 06 Apr 2021 23:01:39 GMT
server
AmazonS3
age
938046
etag
"cabd7d16e41def650df8737fc638fdb0"
x-cache
Hit from cloudfront
x-amz-version-id
zafoSFaqdVrnWh3.uCePTeGGcc3QwUr2
cache-control
public, max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
content-type
image/svg+xml
content-length
2260
x-amz-cf-id
zgJJVkN42LC1Nm1Xvi3NyKxi9qI6UOjnV5iE9L1IUfhipnIJFvloDg==
BentonGothic-Regular.0c532721f81fc3dc5537f4f33e2023d8.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/BentonGothic-Regular.0c532721f81fc3dc5537f4f33e2023d8.woff2
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-6.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ded94c8116574205c09c29b6cfe362eb00915e99edefab4394ccc31ab5a16645

Request headers

Origin
https://www.latimes.com
Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 00:18:23 GMT
via
1.1 2f96681b7e4a677eb6259e6f756581c2.cloudfront.net (CloudFront)
vary
Origin
age
330439
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
13820
last-modified
Thu, 07 May 2020 19:28:36 GMT
server
AmazonS3
etag
"563755bdfd2fe14b90b3c3f6c44f5b6b"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
Rrcg8twjrBcX5UMTzi6yojv_wJuj5LUC
access-control-allow-origin
https://www.latimes.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
VeJPI5n4bdDRkk1H1O6F6X7YDkJKc5oM1t0zlMPZe7ewlJqUWHh7ag==
load.js
s.ntv.io/serve/ 		353 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.83 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-83.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:41 GMT
Content-Encoding
gzip
x-amz-request-id
3Z1RZFBK2SK97KRW
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
26eUqsiGTtZgM2TSdBx+wWk/h+g6xwMvKHYmZyp/rReeWqm6roXmJmUQp8CbOfEB8a4B/ec9pvI=
Last-Modified
Tue, 13 Apr 2021 17:19:57 GMT
Server
AmazonS3
ETag
"4330b9a8c8acd8b7385eb09575a0f098"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
f3d421207553e584e7c891889d52c322.js
activate.platform.californiatimes.com/caltimes/latimes/code/ 		172 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://activate.platform.californiatimes.com/caltimes/latimes/code/f3d421207553e584e7c891889d52c322.js?conditionId0=4849544
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ba200cf72b5ade38d1f2946ae19a31a7371a2fe1fa91cb86cc34ff14bb47c41b

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:41 GMT
content-encoding
gzip
last-modified
Tue, 06 Apr 2021 21:52:13 GMT
server
nginx
etag
W/"606cd80d-2aeb0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
e0c9cadc0a81fa170bfff75ecd8ae967.js
activate.platform.californiatimes.com/caltimes/latimes/code/ 		44 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://activate.platform.californiatimes.com/caltimes/latimes/code/e0c9cadc0a81fa170bfff75ecd8ae967.js?conditionId0=4853386&conditionId1=4853390&conditionId2=4853391&conditionId3=4853389
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5c30690361a587e4d3ac8b409c48cb1a891f750c96a2743b3bfce9df3af3b7cf

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:41 GMT
content-encoding
gzip
last-modified
Wed, 05 Aug 2020 20:10:10 GMT
server
nginx
etag
W/"5f2b1222-b172"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
7716d72d2ba0add356e53e50fd5a137d.js
activate.platform.californiatimes.com/caltimes/latimes/code/ 		79 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://activate.platform.californiatimes.com/caltimes/latimes/code/7716d72d2ba0add356e53e50fd5a137d.js?conditionId0=4849974&conditionId1=4849973
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
76f654706d1dc39a7476acd7324638364ae13622c52b461597060df2cd38791f

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:41 GMT
content-encoding
gzip
last-modified
Tue, 08 Dec 2020 07:36:48 GMT
server
nginx
etag
W/"5fcf2d10-13dc2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
19fe23bb279cfe1c6addaf320fadcbe5.js
activate.platform.californiatimes.com/caltimes/latimes/code/ 		1 KB
726 B 		Script
General
Check archive.org
Download Go to
Full URL
https://activate.platform.californiatimes.com/caltimes/latimes/code/19fe23bb279cfe1c6addaf320fadcbe5.js?conditionId0=4864545
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f4212a3a9c2f84a1679a9af422d53a6b1309ff0f7a8334e928c61ea227329015

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:41 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 20:30:56 GMT
server
nginx
etag
W/"604a7e00-4ce"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cce43521704dbce9c036975838e5398b.js
activate.platform.californiatimes.com/caltimes/latimes/code/ 		5 KB
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://activate.platform.californiatimes.com/caltimes/latimes/code/cce43521704dbce9c036975838e5398b.js?conditionId0=4898051&conditionId1=4863749
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
143860b1488db3092351eaac385aef4b6f04261e62c36b1696a5fa4348a17d74

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:41 GMT
content-encoding
gzip
last-modified
Tue, 02 Feb 2021 18:29:05 GMT
server
nginx
etag
W/"601999f1-143a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
9f1fa0f4a90d848a8f261c6537a23740.js
activate.platform.californiatimes.com/caltimes/latimes/code/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://activate.platform.californiatimes.com/caltimes/latimes/code/9f1fa0f4a90d848a8f261c6537a23740.js?conditionId0=4864511
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
be002b6bc7cd8b9043f09bcc3ddd290611ffa9f39e1923789414390a89e6c0a7

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:41 GMT
content-encoding
gzip
last-modified
Tue, 14 Jul 2020 00:50:48 GMT
server
nginx
etag
W/"5f0d0168-1c9e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5863
x-xss-protection
0
server
cafe
etag
12453517290502062038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 17 Apr 2021 21:02:35 GMT
cdb
bidder.criteo.com/ 		18 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=86681260809
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Apr 2021 20:05:41 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.latimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
44
cygnus
htlb.casalemedia.com/ 		24 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=390694&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2230b3294b195144%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNY%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224bfb10211e84e1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22390694%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225a832f239627de%22%2C%22ext%22%3A%7B%22siteID%22%3A%22390694%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226479ecca03a6ec%22%2C%22ext%22%3A%7B%22siteID%22%3A%22390694%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dfabc341977d7f52ed12313da059cf08360d1c8849bc171dd0bdb8ba03621ce9

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:42 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[84.17.53.159], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.latimes.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
44
x-ak-client-geo
12
expires
Sat, 17 Apr 2021 20:05:42 GMT
arj
latimes-d.openx.net/w/1.0/ 		188 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://latimes-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=399220d3-893a-4693-951e-ce92c5b84b8d&nocache=1618689941787&us_privacy=1YNY&aus=970x250%2C970x90%2C728x90&divIds=google-ad209d3215-1e69-43e1-b165-de45d4117098&auid=540799224
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
0546ead9f858c3acea7c676b3243505aff2f34ff00ecaaf69cdcfdcf914e561a

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:41 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.latimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
177
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20520&site_id=267796&zone_id=1328004&size_id=2&alt_size_ids=55%2C57&p_pos=atf&us_privacy=1YNY&rf=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&tg_i.aupName=%2F21787098806%2Fweb.latimes%2F.*%26pagetype%3Dstory%2Cposition%3D1&tg_i.dfp_ad_unit_code=21787098806%2Fweb.latimes%2Fopinion&tg_i.pbadslot=21787098806%2Fweb.latimes%2Fopinion&tk_flint=dmpbjs_v4.29.0&x_source.tid=399220d3-893a-4693-951e-ce92c5b84b8d&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.5506795876995945
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
54d0796560defd4fc826ca97cd679a61b2378eca7227e56f11b693cdc1f20b41

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:42 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.latimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1839
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96902d017777a7455babe758ae0129&pos=Latimes_banner_dyn_6&cmd=bid&secure=1&us_privacy=1YNY
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
a5e9ac71292371502e5914a46c2bf01717fd4175ccdc65c9a323c47898b10805

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 17 Apr 2021 20:05:41 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.latimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ecba785818813feb349899c96f7e0374a8c3ae0d6645212be693cc5038882b69
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:42 GMT
X-Proxy-Origin
84.17.53.159; 84.17.53.159; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.84:80
AN-X-Request-Uuid
84e33898-1276-49e3-97fe-99a126312897
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.latimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.29.0&referrer=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&tmax=1000&us_privacy=1YNY
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.137.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:42 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.latimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96902d017777a7455babe758ae0129&pos=Latimes_mrec_dyn_9&cmd=bid&secure=1&us_privacy=1YNY
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
3d2e79c55413aacf15af67146781cfb24e009f2482e0b9c72051456aa6023f7e

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 17 Apr 2021 20:05:42 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.latimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
arj
latimes-d.openx.net/w/1.0/ 		188 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://latimes-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9e1b4ac9-542d-43f5-833a-e3f823941ca8&nocache=1618689941880&us_privacy=1YNY&aus=300x250%2C300x600&divIds=google-adb83cec26-cf8d-4a5e-90c9-b73bf4080ed3&auid=540799217
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
42e2b25863e98bef95b3d5568c81bb80b49af5c00d05314da0b98e04a2f16f90

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:41 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.latimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
177
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=83864089096
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Apr 2021 20:05:41 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.latimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
44
fastlane.json
fastlane.rubiconproject.com/a/api/ 		431 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20520&site_id=267796&zone_id=1328002&size_id=15&alt_size_ids=10&p_pos=atf&us_privacy=1YNY&rf=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&tg_i.aupName=%2F21787098806%2Fweb.latimes%2F.*%26pagetype%3Dstory%2Cposition%3D1&tg_i.dfp_ad_unit_code=21787098806%2Fweb.latimes%2Fopinion&tg_i.pbadslot=21787098806%2Fweb.latimes%2Fopinion&tk_flint=dmpbjs_v4.29.0&x_source.tid=9e1b4ac9-542d-43f5-833a-e3f823941ca8&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.2863446021182643
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
30816e31ffdc210f8c348ea52efe08cc03cc39af753c32a5364cac7811049075

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:42 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.latimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
431
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		23 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=390693&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2226ef73c2d8d65%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNY%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22279e484bc21b189%22%2C%22ext%22%3A%7B%22siteID%22%3A%22390693%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2228292634b03b0a2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22390693%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
acebc7dceb36716515bdc0518948a6a342a80d9f0bb87b88f757964685df53b8

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:42 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[84.17.53.159], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.latimes.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
43
x-ak-client-geo
12
expires
Sat, 17 Apr 2021 20:05:42 GMT
auction
tlx.3lift.com/header/ 		19 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.29.0&referrer=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&tmax=1000&us_privacy=1YNY
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.137.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:42 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.latimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
2c8ba61c1686f0aa4a9412811963fbf4fbf450a763c1270597f3e4b20a928ee6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:42 GMT
X-Proxy-Origin
84.17.53.159; 84.17.53.159; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.133:80
AN-X-Request-Uuid
cbf0e756-8fe7-4113-85cf-2b093d2a60cc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.latimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		431 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20520&site_id=267796&zone_id=1328010&size_id=15&alt_size_ids=10&us_privacy=1YNY&rf=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&tg_i.aupName=%2F21787098806%2Fweb.latimes%2F.*%26pagetype%3Dstory%2Cposition%3D2&tg_i.dfp_ad_unit_code=21787098806%2Fweb.latimes%2Fopinion&tg_i.pbadslot=21787098806%2Fweb.latimes%2Fopinion&tk_flint=dmpbjs_v4.29.0&x_source.tid=ab103947-8eed-4f9c-a285-edb92a995e2f&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.3328868476232967
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f996a7ca050f86c363c12a5f8cb5844ce5f273a2e36ab2c7273ef89b7742476d

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:42 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.latimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
431
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		18 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=9902659140
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Apr 2021 20:05:41 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.latimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/ 		19 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.29.0&referrer=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&tmax=1000&us_privacy=1YNY
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.137.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:42 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.latimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96902d017777a7455babe758ae0129&pos=Latimes_mrec_dyn_6&cmd=bid&secure=1&us_privacy=1YNY
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
6040a87675b04e68d0cacbeec7f38b65b9a498a9ce42583c2c17c9223638fc9e

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 17 Apr 2021 20:05:42 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.latimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
arj
latimes-d.openx.net/w/1.0/ 		189 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://latimes-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ab103947-8eed-4f9c-a285-edb92a995e2f&nocache=1618689941985&us_privacy=1YNY&aus=300x250%2C300x600&divIds=google-adab4329b8-29d1-49c2-b130-c00e8d847646&auid=540799220
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
2d407bdd921e62d279604559aa8047d78e9d3fe4d84b6dbc2b533de82956a923

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:42 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.latimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
180
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=390695&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2243f901b10b9c1e3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNY%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2244a645538480cf6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22390695%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22452f60cee04807c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22390695%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f249249d612d4781c1d8ced6e0f2dc2ac499397b0251faf14dbad9c1e13bab7c

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:42 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[84.17.53.159], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.latimes.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Sat, 17 Apr 2021 20:05:42 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
86f03c3da6ffbfd6bb12fe06875f0316c03e5445422aa9dcde2994c8fd1955f8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:42 GMT
X-Proxy-Origin
84.17.53.159; 84.17.53.159; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.79:80
AN-X-Request-Uuid
f8169389-de6d-426d-bd92-a70ce59f0a03
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.latimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1335255/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1335255/tfa.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea1cfd571a8a54e0496800e9c5d805a7ee9c78228193caf41ab67968b6c0c5f0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
5fjQnNRYsCpekqKRMlbDnRI01O2agaX9
content-encoding
gzip
etag
"039404493bdb5deda6efe67d56b33119"
age
94
x-cache
HIT
x-amz-replication-status
PENDING
content-length
22343
x-amz-id-2
I2F4Q5UfBn0VGW2eOXNYNXEEbFJCeAX5r6jPFM1czoMsDfMbj34dLimBE52XZPFqs1vLPlXKHbc=
x-served-by
cache-hhn11527-HHN
last-modified
Mon, 12 Apr 2021 10:36:47 GMT
server
AmazonS3
x-timer
S1618689942.209442,VS0,VE1
date
Sat, 17 Apr 2021 20:05:42 GMT
vary
Accept-Encoding
x-amz-request-id
WAGQ5BHAZ6RDXDAR
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
48
x-cache-hits
1
fbevents.js
connect.facebook.net/en_US/ 		92 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23963
x-fb-rlafr
0
pragma
public
x-fb-debug
0+PYRKzGd1nHIH51sMyjIdqCUn/i1wNhewLNLnnBCY2Z9u3kXWsUF4bpRvY2MG7X0lPhHWdNfKq5FUei34DyNw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
date
Sat, 17 Apr 2021 20:05:42 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
core.js
s.pinimg.com/ct/ 		1 KB
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:288::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b0a826fa53a52c446352d13c02654eff897691e910dbf3a3d79b44757fd37fea

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
gzip
x-cdn
akamai
etag
"c6fbf499a6a1afdef9597a0d274bdd3f"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
x-fallback
21bebbd-104.126.36.60
accept-ranges
bytes
content-length
578
access-control-expose-headers
X-CDN
pixel.js
www.redditstatic.com/ads/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
38c9e8d2dfaf439f732463b5ae80c7d5da32bd8594172a56041794f080b2a3bc

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:42 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 01 Apr 2021 21:20:31 GMT
server
snooserv
etag
"f130bbfe131c22854e51f461d761041d"
vary
Accept-Encoding,Origin
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-encoding
gzip
content-length
6670
ml.br.js
js.matheranalytics.com/static/ltm/ma12767/all/9/
Redirect Chain
  • https://js.matheranalytics.com/s/ma12767/212934200/all/ml.js?cb=1561
  • https://js.matheranalytics.com/static/ltm/ma12767/all/9/ml.br.js
147 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma12767/all/9/ml.br.js
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
f51085abacdfe30b17a99a5808be67e7b00136ab4fc9b325d8507006fee640ba

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 14:47:53 GMT
content-encoding
br
last-modified
Mon, 22 Feb 2021 20:30:13 GMT
server
nginx
age
19070
etag
"750bf3d3a78140cd55196248f97f0b75"
vary
Accept-Encoding
x-cache
HIT Mon, 22 Feb 2021 20:39:10 GMT
content-type
application/x-javascript
via
1.1 google
cache-control
public,max-age=3600
alt-svc
clear
content-length
43143

Redirect headers

date
Sat, 17 Apr 2021 20:05:42 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma12767/all/9/ml.br.js
cache-control
public, max-age=269200
alt-svc
clear
x-served-by
6-gc-euw1-10923
js
www.googletagmanager.com/gtag/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1009384521&l=adsData
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9dd68313c038b89e639e474eba420a35e718f7cb459e8285d7cc6bc67b3dc969
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:42 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34064
x-xss-protection
0
last-modified
Sat, 17 Apr 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 17 Apr 2021 20:05:42 GMT
scevent.min.js
sc-static.net/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-52.cph50.r.cloudfront.net
Software
CloudFront /
Resource Hash
023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:42 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
CPH50-C1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
5720
via
1.1 c4cfd693df2d3c329a667c606d9185f1.cloudfront.net (CloudFront)
x-amz-cf-id
vvg8MuILXBCcgpgPPZ6IlVeqpdZ1ijz83b99NV58w5EEfYq6B9bRLQ==
obtp.js
amplify.outbrain.com/cp/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-107.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Mar 2021 12:03:44 GMT
Server
AkamaiNetStorage
ETag
"c43e7f1b0459d05cce32768dd16af59b:1616414624.063318"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2864
Expires
Sat, 17 Apr 2021 20:25:42 GMT
subscriptions.js
static.chartbeat.com/js/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/subscriptions.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2021:a400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
317fdfb7207748fec01b86d1c8c692761d659e9dcfa1db5ca0a049bd1b87021a

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 15:13:04 GMT
content-encoding
gzip
last-modified
Thu, 25 Mar 2021 00:43:03 GMT
server
nginx
age
17558
etag
W/"605bdc97-7e55"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 cc61fd5dae580ac4dd735e074a4fbe83.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
CPH50-C2
x-amz-cf-id
6aifZw9Fg-6Ki286QFtlwQk1BQUh7O2vC3hRcpth7N0adTUnHJgqOw==
expires
Sun, 18 Apr 2021 15:13:04 GMT
qevents.js
a.quora.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.quora.com/qevents.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding
gzip
etag
"f32ebb1e93a72c0a57add6d07f688510"
age
6086
x-cache
HIT, HIT
content-length
13681
x-amz-id-2
6MC5ePA6RpNoeBrdZVUrZ62iafps2w2cSZ7S92YXfFGiNFsAHv/3fUd/vVo7ExG3e5tsgl2pLeE=
x-served-by
cache-bwi5139-BWI, cache-fra19177-FRA
last-modified
Fri, 25 Oct 2019 19:28:38 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer
S1618689942.392288,VS0,VE0
date
Sat, 17 Apr 2021 20:05:42 GMT
vary
Accept-Encoding
x-amz-request-id
NBRHN1X0BG6VG5XM
via
1.1 varnish, 1.1 varnish
cache-control
max-age=7200
accept-ranges
bytes
content-type
text/plain
x-cache-hits
1, 842
ytc.js
s.yimg.com/wi/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Sat, 17 Apr 2021 19:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3446
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5581
x-amz-id-2
wKtQc8rXOjx2txmwBLB0usd9dRw33avdkJACcnTBi0h08cCOQVshxoE4J5Vu4rouLZMNUhH3pF4=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 24 Sep 2020 23:08:16 GMT
server
ATS
etag
"49db10c8315384e8dad2e92a6841ed81-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
4BSHS820DKR5F79R
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
accept-ranges
bytes
content-type
application/javascript
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:42 GMT
via
1.1 varnish
last-modified
Fri, 04 Dec 2020 00:21:46 GMT
age
69254
etag
"cbc512946c8abb461c6215ed5b454e5f+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
1957
x-timer
S1618689942.369833,VS0,VE0
x-served-by
cache-hhn11530-HHN
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036462&ns__t=Sat%20Apr%2017%202021%2022:05:42%20GMT+0200%20(Central%20European%20Summer%20Time)&ns_c=UTF-8&c8=Why%20so%20many%20people%20want%20to%20beli...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=Sat%20Apr%2017%202021%2022%3A05%3A42%20GMT%200200%20(Central%20European%20Summer%20Time)&ns_c=UTF-8&c8=Why%20so%20many%20people%20want%20to...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=Sat%20Apr%2017%202021%2022%3A05%3A42%20GMT%200200%20(Central%20European%20Summer%20Time)&ns_c=UTF-8&c8=Why%20so%20many%20people%20want%20to%20believe%20Biden%20stole%20the%20election%20-%20Los%20Angeles%20Times&c7=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&c9=
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-38.cph50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:43 GMT
via
1.1 b3f90546650bd51f97feaab85be34b1c.cloudfront.net (CloudFront)
x-amz-cf-pop
CPH50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
RDGFEh5rWy8fElm1gK0W2kSXqXk3jlt2ZekcXnsxrDfP0V-UJVFbbg==

Redirect headers

date
Sat, 17 Apr 2021 20:05:42 GMT
via
1.1 b3f90546650bd51f97feaab85be34b1c.cloudfront.net (CloudFront)
x-amz-cf-pop
CPH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=Sat%20Apr%2017%202021%2022%3A05%3A42%20GMT%200200%20(Central%20European%20Summer%20Time)&ns_c=UTF-8&c8=Why%20so%20many%20people%20want%20to%20believe%20Biden%20stole%20the%20election%20-%20Los%20Angeles%20Times&c7=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&c9=
content-length
556
x-amz-cf-id
vhQqXkZ2rZntCQ77Qilz1oaPeryw1j146KFdutMWpeClDhhYxFLHCQ==
t
jadserve.postrelease.com/ 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&ntv_mvi&us_privacy=1YNY
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.108.168 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
e6121b59aee99bb40de63990b431eb550a31974eaf5fa7273018fe2625a70e2d

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:43 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
3145
expires
Mon, 1 Jan 1990 12:00:00 GMT
rev.js
assets.revcontent.com/master/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/rev.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
894694eee28fc463a83875d519e70afaf5f40ac7c042d6114c4ee86d156b4067

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:42 GMT
content-encoding
gzip
last-modified
Wed, 09 Oct 2019 15:23:49 GMT
server
AmazonS3
x-amz-request-id
1P2G3WFG5YBGERCW
etag
"46482d4733f3f6c1f93601a6274bc264"
x-hw
1618689942.cds142.am5.hn,1618689942.cds236.am5.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
9617
x-amz-id-2
JKuTV8b7Te83ZDLj9H8h15F7wMhKFGxLcpaMIg/sXjFpulXbaKMVfdkKo10AImg356v14UGYW1g=
e.gif
activate.platform.californiatimes.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activate.platform.californiatimes.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20pdcoid%2C%20ID%3A59336.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:42 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sat, 17 Apr 2021 20:05:41 GMT
e.gif
activate.platform.californiatimes.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activate.platform.californiatimes.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20ezpay_status%2C%20ID%3A60910.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:42 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sat, 17 Apr 2021 20:05:41 GMT
e.gif
activate.platform.californiatimes.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activate.platform.californiatimes.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20ez_pay%2C%20ID%3A59536.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:42 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sat, 17 Apr 2021 20:05:41 GMT
e.gif
activate.platform.californiatimes.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activate.platform.californiatimes.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20print_status%2C%20ID%3A60891.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:42 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sat, 17 Apr 2021 20:05:41 GMT
e.gif
activate.platform.californiatimes.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activate.platform.californiatimes.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20sub_data%2C%20ID%3A60890.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:42 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sat, 17 Apr 2021 20:05:41 GMT
trackable.js
ext.chtbl.com/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ext.chtbl.com/trackable.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5600:a:b27c:d040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:10:40 GMT
via
1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
last-modified
Fri, 12 Feb 2021 20:28:32 GMT
server
AmazonS3
age
3304
etag
"4a494dbb82444463b6fd8bff0e5593d6"
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
4092
x-amz-cf-id
nLqPCeOieKneyx0pPz9a5LH_2Yhpjn8_CV-Y3JNRFvdaBHn1qpP7Hw==
insight.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:494::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=20166
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6036462/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-38.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:56:19 GMT
via
1.1 b3f90546650bd51f97feaab85be34b1c.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
565
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
JRPeux_CmHJ7DV8AFG_2WFwy5RgJN7zuIb9Nk90h1M1MMNGruCCUHA==

Redirect headers

date
Sat, 17 Apr 2021 20:05:43 GMT
via
1.1 b3f90546650bd51f97feaab85be34b1c.cloudfront.net (CloudFront)
x-amz-cf-pop
CPH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
wjvVrliTsa8E8RPEjRN4UDWi4PGQkg8zBSBvBgb0XHn9FiofNnkLog==
bid
c.amazon-adsystem.com/e/dtb/ 		549 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3886&u=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&pid=lV3D5nvVkOdVK&cb=0&ws=1600x1200&v=7.63.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%221280x220%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F21787098806%2Fweb.latimes%2Fopinion%22%7D%5D&pj=%7B%22aps_privacy%22%3A%221YN%22%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-247-127.cph50.r.cloudfront.net
Software
Server /
Resource Hash
f8710f3e085163a30204fec0d0f2ef7e0c662bdc6fd0e6493ad540190e5b57c5

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:43 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
CPH50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.latimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
373
via
1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
x-amz-cf-id
0yVCQiX5_BlL7Sbe-2OlNMaaXQ9xNvUltJjUPgYPhx0RPD5gy08nOA==
bid
c.amazon-adsystem.com/e/dtb/ 		128 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3886&u=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&pid=lV3D5nvVkOdVK&cb=1&ws=1600x1200&v=7.63.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F21787098806%2Fweb.latimes%2Fopinion%22%7D%5D&pj=%7B%22aps_privacy%22%3A%221YN%22%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-247-127.cph50.r.cloudfront.net
Software
Server /
Resource Hash
66b71e3581a5415642fd118f1811ee1a0f1ccddac17f957ca1f64f21c994040c

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:43 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
CPH50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.latimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
133
via
1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
x-amz-cf-id
-d2Zfy7CQmz4vh_5sCVDbr6C2eyZCanqUae30rDXi25NjrapPx28eA==
bid
c.amazon-adsystem.com/e/dtb/ 		128 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3886&u=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&pid=lV3D5nvVkOdVK&cb=2&ws=1600x1200&v=7.63.00&t=2000&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F21787098806%2Fweb.latimes%2Fopinion%22%7D%5D&pj=%7B%22aps_privacy%22%3A%221YN%22%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-247-127.cph50.r.cloudfront.net
Software
Server /
Resource Hash
eee957c5d825eda11589f1a9997e1667014d36024ce13bce5e459b4b7bf363ca

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:43 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
CPH50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.latimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
133
via
1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
x-amz-cf-id
yF0bLYIQmLsxwE4MCTbn6VxCVAGG3hHkVjDbT0i4IeheVgtrEGInyg==
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:43 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sun, 18 Apr 2021 20:05:43 GMT
/
activate.latimes.com/pc/caltimes/ 		42 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activate.latimes.com/pc/caltimes/?pulse2001=https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274:_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&pulse2002=https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology&pulse2003=lat:opinion:donald-trump-election-fraud-lies-psychology:story.&pulse2004=www.latimes.com&pulse2005=latimes&pulse2006=opinion&pulse2007=/opinion&pulse2008=donald-trump-election-fraud-lies-psychology&pulse2009=donald-trump-election-fraud-lies-psychology&pulse2010=story&pulse2011=story&pulse2012=Why%20so%20many%20people%20want%20to%20believe%20Biden%20stole%20the%20election%20%20Los%20Angeles%20Times&pulse2013=22&pulse2021=story&pulse2035=signed-out&pulse2038=84.17.53.159&pulse2039=1600x1200&pulse2040=lat&pulse2041=false&pulse2045=landscape&pulse2046=%3E1224&pulse2047=0-99&pulse2048=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&pulse2068=%20&pulse2071=%20&pulse2113=%20&pulse2119=%20&pulse2127=%20&pulse2128=%20&pulse2131=00000176-2e83-daf9-affe-6fcf0dda0000&pulse2134=Why%20so%20many%20people%20want%20to%20believe%20the%20election%20was%20stolen&pulse2135=Aaron%20C.%20Kay%20and%20Mark%20J.%20Landau&pulse2136=OpEd&pulse2137=12-06-2020%2004:00&pulse2140=latimes&pulse2141=latimes&pulse2152=(Los%20Angeles%20Times)&pulse2153=%20&pulse2168=%20&pulse2179=%20&pulse2215=latimes&pulse2286=993&pulse2287=https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology&pxlid=701261005236508709&pbrd=1&pch=4&pei=2&pulse2216=00000175-eca6-d2fa-a7f7-efa6d7440000&c_rdp=0
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:43 GMT
server
nginx
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
no-cache, no-store, must-revalidate
x-ens-event-id
856ea278-5959-4272-a423-a8f6d8356e87
x-offsite-uuid
8405f5d8-f086-4e02-903c-e69c182a0013
access-control-allow-headers
*
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT
632456800236234
connect.facebook.net/signals/config/ 		255 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/632456800236234?v=2.9.39&r=stable
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
10d9e2b611645895eef11653c3be324da69df0521d33f9295b2a3af497b8fc04
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
74373
x-fb-rlafr
0
pragma
public
x-fb-debug
Kd2TI6G+RgLFW3Qiuc8halHGK//szNyZhq8LlxjBG429u5r9nVpZaKe9FbISYdqMe1/OvttAlcX/Yt531QTlbQ==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 17 Apr 2021 20:05:43 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13879
x-xss-protection
0
server
cafe
etag
4168474919333271250
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 17 Apr 2021 20:05:43 GMT
rp.gif
alb.reddit.com/ 		42 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1618689943436&id=t2_5wzfk9al&event=PageVisit&uuid=9f37c999-b3aa-433f-8574-a138b6b81684&aaid=&em=&idfa=&opt_out=0&sh=1600&sw=1200&s=ChO0a%2Bx%2BM8BGnbV7VKFEYMzddCUnG4bgEk1PMsAoFRA%3D
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:43 GMT
via
1.1 varnish
server
Varnish
accept-ranges
bytes
content-length
42
retry-after
0
content-type
image/gif
main.dec9de31.js
s.pinimg.com/ct/lib/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.dec9de31.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:288::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
850420a74b035447dcf888c73803e7588d07aa16c80c3ee326c7c575186bd001

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
gzip
x-cdn
akamai
etag
"534cdacf4ffd94bf57ac75057dd94604"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
x-fallback
21bf18f-104.126.36.60
accept-ranges
bytes
content-length
17139
access-control-expose-headers
X-CDN
10135027.json
s.yimg.com/wi/config/ 		2 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10135027.json
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:31:47 GMT
x-content-type-options
nosniff
age
2036
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
CRVCJ96QYRXFWQ88
x-amz-id-2
wVs2Lj96K/5wQMeYaYtBekJvMpeAELcHEPThy9LtLSn0W+0clrQ8X+I8LHltVcjAKB7P0S20Xu0=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
2
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00d9d340b52282c19bd79c17bede8ae26c
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:43 GMT
content-encoding
gzip
X-TraceId
4678f318b73c5bd0c16ec629475d0dc8
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00d9d340b52282c19bd79c17bede8ae26c&obApiVersion=1.1&obtpVersion=1.4.1&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&optOut=false&bust=022384754880880453
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:43 GMT
Cache-Control
no-cache
X-TraceId
d7d66efe3ffadbb67727df52133492e
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
pixel
q.quora.com/_/ad/ca8cb1bde9414b2583b370368e30f53e/ 		43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/ca8cb1bde9414b2583b370368e30f53e/pixel?j=1&u=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&tag=ViewContent&ts=1618689943497
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.227.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:43 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Q-Stat
,b6941afee2d0b667cb9cea400be8a3c6,10.0.0.132,32928,84.17.53.159,,82005068154,1,1618689943.987,0.001,,.,0,0,0.000,0.004,-,0,0,197,113,56,10,26847,,,,,,-,
Content-Type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.latimes.com
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 20:05:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.latimes.com
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 20:05:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2207639593809262&correlator=875204224338181&output=ldjh&impl=fifs&hxva=1&scor=4274947159630993&eid=31060690%2C21064368&vrg=2021041301&ptt=17&us_privacy=1YNY&sc=1&sfv=1-0-38&ecs=20210417&iu_parts=21787098806%2Cweb.latimes%2Copinion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1280x220%7C970x250%7C970x90%7C728x90&prev_scp=position%3D1%26r_round%3D0%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D970x250%26hb_pb_rubicon%3D0.21%26hb_adid_rubicon%3D481b8bb531db33e%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x250%26hb_pb%3D0.21%26hb_adid%3D481b8bb531db33e%26hb_bidder%3Drubicon%26amznbid%3Dm22o00%26amznp%3Dmyjchs%26amzniid%3DIjhNRjP3Kcsl5DPQZ-UC7pgAAAF44XBmfQMAAA8uAVSdlG8%26amznsz%3D970x250&eri=1&cust_params=slug%3Ddonald-trump-election-fraud-lies-psychology%26slugwords%3Ddonald%252Ctrump%252Celection%252Cfraud%252Clies%252Cpsychology%26topictags%3Dop-ed%26pagetype%3Dstory%26design%3Dbs%26epvid%3D701261005236508709%26screensize%3Dmedium%26rb_sync%3D1%26rb_creative%3D4&cookie_enabled=1&bc=31&abxe=1&lmt=1618689943&dt=1618689943602&dlt=1618689939959&idt=1700&frm=20&biw=1600&bih=1200&oid=3&adxs=140&adys=94&adks=500406791&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1320x270&msz=1320x220&ga_vid=2029193101.1618689944&ga_sid=1618689944&ga_hid=1169130723&ga_fc=false&fws=0&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
0857b341314e11f31569a4cbc62e6787d261185d20e8866295d5182bf991eee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11139
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.latimes.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		40 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2207639593809262&correlator=2176742520584400&output=ldjh&impl=fifs&hxva=1&scor=4274947159630993&eid=31060690%2C21064368&vrg=2021041301&ptt=17&us_privacy=1YNY&sc=1&sfv=1-0-38&ecs=20210417&iu_parts=21787098806%2Cweb.latimes%2Copinion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=position%3D1%26r_round%3D0%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=slug%3Ddonald-trump-election-fraud-lies-psychology%26slugwords%3Ddonald%252Ctrump%252Celection%252Cfraud%252Clies%252Cpsychology%26topictags%3Dop-ed%26pagetype%3Dstory%26design%3Dbs%26epvid%3D701261005236508709%26screensize%3Dmedium%26rb_sync%3D1%26rb_creative%3D4&cookie_enabled=1&bc=31&abxe=1&lmt=1618689943&dt=1618689943660&dlt=1618689939959&idt=1700&frm=20&biw=1600&bih=1200&oid=3&adxs=1060&adys=1161&adks=2014690032&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x270&msz=320x250&ga_vid=2029193101.1618689944&ga_sid=1618689944&ga_hid=1169130723&ga_fc=false&fws=0&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
f478c7f49abdb8d02192ac091b7115617cc34a3d706b37efb783d569f88167f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15189
x-xss-protection
0
google-lineitem-id
5659403752
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138346944829
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.latimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1.gif
activate.platform.californiatimes.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activate.platform.californiatimes.com/privacy/v1/b/1.gif?n=1&c=2715&i=8thlsj&p=latimes&s=10648&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNDU1IiwiY2xpZW50SWQiOjI3MTUsInB1Ymxpc2hQYXRoIjoibGF0aW1lcyIsImluc3RhbmNlSWQiOiI4dGhsc2oiLCJwYWNrZXQiOjEsIm1vZGUiOiJlbmZvcmNlWgDyJ29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLMA8R5odHRwczovL2MuYW1hem9uLWFkc3lzdGVtLmNvbS9iYW8tY3NtL2Fwcy1jb20JAPAMX2NzbS5qcyIsInR5cGUiOiJ4aHIiLCJzdGFyoQDANjE4Njg5OTQxMTk1jwBHZCI6MRQAgDcsInNvdXJjOQCyWEhSX01BTkFHRVJBANF0dXMiOiJhbGxvd2VkuABAYXNvbrcA1F0sImRhdGFQYXR0ZXISALtsaXN0IjpbXSwiaWYAPzV9LOkAWR056QA_MjAy6QBSHznpAAjhb25maWFudC1pbnRlZ3LxAfkecy5nbG9iYWwuc3NsLmZhc3RseS5uZXQvZ3B0LzIwMjEwNDEyMTMyNC93cmFw5QFic2NyaXB0pwEJ6AFNMDg2MP8ANzQ1M_8AsGluc2VydEJlZm9yjgIyc3Rh6QE_bG9h5gEnAHgAD_0AM29wcmViaWQAAScfOQABARc0AAExbXV0fgGST2JzZXJ2ZXJBRwEPBQEyLzkwBQEK0W5lY3QuZmFjZWJvb2vrAfAnZW5fVVMvc2RrLmpzP2hhc2g9ZTJkMmZmOTJmMTZkZjFhYTEyY2NkNTgwZWFiZWUzZTMmdWE9dQRmcm5fZXM2-AMPEwIHPjk0NhMCHzgTAk8_OTQ2DgGBHzUhAgAJDgEPIQJILzk1IQILDyMEFg8mAy0tNjQTAjc1MzgmAw8mBEUfNBMCCg8AARYAMgcvdmUmBCcuNjcAAR83EwNPPzg2NwABcy85MQABDA8FA0g_ODkxBQEH0WJpZGRlci5jcml0ZW_2CPYhY2RiP3Byb2ZpbGVJZD0yMDcmYXY9MzMmd3Y9NC4yOS4wJmNiPTg2NjgxMjYwODA5EwUPCwkEHzcCBAA3Nzc1_QIPCwlFHzf_AwkP-gBRHjcKBhA3FAAPBQpOLzc3DAYJ0jJzaGIuc3NwLnlhaG_2AUJiaWRSKAvyHD9kY249OGE5NjkwMmQwMTc3NzdhNzQ1NWJhYmU3NThhZTAxMjkmcG9zPUy3C_8fX2Jhbm5lcl9keW5fNiZjbWQ9YmlkJnNlY3VyZT0xJnVzX3ByaXZhY3k9MVlOWS8CDx45LAQQNxQADzUBTx85LgQJDzUBoAhhBg9kA0YPNQEJgWliLmFkbnhzWQRidXQvdjMvSgcPBgIOLjgyMgcvODI1BFEvODI0BwgP0QApDhEOD9EAVQ8RDgkP1wI8QW1yZWMKBB85CgQvEDglBillbt4OHzg_BVIvODczAaYdOGkIPzg3OWwHUD84NzhmCD-XMzg2NDA4OTA5eQ0PZggELjg4NwYBFAAPNwZOLzg4NwYID2YIJQ_6ABoP9AEAGDldCw_8BUUvODj0AQgPKwUnLjkyywEBFAAPywFOLzkyywEID9EAPQ-eB1EP0QAKD5wCJJA5OTAyNjU5MTTtFQ8GFQsuOTb4DC85Nh0UUS85NvUMPw_5ABodMogFD_kAVR8yiAUHH2PuB0UP-AswHznuBwAfOe4HUh857gdiDzMBMQBIEwshCSg5OH0VD_oFRT85ODNmAgcPKQUmPTIwMTEPPzIwMTYZUAB6AA_RAEMNywYP0QBWD8sGCAKdD_IEcHViYWRzLmcuZG91YmxlY2xpYyYXABEZAh0AY19pbXBsXx0ZPzMwMRYZEz0xMDH1FTgyMDHxBqBhcHBlbmRDaGlsBRkPFRkzAHcAD8UBBw_0AE8N8wUL9AAP5BNHPzEwMfYFCJFzLm50di5pby-BGRAveRoPyAEULTI5hg8pMjTABw_IAUIvMjmDDwgPzgApDascC84AD6IBSC8yOa4cCPEFcGFnZWFkMi5nb29nbGVzeW5kaWM1GwE5EQIeAP8DL3Nob3dfY29tcGFuaW9uX2FkxQEULTY3IAw4MzExIAwPfRhCLzE2Eg4JAtQAD_IARC03MXcKC_IAD-kBSC83MXoKCD9jb26VHAWPZmJldmVudHPWARMuMjBTGjgzMzRjBQ_WAUIAeAAPZAUHsWNkbi50YWJvb2xhugL_CGxpYnRyYy91bmlwLzEzMzUyNTUvdGZh4wAWDscBNzQyNs0QD-MARQ_CAQkP4wA6LzI14wAND6oCRz8yMjXoAAihYWxiLnJlZGRpdMoBpXJwLmdpZj90cz3QIvEFMzQzNiZpZD10Ml81d3pmazlhbCbDAvaEPVBhZ2VWaXNpdCZ1dWlkPTlmMzdjOTk5LWIzYWEtNDMzZi04NTc0LWExMzhiNmI4MTY4NCZhYWlkPSZlbT0maWRmYT0mb3B0X291dD0wJnNoPTE2MDAmc3c9MTIwMCZzPUNoTzBhJTJCeCUyQk04QkduYlY3VktGRVlNemRkQ1VuRzRiZ0VrMVBNc0FvRlJBJTNEcBYyaW1ngSAJyCEgMzSOHQpLCzgzNDM5E_ECaW1nX0RPTUF0dHJNb2RpZmmlIwW6CA-4Iy0AggAPWQMHAGcAoGljLmFkcy10d2kHJAGWAT91d3RMAxQtMjTKBzkzNDjgAA-oIkE_MjI0ywcJABoiD9YAKg_bBgAK1gAPPwNJD-AGCQOxAYJjaGFydGJlYUUDYmpzL3N1YjoiP2lvbusFFS8yMiUEAAnhEw8IBUMvMjIgBAgP4QA6HTX3DSkzNOEAD8cBSR81Kx0IYmEucXVvcs0GEXHdBA-1ARYeM9QAKDUx-xIPtQE9wDY4OTk0MjIzNn1dfQ
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:43 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sat, 17 Apr 2021 20:05:42 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
561
date
Sat, 17 Apr 2021 19:56:22 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Sat, 17 Apr 2021 21:56:22 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2207639593809262&correlator=3114042662455135&output=ldjh&impl=fifs&hxva=1&scor=4274947159630993&eid=31060690%2C21064368&vrg=2021041301&ptt=17&us_privacy=1YNY&sc=1&sfv=1-0-38&ecs=20210417&iu_parts=21787098806%2Cweb.latimes%2Copinion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=position%3D2%26r_round%3D0%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=slug%3Ddonald-trump-election-fraud-lies-psychology%26slugwords%3Ddonald%252Ctrump%252Celection%252Cfraud%252Clies%252Cpsychology%26topictags%3Dop-ed%26pagetype%3Dstory%26design%3Dbs%26epvid%3D701261005236508709%26screensize%3Dmedium%26rb_sync%3D1%26rb_creative%3D4&cookie_enabled=1&bc=31&abxe=1&lmt=1618689943&dt=1618689943799&dlt=1618689939959&idt=1700&frm=20&biw=1600&bih=1200&oid=3&adxs=1060&adys=2378&adks=1978661021&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x270&msz=320x250&ga_vid=2029193101.1618689944&ga_sid=1618689944&ga_hid=1169130723&ga_fc=false&fws=0&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
edd2f93755783a08973e2e75c95b4117e74da10b0fc4f703b15bf9d3d0b24ec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8857
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.latimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2437484&time=1618689943825&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2437484%26time%3D1618689943825%26url%3Dhttps%253A%252F%252Fwww.latimes.com%252Fop...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2437484&time=1618689943825&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%...
0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2437484&time=1618689943825&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&liSync=true
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e4:101::6cae:b55 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:45 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
yPyJ1e29dhbgaEVS2yoAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options
nosniff
linkedin-action
1
content-length
0
x-li-uuid
hFB1v+29dhaQvWUmnisAAA==
pragma
no-cache
x-li-pop
afd-prod-edc2
x-msedge-ref
Ref A: A0BE1E122C04420F9811859829B0C0E6 Ref B: FRAEDGE1312 Ref C: 2021-04-17T20:05:44Z
x-frame-options
sameorigin
date
Sat, 17 Apr 2021 20:05:44 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=31536000
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2437484&time=1618689943825&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
track
web.chtbl.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://web.chtbl.com/track
Protocol
H2
Server
13.33.139.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-105.cph50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.latimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
1
date
Sat, 17 Apr 2021 20:05:44 GMT
x-amzn-requestid
f966f2f6-6963-47d0-92c4-822a4f3f3637
access-control-allow-origin
https://www.latimes.com
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id
d8bf0E4iIAMFXUA=
access-control-allow-methods
OPTIONS,POST
x-amzn-trace-id
Root=1-607b3f98-3af146684f00df9e7dc9965b
x-cache
Miss from cloudfront
via
1.1 ff92636be9eff8fae7e0e3e03ff6ef1d.cloudfront.net (CloudFront)
x-amz-cf-pop
CPH50-C2
x-amz-cf-id
njtF8OKOG0ff37Qriv1OJDQ1Hbdl-1Mj2XHQlYFQi6zqYI_pDSJhaQ==
track
web.chtbl.com/ 		49 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.chtbl.com/track
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-105.cph50.r.cloudfront.net
Software
/
Resource Hash
bb30148d9df7671c14f2cd5be91e6b7a1488932efb740a80b66f39052744c168

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json;charset=UTF-8

Response headers

date
Sat, 17 Apr 2021 20:05:44 GMT
via
1.1 ff92636be9eff8fae7e0e3e03ff6ef1d.cloudfront.net (CloudFront)
x-amz-cf-pop
CPH50-C2
x-amzn-requestid
85f9299d-2263-4683-b852-d4792f72bc00
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-607b3f98-5a477d3237e404952a1d6df4
x-amz-apigw-id
d8bf4ElcoAMF_DQ=
content-length
49
x-amz-cf-id
vwb2ZFFzl4kbFICzUNEMka8OTKDZCnOlhdKcDMd9Z-7LaZgnF_3jDw==
adsct
t.co/i/ 		43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nuumm&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_a /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
8
pragma
no-cache
last-modified
Sat, 17 Apr 2021 20:05:44 GMT
server
tsa_a
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
6897f6a1cadb9df8bc3df9df30047b74
x-transaction
00ed1d2c003cb4a0
expires
Tue, 31 Mar 1981 05:00:00 GMT
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 7C0A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-vmg_3lift
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-vmg_3lift&dcc=t
250 B
936 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-vmg_3lift&dcc=t
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3f729eb23b2d844faa452fbf5b1707052cbcd5506165f90342ff1357abdd3cc8

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.latimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A4-Wad0faUEvrmVuEuwxLxQ|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

Server
Server
Date
Sat, 17 Apr 2021 20:05:44 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
199
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A4-Wad0faUEvrmVuEuwxLxQ; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 20:05:44 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 20:05:44 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Sat, 17 Apr 2021 20:05:44 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-vmg_3lift&dcc=t
Set-Cookie
ad-id=A4-Wad0faUEvrmVuEuwxLxQ|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 20:05:44 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
bat.js
bat.bing.com/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:43 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 18:16:38 GMT
x-msedge-ref
Ref A: F5E307EC1EF944A8B86B2BD501D0DFAE Ref B: FRAEDGE1320 Ref C: 2021-04-17T20:05:43Z
etag
"0c77652ec27d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8885
74BE903F9313470AA472220ED4A97932.jpg
ntvcld-a.akamaihd.net/image/upload/w_600,h_338,c_fill,g_auto:text,f_auto/assets/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntvcld-a.akamaihd.net/image/upload/w_600,h_338,c_fill,g_auto:text,f_auto/assets/74BE903F9313470AA472220ED4A97932.jpg
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.107.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
214290b8d06a4077ba19e14f38ce1a4d10a79185ebab309493964a7c5f49f8f4

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:44 GMT
Last-Modified
Sat, 10 Apr 2021 12:09:13 GMT
Server
Akamai Image Manager
ETag
"33a1c2b560ccb3202aca86985015db80"
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=1958838
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
51380
Expires
Mon, 10 May 2021 12:13:02 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=46,302&ntv_ui=d6f3fa1b-d92b-4643-a687-fefabe6d1367&ntv_a=zJsGAX4tLAGH8QA&ntv_fl=k4_euJ5Ww-btn4yGYn2KgP8d3AKJ2UdIb24o3gfZMEHHA2FxCjB43NJnYrXKu7AFz2yhkEjqxwcd-Ta_RDSvn3bbRfC28WHBV-TeR0qD7GB8uZd5yxHU-K5o18n3oMocZTpH3q2xEd7m0DgUgLJCVRW452aktSy6PuS3S3aXECehAJwpkpYzptYa3VX5Q0ZPwrmrrvxtH5As2vpHuqlbK-gtcbmGElZgTJD8n6XSmpWnOBcgLCDnVfq0PNuD1zbpXagTyTzM4OWYfqj7g_pcnFr0CcjoAv_JKmNTRQnlrZWamCJ7XER4pMSX9G9oZwJaNA6cZX0I36qUOIDFfZprgOM0c-mCNLK3gf2ZbKHp-FelPQXdsewbjh3TORYMm4rUqXixbaKBDvO3LhCOaNqGJDCenL0XetEZkmLAGyvrl4fJfJtetm24B06ZqxBTVob2hhOsArR_q1I9qO62Ou4qwI6hIuZUjcxYeVnPFDZcn20=&ord=1960547216&ntv_ht=lz97YAA&ntv_tad=16&ntv_enc_pr=3KObb5HCDJ_TROcD0R_CIppKUi9TeqK_56Bkr24SWJ5n4xiDW8BZ5KQ6ViuXhWTu-G5dtXamKi7sqLFwJYhUqtb_iQMwdWmP5CPTXOAKWiA=&ntv_it
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.108.168 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:44 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
i
tr.snapchat.com/cm/ Frame 6FE3 		0
203 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=dbe625aa-7ced-4e1d-8918-88782123af97
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?pid=dbe625aa-7ced-4e1d-8918-88782123af97
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.latimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

server
nginx/1.17.3
date
Sat, 17 Apr 2021 20:05:44 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Why%20so%20many%20people%20want%20to%20believe%20Biden%20stole%20the%20election%20-%20Los%20Angeles%20Times&wrdcnt=993&sec=opinion&pubname=latimes&ptype=story&hier=opinion&cms=Brightspot&auth=Aaron%20C.%20Kay%7CMark%20J.%20Landau&arttype=story&artsrc=latimes&artpubt=1607256026&artid=00000176-2e83-daf9-affe-6fcf0dda0000&tv=js-3.0.123&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=9&tvcfg=all&tid=f6fa07ee-971e-4dce-8353-8af69aafed93&pid=6c56e1d4-81e3-49e4-9b10-dc03c9fc3f4c&dtm=1618689944349&qnm=_matherq&visible=1&tabid=ffc08fe9-257b-410d-bca6-bebe2c3ddb73&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&vp=1600x1200&ds=1600x7389&tofa=1618689944&vid=1&lvidt=1618689944&duid=befb4afc5a42ca7d&fp=1072425006&cid=ma12767&mrk=212934200&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxODY4OTkzODkyNSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyNy42bWIiLCJoZWFwVCI6IjM3LjNtYiIsImZzdFBhaW50IjoiMTE2OSIsImZldGNoUyI6IjIwNiIsImRvbWFpblMiOiIyMTkiLCJkb21haW5FIjoiMjI0IiwiY29ublMiOiIyMjQiLCJjb25uRSI6IjM4MiIsInNzbFMiOiIyNjIiLCJyZXF1UyI6IjM4OSIsInJlc3BTIjoiMTAzMCIsInJlc3BFIjoiMTA5MSIsImRvbUxvYWQiOiIxMDM0IiwiZG9tSW50ZXIiOiIxMjA2IiwiZG9tTG9hZFMiOiIxNzkwIiwiZG9tTG9hZEUiOiIxNzk3In0sImNhdGVnb3J5Ijp7ImNhdGVnb3JpZXMiOltbIk9wLUVkIl1dfX0
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.95.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-95-93.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:44 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:44 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sun, 18 Apr 2021 20:05:44 GMT
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=632456800236234&ev=PageView&dl=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&rl=&if=false&ts=1618689944543&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1618689944540.192829644&it=1618689943341&coo=false&dpo=&rqm=GET
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 17 Apr 2021 20:05:44 GMT
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=632456800236234&ev=ViewContent&dl=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&rl=&if=false&ts=1618689944549&cd[value]=1&cd[currency]=USD&cd[content_name]=story&cd[content_ids]=%5B%2200000176-2e83-daf9-affe-6fcf0dda0000%22%5D&cd[sub_status]=&cd[signed_in_status]=signed-out&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1618689944540.192829644&it=1618689943341&coo=false&dpo=&rqm=GET
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 17 Apr 2021 20:05:44 GMT
/
ct.pinterest.com/user/ 		57 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2613340406388&cb=1618689944593
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
97f2a7de8ee34ba39b204787cb7186545101c11acd513323ab02339b8154a0f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:44 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
access-control-allow-origin
https://www.latimes.com
x-envoy-upstream-service-time
1
x-pinterest-rid
6958441232314052
pin-unauth
dWlkPVltSTJZekkyTm1VdFpHVXhaQzAwWTJaaExUaGpOR1l0TXpVd01qUmxNR0ZsTURBNA
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
69
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2613340406388&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22dec9de31%22%7D&cb=1618689944595
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:44 GMT
referrer-policy
origin
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
4
content-length
35
x-pinterest-rid
3595946240916651
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22page_title%22%3A%22Why%20so%20many%20people%20want%20to%20believe%20Biden%20stole%20the%20election%20%20Los%20Angeles%20Times%22%7D&tid=2613340406388&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22dec9de31%22%7D&cb=1618689944596
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:44 GMT
referrer-policy
origin
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
8
content-length
35
x-pinterest-rid
7918877663234575
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1009384521/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1009384521/?random=1618689944602&cv=9&fst=1618689944602&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&tiba=Why%20so%20many%20people%20want%20to%20believe%20Biden%20stole%20the%20election%20-%20Los%20Angeles%20Times&hn=www.googleadservices.com&us_privacy=1YNY&async=1&rfmt=3&fmt=4
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e292736d9ffb924f97c250eb4c2afcbfc3a303ebab6ba4f187895c793fde529
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1259
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Server
18.157.108.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.latimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 17 Apr 2021 20:05:44 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
view
securepubads.g.doubleclick.net/pcs/ Frame 632C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuII2vFbHH4cYvXZ70QEKqwZKA-PG5JzvqwwBAqEfgQRlBeoD0fSopyCi9OZ17NJ-basFnAlaySIGdOAT0I4yfPCjb11AaSOecbUw26__fMGtGIDXHZHkBJvVDboDjSLzLOAzqDIa7TttO0zNhGIfpdUeL_n1Z_t9tSW13ChGf2L3576kRhNs9rv59qX6I8VeisnBQ-ylhiayKs9iiyidW2JCsnRapo17mj_p-Jf8JDGcMikeAIgSSQ_L4p4i55ikPoezaXgNTaLTAUMoCLAPczseWXKvqUJuzx2prQ2KlcGRUjdbIFCD3l9RQ&sai=AMfl-YSRD4IGrGFCdZAYLfQV5ilk41MDETsDTUO9KDatR2IFBTJ7JmT1sgEVUmwhO5M06tDD836TgPsO1Df6hu7qxqtm7OofV_6TOHscN2ObqH8Tq2WpTwI17wGqIIOo8Gk&sig=Cg0ArKJSzDSGpZO1QIrnEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 20:05:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 632C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:04:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7113
x-xss-protection
0
server
cafe
etag
11066897925667386271
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 May 2021 20:04:46 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 632C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 May 2021 20:04:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 632C 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:05:44 GMT
l
www.google.com/ads/measurement/ Frame 632C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNnNiZ_Og_djrhEsqB2ViDXjmnKxEDBK4q5QLKyTnr2YrpZ9V9TVH1mX7zQKU1vXe9Zmuf
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
2063511775913562003
tpc.googlesyndication.com/simgad/ Frame 632C 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2063511775913562003
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef82780db9c1504ff3b0cc407b6ba0121b39a2bd91bc6141e9ce7dc4949b9731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 17:36:01 GMT
x-content-type-options
nosniff
age
181783
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58753
x-xss-protection
0
last-modified
Thu, 15 Apr 2021 17:30:38 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Apr 2022 17:36:01 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423639646658"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:05:44 GMT
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.108.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sat, 17 Apr 2021 20:05:45 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
p
tr.snapchat.com/ Frame 389B 		0
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
442
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.latimes.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.latimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://www.latimes.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

server
nginx/1.17.3
date
Sat, 17 Apr 2021 20:05:44 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBiQ0AMQgDsImQWohyyTinPlMwfG1Y12VGelXgg+OnMlQnucZm+nZPTlE20OMBzuLh8zIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=latimes.com&host=www.latimes.com&success=1
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 888B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.latimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 17 Apr 2021 20:05:43 GMT
expires
Sun, 17 Apr 2022 20:05:43 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.108.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sat, 17 Apr 2021 20:05:45 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Server
18.157.108.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.latimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 17 Apr 2021 20:05:44 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame C136 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202104121324/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
96233
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 16 Apr 2021 17:21:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 17:21:52 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame C136 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202104121324/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
96232
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Fri, 16 Apr 2021 17:21:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 17:21:53 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame C136 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202104121324/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
96232
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Fri, 16 Apr 2021 17:21:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 17:21:53 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame C136 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202104121324/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
96232
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Fri, 16 Apr 2021 17:21:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 17:21:53 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame C136 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202104121324/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
96232
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Fri, 16 Apr 2021 17:21:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 17:21:53 GMT
truncated
/ Frame C136 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce19ac98719e97db5c6aed20ae1cde9aa36d3488791b4741d20857c14d1b0f2e

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
7003449811473993211
tpc.googlesyndication.com/simgad/ Frame C136 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7003449811473993211?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkyvZw_AH2kFmYAJJqlBRBnZ-b3zQ
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faac2de7e1650bdd305063be534554ad6fe7061872597b7e100e7436ff172f1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 20:41:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Apr 2021 19:50:19 GMT
server
sffe
age
343484
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49976
x-xss-protection
0
expires
Wed, 13 Apr 2022 20:41:00 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C136 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
19730
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 18 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C136 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
78519
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 17 Apr 2021 22:17:05 GMT
l
www.google.com/ads/measurement/ Frame C136 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlQyIyhk3-KQGR3Gope_mOpRDXosNcPgl0zQAWLuTYWhil3UeVvPEq1hRErXXvS_E5uBsm
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C136 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CHcXWlz97YI_CKsqNjuwPyd2q0A7uv-iZYqjW5KKlDfTdqq6mIxABIK_AtnBglQKgAYaq1MwDyAEC4AIAqAMByAMIqgTQA0_QDk957TtT0ODJ4kFmTRhC5_A1FJzhBltu0rIvK9WZqD0LgAOWcQRpqGocOmUXshBIR8c569xLUEuOtVlRAb_yUOvqoARF_a80Epxe1J7lv9mQBfCCL33SWQ9u-Uf7QrVWoYnhR2qZXaiDE-teQnQqSqObVpZmMtU1g4QzRof7HFvkBtKLWC7t514bxQfKQT6ygzFq9ow0YJnB-6l2pbv2AtqOLRRewtktksACEqjllZw7o_Ixf0z_pBIXAxuhRz1FteRM-wGgq_7IBU5iNEhoLgrdCD8rGH_c8Ih0hjI4ZTCOafVFg0Dh8E9JTw3J_AogvcN_63jxs2QB4ZH5SJ9BORMZ8u9wj1ibFFhCegp5NSnTjMJ9PgFRX9l3wLvvs37lou46wEF_PnuQh2gNMlysastl_ldi5jSbUSSCbEp_7gb7ULlS7k8EXWzCLpOGsYL1eJEJxYhqWdJagH2QNj9RlJ3GgA9HyItS37SQrVjdqOV5OaE4eudssu3WXORiiE9WQl9LEbXgyqlm0P7xw8Ceq31RwsYJaYxfZ48aoT8fjifQKNUAFcQhjVt184ZQkgsKatR19FRnzPVug8hlCw8vli8uP36dywFDHmgKu3HGwASmnKTDtQPgBAGSBQQIBBgBkgUECAUYBKAGAoAH19LPZ6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDj2RnSCAkIgOGAUBABGB2ACgPICwHYEw2yFxoKGAgAEhRwdWItMTQwOTQzNzg4ODc4MTUxOA&sigh=bWB6HvNFa_s
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.108.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sat, 17 Apr 2021 20:05:45 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Server
18.157.108.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.latimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 17 Apr 2021 20:05:45 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
/
ct.pinterest.com/md/ 		0
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/md/
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:45 GMT
referrer-policy
origin
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
4
x-pinterest-rid
1227637641325430
expires
Sat, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.latimes.com
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 20:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.latimes.com
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 20:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2207639593809262&correlator=3789742265505689&output=ldjh&impl=fifs&hxva=1&scor=4274947159630993&eid=31060690%2C21064368&vrg=2021041301&ptt=17&us_privacy=1YNY&sc=1&sfv=1-0-38&ecs=20210417&iu_parts=21787098806%2Cweb.latimes%2Copinion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=5x1&prev_scp=instart%3Dfalse%26r_round%3D0&eri=1&cust_params=slug%3Ddonald-trump-election-fraud-lies-psychology%26slugwords%3Ddonald%252Ctrump%252Celection%252Cfraud%252Clies%252Cpsychology%26topictags%3Dop-ed%26pagetype%3Dstory%26design%3Dbs%26epvid%3D701261005236508709%26screensize%3Dmedium%26rb_sync%3D1%26rb_creative%3D4&cookie=ID%3D9c3f1d78875c993c-2256ba1027bb0028%3AT%3D1618689943%3AS%3DALNI_MauoJ0Uo_lojRuorNcjdrWIiY5HYQ&bc=31&abxe=1&lmt=1618689945&dt=1618689945156&dlt=1618689939959&idt=1700&frm=20&biw=1600&bih=1200&oid=3&adxs=305&adys=1811&adks=1293971994&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&vis=1&dmc=8&scr_x=0&scr_y=0&psz=680x1&msz=680x1&psts=AGkb-H_iijXoMGDso6p_Hd8jHI9duF_nZQskZABvgHjkgqoZK9OKfkWrQ-Fw2Qztx8iXlqz29NDNzxsjK4FE416ai61ty3mNmwNodm-_tZM&ga_vid=2029193101.1618689944&ga_sid=1618689944&ga_hid=1169130723&ga_fc=false&fws=4&ohw=680&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
2f3586a63eb6c67c7ef87bf9cb57329beb0369475d0fc358929a5bce3ec59435
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4894
x-xss-protection
0
google-lineitem-id
5203186527
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138326990363
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.latimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56259971&Ver=2&mid=a50db2d0-f3dd-432f-879f-dfdc0679b66c&sid=4b6012509fb811ebbbe571491a84f23b&vid=4b6087209fb811ebad3a81472b365c12&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Why%20so%20many%20people%20want%20to%20believe%20Biden%20stole%20the%20election%20-%20Los%20Angeles%20Times&p=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&r=&lt=1797&evt=pageLoad&msclkid=N&sv=1&rn=165480
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 17 Apr 2021 20:05:44 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 8499CC328A3B4F70934C7A1313258F85 Ref B: FRAEDGE1320 Ref C: 2021-04-17T20:05:45Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
3005
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:15:40 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1582
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:39:23 GMT
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary8c7JBOMhJkFKpsQw

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Sat, 17 Apr 2021 20:05:45 GMT
content-type
text/plain
access-control-allow-origin
https://www.latimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
view
securepubads.g.doubleclick.net/pcs/ Frame 632C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvujF2YAe5bV0RtXFHClhHk4MOHKKWQZLZSTaaSbVsQ7ucKFZabi2tHsSS7w6Rjp7LW577sKVO0ac7-gFwNVddQBSVYxfq48dUi7saHkR8D4NYHvIjv7uOXO5-bqXleUYFC1B7Sur5_Fs8uuaStn-ZIq_SniCq6QC6O2Kb4tXGhGmkzepdk7J9D7qGjCkSZ4rXrZ5blM92x_sar7lq_KWfSYq3IrweAm0TFud3dbsOrM4ZxNvoKxsqGCTyvxVN_808yoTCErl9wdNdw2V581uNtChUncs6v9w3baDqBW2xooYb09NPujE7TcpII4g&sai=AMfl-YQ4g8nYaBydhynGS5XM9tCOnmSnhuHCh1-F18dUIFoug3VaNfbvLLu6e1QvZBN6sTdi6c6_vqHN4QgKAzwiya5DQo6qdXmGl_ji6UoAg5wqq6OojtUYbOONAyI4Y0s&sig=Cg0ArKJSzB0rDoqAXxyYEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 20:05:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 17 Apr 2021 20:05:45 GMT
truncated
/ Frame 632C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1dcb416fb164490c44006b6ebe496378e233ca5dc0e02db0c032db5a79475cb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTY1OTQwMzc1MiIsImVidXkiOiIyODM5MDA4ODY2IiwiZWFkdiI6IjQ3NjQzMTQ1NDEiLCJlY2lkIjoiMTM4MzQ2OTQ0ODI5IiwiZWVudiI6ImoiLCJlcGlkIjoiMjE4MTg2NzgyOTYiLCJlc2lkIjoiMjE3ODYwOTg4MTIifQ&tv=js-3.0.123&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=9&tvcfg=all&tid=d8b8ddb6-1bbb-49c3-a7aa-3bcf5d4c61ee&pid=6c56e1d4-81e3-49e4-9b10-dc03c9fc3f4c&dtm=1618689945483&qnm=_matherq&visible=1&tabid=ffc08fe9-257b-410d-bca6-bebe2c3ddb73&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&vp=1600x1200&ds=1600x7427&tofa=1618689944&vid=1&lvidt=1618689944&duid=befb4afc5a42ca7d&fp=1072425006&cid=ma12767&mrk=212934200
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.95.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-95-93.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:45 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame A80D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8Nl-0Wa2RdFSig9IhjT4bKmZQ6Xva-PhgqojP8yjUHPvJU3t_RfwSWfEXNz_bgx8ldSJOr0IFqVGC9v6NyW4h5pQgMpXzmhjTSi3ysWSvj-tIrask3yQeMeSQdRLwRf2JEe3_OXyisD-tAsxti81zVmSWOvBh_oG_p4dj-8iDCtVk7mt5id5LE6SiVEPVEI5zy-u2gJfmUv2JKqRjqGT-ciTPoDgGEYetNwJKpWa-Qx7ChLSExw0PsS8OL1xUPIOz_UYYowLND5NONkVJxH3WAB95dm84YdZAGWNfobtrS3n7YNdefsKbc09IC5o&sig=Cg0ArKJSzCZdebm6m51GEAE&urlfix=1&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 20:05:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tag
a.teads.tv/page/121801/ Frame A80D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/121801/tag
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.68.8 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
f7de41505f538a780e622b29b7b8a837d9fd168b430a629b33fc90c87961f89e

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:46 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
967
expires
Sat, 17 Apr 2021 21:05:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A80D 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:05:45 GMT
/
www.google.com/pagead/1p-user-list/1009384521/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1009384521/?random=1618689944602&cv=9&fst=1618689600000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&tiba=Why%20so%20many%20people%20want%20to%20believe%20Biden%20stole%20the%20election%20-%20Los%20Angeles%20Times&async=1&fmt=3&is_vtc=1&random=2827718993&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1009384521/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1009384521/?random=1618689944602&cv=9&fst=1618689600000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&tiba=Why%20so%20many%20people%20want%20to%20believe%20Biden%20stole%20the%20election%20-%20Los%20Angeles%20Times&async=1&fmt=3&is_vtc=1&random=2827718993&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 7D39 		1 KB
751 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-vmg_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-vmg_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
82206394f3ff0aeeaaddb4467236f73f00665ea883df27cc1e0e95ce91a7e738

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-vmg_3lift&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A4-Wad0faUEvrmVuEuwxLxQ; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_rbd_n-vmg_3lift&dcc=t

Response headers

Server
Server
Date
Sat, 17 Apr 2021 20:05:46 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
390
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 632C 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
d216b8da34933ed1ba140eccb7345ec388e9200b635dec8dd917e21834f35c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:58:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20914
x-xss-protection
0
server
cafe
etag
9171160076714409937
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 17 Apr 2021 20:58:17 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F553 		478 B
251 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYiKbFlQEwAQ&v=APEucNVG2_iBPy0yhDyJs_LtDM_HctBEK1RbSA5XDTSYGyQvc5mnqRqclt9DFITDNAG3yxM6LIeh7ea5VOylVbAD3xR9qjkzDfupIlfhhJS8ln2eu42nTRMXM7PpTRgqToyBC7j6z1m5MQrCKyNqdoqvNMYottQwF6w1sip0d70EH1Sh_8WhWbkJ4H1QxuXYDTaFZWb4hHT5dRo0OibLpHeY_Xk7GQn2-Q
Requested by
Host: a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com
URL: https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsYiKbFlQEwAQ&v=APEucNVG2_iBPy0yhDyJs_LtDM_HctBEK1RbSA5XDTSYGyQvc5mnqRqclt9DFITDNAG3yxM6LIeh7ea5VOylVbAD3xR9qjkzDfupIlfhhJS8ln2eu42nTRMXM7PpTRgqToyBC7j6z1m5MQrCKyNqdoqvNMYottQwF6w1sip0d70EH1Sh_8WhWbkJ4H1QxuXYDTaFZWb4hHT5dRo0OibLpHeY_Xk7GQn2-Q
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlfX2dWZucL_6N1dGlcXGkzOObRjNCoLl7_R75Rfm2TVkxCITEC95YY4IUn
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 17 Apr 2021 20:05:46 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 888B 		23 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVVbJ2lFFvETcayTKhsWLwTJwrwxiqJBEFsgLS6a23UAF7wZMO7FjVdBtUkeLDVWiwPdTPvvShD1wovFUm7540nUtS0zRtIwf82_pjzhLorNT83yzsA6WJfKlVnwZxRVHQ56_B6vKFlNPyETqmb1UnCNf9uA&cry=1&dbm_d=AKAmf-CYJ-dtqGAh8OCH8l4s3JPMwmeVDJhFQRHNsLQ7YkUb5kUB7J3VrNDxflstzN5OHao3XQwrQ6wAbDYs97P1Xa-OKnCf6G_7RagDMtNGGbjdzBJWoWCkBF3tunnKq7SwlaJd_Uv73POo0YLIWIGjQsR9Si_jnCFLS3oxsPPUgev1Bjbk_-4CRg8kR_0SJvkba41OF1J-uqnG7_zaCWP8n9iLh8KnRVI0mhMBSgJhKv3QSCiNa6R-siebatizc0My1IsSopi5dGQsO6kk8e6ual4VUAQuxE19x97kj7HXo9wi7xS0BY1GpxauzihcHB3vEVoNq9gu5qrT2hDeDT8TxGt76Ofe1eCIJnFXBOGU4_qJWfWs6FCNjWnnezS4rOdNu67Z_He0AvwKIJu5gYdt7OBqDMl-WH8-WdksSW4jbRnpB3Yo3SDEtGipLVbBDkOoUOURxG2RjJRlxNzFuq0OsDRWElg_p_w6OWxUzysoGpd0kAPYlQSs6DH0WW3-ZNW5oIhVhOfptNYqfHMZx6Jyzb-NOVz_n6WasWDmZdxIIIyH_HVjNibE2ZspORqa4Wk7Gp8rucYLhEZ4u4_aDjfD5ivNQ9PUS5pDt8ivjHlCOyRWFyJKdPPs_nb2S4T0NHuBcLUjYq22OOTNf33gJO31g8nxPwdOk7CHS98ezxHnaNxnh2sUP0wM_dmEkXb9PLTFL0AcnHjo-bkEUxbwPLTvvHTpS_jm7sSq9HOqUa6HH19zIvjZ10ziI8cREO2mgXMdnILlqVtLMeh_oxofeq6znoEfzfYh9xzTqERdQwu6lBWvqrTuSPRBplQDSD59dNWDTekX0dDi-BYDPaj9DSXK8MnDMsmAHOcuawQ19t9OKRfclNErU1wd8hPaSsA1e5z5HBYoxFUDldATbz-1jDlZJaO5spQE0n7tkrURfRhapaN6yIvs-uSbq_13tuPyK5sQNWTNvmomyaQLus_5HYnEj8keaBF7ddV671Ojcq8mhkFECmB4ry6i48tphmecsP4ajaG665o_OyLyQpuBHzfDwdXq1oNX5juiUfPqvh4cyIMctX9il-L--2K3F_GPjk4o-7UU2FjMxWnFi1cd76uwf57pyiIi2dGGbToy7GLR_-_crkfTF3ikIGairg53bcZ8TKXYIXwOkI1_p_RRruoJoV2MBGgxK9IDbQnEtbhlhZEOMa8StO4WsPReeL4YnEWGk1Wh7z3isF680L_ujPbX8PWkbTo8ZOvpEekdbXPZU3hdVXhr65E5bRAu-LmsGyjIvSZxTbYbePkHWgR_J0pAF4cxR6ayrFdGTqpwzn9-wKTdsxboN7REcV5qv_QcDG7G9i1Hbq61For08eXxiIhw2wjwdyWaxBGic2mXIHSFBonyAweuYzB1r_amL24GYDg-arA0DDxgl_M_cACBOmytmMVHt73d4rZwH7gqFmggwe22cD4g7M56mkq5hlLpk65egBJubPlTt07cweVARelBPcoRmhcCqOxadMIjce9lhPPzLwoikwGlp4ysZs7uNhzLL-lyqpBJM5WC8wr3RmjXcEAfhqtUVU2LzI_Ig03jgyPZOsRqtUOgJ3a3vThwGWhaM7t7mrMNMFe80Na0udHEh7_StvW8BDF5EFBLGXHfUh87DgxjG1T_6J45SB7YFpY1QNi9IIurXX5M9pkTmm2YZB-rfnIiz7t1D7lDNp04je7yVlFRPfem_PvoGSUD36mdkm4TY-qbXU1s-7kP7qsB9wCpOq2gSK0JCYoBgWnrBzq6bD9mDZCvBP-z2XGMruJIK3xOya6IjoNrGlfrrSVp0-2akdnllm7FegkMT_SY_o_BTjeHbECoDLua7KTwg7vA7gdNvi0m1VwStY5xXm1OuRItrGaV4ZR1T6pk3NL7ZupY8rnZ6xPpvNwZuxWzyGPvQLOt8ee_y80kGBrFbm2cKKEYCfnD1ieICYsAlMeWZudjpqjJ3sYaM3tvfqfJlsamRz3HB7ep69HH0Re67a-WGVUOS8B-1mugv0UxFm5VKd4D17JMYY_1GV_zKRkcl-NSPbLwuHpjjdKNSZOe_ECY0N7wsVZJ64hpIoOpG_0hTbn4vx6MqpIEWdFuNydyYCIdRTKSv4N4bqc7xRC8XM8fLmeQaIYFwxRNkQc-uTzfh-0EohE1ImMTmbz8apL95BZsd4QE0wOG8dWVy1zztFEHhC1lDLxdt_vuTie-W3AE8lEVDE7GBncQZNLxTpFx2q6HY3DHX7ELBGiT8dN0Co2eANFdLNGCkuAWDr4n3gb1QF5iggqtVW858TkUSxZ64ZJHqLrNIimxuK8T6t8ShxIwY8HEtkpEeNU4aRN5AkJqrWOYL4s_pQDy9turHlhimD3ELz-P3V4Zl2lg9mMfvBCnwqTrv3vrfJOzWRKMtWG1Hk4QSO7dR60CTvaJ_j8b39vLUKno8S-EizQDxnHxYPZoMAxVHtDWKT6h9nuE-wbLUpTHkZh9cuSX6cx8cjFEkDH9G4e1Xf4NYJDeHeVit6fzZXmtZFNrhUeL9zOFX7jkBOyVe93CP9oEPCOSZnjIpqjRCiwxuY9f3yct8uiyOaZWDDrH_AQXFixSWkrmcnJfDk-bPw8zO1SiB2BV73OLtJhBZKMYr9p33ouy2-ZNvXfu_wjutnjOHI0c3jWo3a8GKd5zwqVXOPm-XjdWjzHzuXX3zOmDJDMALVa7WbjqgJ1V-pr2MnykhqAdFBIuEwANe1P4dk6lAm_4Mt7Ph4HP_MzFFqa9Wax_cJcSSTaCMhJneJAB8Vc5kCSnBdZmBsF1TFM-7Q6tCQWekKAdQHawc-l9araiiW6FVvT2IM4NBMYWyscBvr5RCZTws9I2LX3U2Wv_UF2QiknbXHagS6Vi5vUh_MqlhmYwcBTXw8bnRYqGDy-6MyKwMtZHpwyp3TnXFZ3K4dWXQRihfy_0h8r08jPurZNZgdQTL_WE1Q4IrIh7XFZp_yW7vdBhQAhMQzep2DY5nu_Q4U5Kl3N_2hqqQE2eA9lsPxrXqAZDaynzenLGc31jJ8_wQF2U-9NZgKOwuCJwrebGWckDuuCN353oeiIbC24PiDqliiRPZ4hpwf2yIht0hMbUn4jgkzI08IbFE7Pa391AHvcDKqIS3Z9XbPqY4vSZa4ScnjuYpC8upmxeewjlZ3KX6wYkL2R3pCxkMwfSDRhRCH80nFiqNN_8Yz5PsB2B8MoEH8dG9v_iuIE-0I03citHFUEYmUqJRL3lRPsUYTxcLfRCfp8Cf68m7P5RhXCJufTwDNLp7T_pFsv93oivN8kurkACwbQMpqFX48DZDoKQYJZKVBHWrBNP0w4rd3JyMSr2WY7NrZC3mTu_vBDKgHsCW7Jsw3Umibl54VtC-0iWEC2FyJ4nCSbTtfeGm9dTwIYkC5XCd2M-d-wPGCyYE7fmcHjcOjwMVVu8pERh0OUONYwcSjBVFfLNiSiU6YSQk3cpbK1_3EDWE5aAv9R9_YNj_gZvZA7pqs1bWTKk0XAL1eagNgen0gY4vnsaNrt8VAsj&cid=CAASPeRo1teYwc7LVcafzwDx4hcHvj5BUtBgW8jT2j5s1_3rf32Kk5Z0SpL7ecOjYkrMwc7V5nY_bwmjum_QR6E&rfl=1%2Chttps%253A%252F%252Fwww.latimes.com%252F%240
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39a718e0eff2189a108e599e5611d137a3a0475257f1570f8b552d01f3c4a2f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11495
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 888B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cu1DQF9r_C5If_SuuYQ-bPpy3bnPADybNGTahchccUCErAvbuDRKHZs3dRt3Fysie9e-I4HSIaGcHb0ZUWbGo0Ov8aSqnVwEF-o4HZoY2Y3DM2FHc
Requested by
Host: a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com
URL: https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 888B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js
Requested by
Host: a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com
URL: https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 May 2021 20:04:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 888B 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com
URL: https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:05:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 888B 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com
URL: https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:03:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 May 2021 20:03:43 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-40841508-1&cid=2029193101.1618689944&jid=1294861163&gjid=427385484&_gid=1015605569.1618689945&_u=aChAiEIrBAAAAE~&z=1371065867
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 17 Apr 2021 20:05:46 GMT
content-type
text/plain
access-control-allow-origin
https://www.latimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=1169130723&t=pageview&cu=USD&_s=1&dl=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2anqtz-9oeyf42yfltrvsx8er8fbbnulqabllqhqt2qatfwbm7kafufr5hn9l-o2dtt7x6oqtr22ynj4-4yqh5h7snopom2_gtfbtygfpebwjrn94670r7mu&dp=%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2anqtz-9oeyf42yfltrvsx8er8fbbnulqabllqhqt2qatfwbm7kafufr5hn9l-o2dtt7x6oqtr22ynj4-4yqh5h7snopom2_gtfbtygfpebwjrn94670r7mu&dh=www.latimes.com&ul=en-us&de=UTF-8&dt=Why%20so%20many%20people%20want%20to%20believe%20Biden%20stole%20the%20election%20%20Los%20Angeles%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAiEIrB~&jid=1294861163&gjid=427385484&cid=2029193101.1618689944&uid=&tid=UA-40841508-1&_gid=1015605569.1618689945&cd2=opinion&cd4=lat%3Aopinion%3Adonald-trump-election-fraud-lies-psychology%3Astory.&cd5=22&cd6=story&cd8=story&cd9=donald-trump-election-fraud-lies-psychology&cd97=&cd102=&cd37=&cd38=&cd103=&cd98=&cd124=&cd95=&cd96=signed-out&cd127=&cd111=&cd14=84.17.53.159&cd42=0-99&cd43=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd19=00000176-2e83-daf9-affe-6fcf0dda0000&cd13=Aaron%20C.%20Kay%20and%20Mark%20J.%20Landau&cd34=OpEd&cd15=12-06-2020%2004%3A00&cd16=&cd119=&cd29=&cd17=latimes&cd18=latimes&cd20=&cd7=&cd11=&cd10=&cd21=&cd22=(Los%20Angeles%20Times)&cd33=%20&cd32=&cd53=&cd49=&cd50=&cd51=&cd52=&cd54=&cd69=&cd44=%3E1224&cd128=&cd129=&cd130=&cd131=&cd24=993&cd23=&cd165=false&cd166=latimes&cd167=701261005236508709&cd168=&cd169=&cd170=&cd171=&cd172=&cd108=&cd173=&cd174=0&cd175=&cd176=&cd177=&z=1425706163
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 05:43:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51744
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
7003449811473993211
tpc.googlesyndication.com/simgad/ Frame C136 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7003449811473993211?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkyvZw_AH2kFmYAJJqlBRBnZ-b3zQ
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faac2de7e1650bdd305063be534554ad6fe7061872597b7e100e7436ff172f1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 20:41:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Apr 2021 19:50:19 GMT
server
sffe
age
343486
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49976
x-xss-protection
0
expires
Wed, 13 Apr 2022 20:41:00 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C136 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
19732
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 18 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C136 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
78521
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 17 Apr 2021 22:17:05 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C136
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sat, 17 Apr 2021 20:05:46 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
1.gif
activate.platform.californiatimes.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activate.platform.californiatimes.com/privacy/v1/b/1.gif?n=2&c=2715&i=8thlsj&p=latimes&s=11869&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNDU1IiwiY2xpZW50SWQiOjI3MTUsInB1Ymxpc2hQYXRoIjoibGF0aW1lcyIsImluc3RhbmNlSWQiOiI4dGhsc2oiLCJwYWNrZXQiOjIsIm1vZGUiOiJlbmZvcmNlWgDyJ29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLMA90hodHRwczovL2Fzc2V0cy5yZXZjb250ZW50LmNvbS9tYXN0ZXIvcmV2LmpzIiwidHlwZSI6InNjcmlwdCIsInN0YXJ0IjoxNjE4Njg5OTQyNjA2LCJlbmQUALAzODIzLCJzb3VyYzwAsGluc2VydEJlZm9ymwBgc3RhdHVzAgExb2FkqwBAYXNvbqoA1F0sImRhdGFQYXR0ZXISAMdsaXN0IjpbXSwiaWRkAG8yNjA2fSzcAE4QN2ABCHgAC9wAMW11dFgBkk9ic2VydmVyQSMBD-EAMx834QAH8QVzYi5zY29yZWNhcmRyZXNlYXJjaMAB32MyLzYwMzY0NjIvY3PDARQ-OTUx5wAvNjLDAU4_OTUx4gAHkXdlYi5jaHRibNcAVnRyYWNrjwIyeGhyaQEJjAI_Mzg4jAIAABQABYwCslhIUl9NQU5BR0VSQQACqgFvYWxsb3dljgInAHoAD8sAURc3lAEPywBiPGV4dJYBT2FibGVpAhUuNDhpAic4ONUADywEQz85NDieAQcP0wAtHznTAAwPIwRIPzk0OdgABw8jBDwdMucAKDk3IwQP5wBJLzUy5wAH8TRudHZjbGQtYS5ha2FtYWloZC5uZXQvaW1hZ2UvdXBsb2FkL3dfNjAwLGhfMzM4LGNfZmlsbCxnX2F1dG86dGV4dCxmDAADEAf2Fi83NEJFOTAzRjkzMTM0NzBBQTQ3MjIyMEVENEE5NzkzMi5qcGeJBCBpbQ0AG3MVBz4zOTc5Bio5N-kCf25lckhUTUyHBDovOTc0BggxamFkpQbDLnBvc3RyZWxlYXNlXQXwBWsuZ2lmP250dl9hdD00NiwzMDImDgDxGHVpPWQ2ZjNmYTFiLWQ5MmItNDY0My1hNjg3LWZlZmFiZTZkMTM2NywA8QJhPXpKc0dBWDR0TEFHSDhRQRYA8f__AGZsPWs0X2V1SjVXdy1idG40eUdZbjJLZ1A4ZDNBS0oyVWRJYjI0bzNnZlpNRUhIQTJGeENqQjQzTkpuWXJYS3U3QUZ6Mnloa0VqcXh3Y2QtVGFfUkRTdm4zYmJSZkMyOFdIQlYtVGVSMHFEN0dCOHVaZDV5eEhVLUs1bzE4bjNvTW9jWlRwSDNxMnhFZDdtMERnVWdMSkNWUlc0NTJha3RTeTZQdVMzUzNhWEVDZWhBSndwa3BZenB0WWEzVlg1UTBaUHdybXJydnh0SDVBczJ2cEh1cWxiSy1ndGNibUdFbFpnVEpEOG42WFNtcFduT0JjZ0xDRG5WZnEwUE51RDF6YnBYYWdUeVR6TTRPV1lmcWo3Z19wY25GcjBDY2pvQXZfSkttTlRSUW5sclpXYW1DSjdYRVI0cE1TWDlHOW9ad0phTkE2Y1pYMEkzNnFVT0lERmZacHJnT00wYy1tQ05MSzNnZjJaYktIcC1GZWxQUVhkc2V3YmpoM1RPUllNbTRyVXFYaXhiYUtCRHZPM0xoQ09hTnFHSkRDZW5MMFhldEVaa21MQUd5dnJsNGZKZkp0ZXRtMjRCMDZacXhCVFZvYjJoaE9zQXJSX3ExSTlxTzYyT3U0cXdJNmhJdVpVamN4WWVWblBGRFpjbjIwPSZvcmQ9MTk2MDU0NzIxNiZudHZfaHQ9bHo5N1lBQRICUnRhZD0xGgDxZGVuY19wcj0zS09iYjVIQ0RKX1RST2NEMFJfQ0lwcEtVaTlUZXFLXzU2QmtyMjRTV0o1bjR4aURXOEJaNUtRNlZpdVhoV1R1LUc1ZHRYYW1LaTdzcUxGd0pZaFVxdGJfaVFNd2RXbVA1Q1BUWE9BS1dpQT2DABBpygoD2goPwgMFHTmrBkg0MDA0qwbxAW1nX0RPTUF0dHJNb2RpZmlACAXeCg9TCC4vOTm1BgjxA2pzLm1hdGhlcmFuYWx5dGljc8oD9hZzL21hMTI3NjcvMjEyOTM0MjAwL2FsbC9tbC5qcz9jYj0xNTYxvgQP1gsHLTEzEwpINDM5Nf8AD9YLQi8xMxMKCJJhbGIucmVkZGmrDCFycLYENXRzPY4M8GYzNDM2JmlkPXQyXzV3emZrOWFsJmV2ZW50PVBhZ2VWaXNpdCZ1dWlkPTlmMzdjOTk5LWIzYWEtNDMzZi04NTc0LWExMzhiNmI4MTY4NCZhYWlkPSZlbT0maWRmYT0mb3B0X291dD0wJnNoPTE2MDAmc3c9MTIIAPYkPUNoTzBhJTJCeCUyQk04QkduYlY3VktGRVlNemRkQ1VuRzRiZ0VrMVBNc0FvRlJBJTNEhwEPgwIELTQzWwhHNDM5NoQBD3QHRz8zNDNbCAkA9QyBYy5jcml0ZW9wB2Nqcy9sZC_iDsllcnRhZy5wcmViaWQaCg-3CwM9NDUwtwsCFAAPtwtNAGYAD1oIBwDLAx9p5gD_Bw88BAYvMzG4AgAoNTC7DA_mC0IAeAAPzQE_D-cACB41IgYK5wAPnwNILzE1HQYI8QFjb25uZWN0LmZhY2Vib29rogPwHXNpZ25hbHMvY29uZmlnLzYzMjQ1NjgwMDIzNjIzND92PTIuOS4zOSZyPXN00w0GnwQPAwEHLTM0Fgw_NDU1_BFOPzMzNBEMCA_-AFgcMxQNC_4ADwECSD8zNDPtAgeid3d3Lmdvb2dsZfMLMmljZSAIYHBhZ2VhZAQCA8MUaV9hc3luY6UFD-8BCB44FQgQNikIBagFD9kDQy8zOBUICA_sAEUfOewADQ_dAUkfOfEACAJYB-AtYS5ydWJpY29ucHJvau4DAL4VAewIBroDD3AHBB833AAAARQABcgBD1wSRC80N9kAYQimEA_ZAKQuODhrBCg4OI4MD9kARS84OGgECA-LAi8BxQAZZT4YETQUAA-LAk4_ODg0QQUHD9kALj01MDCyAQIUAA_ZAE0AZgAP2QBfCBoOD4sCRA_ZAAsPBxSBIDQwDAkK3gIgNTHLAwUFAgxFBhlDEBQAvhQPIhsmAH4ADwkCBw8NFP___xxMNDA1NOoLODUxOVgIDMgDDwgeNwB9AA_HAweBYmF0LmJpbmf-EwANAA-1HxJNMzk2NdEAEDKdGwWZBA_KC0M_OTY1zABADWwZGjXMAA-dAUc_Mzk2cRkIsXRyLm91dGJyYWluoAH2LGNhY2hlZENsaWNrSWQ_bWFya2V0ZXJJZD0wMGQ5ZDM0MGI1MjI4MmMxOWJkNzljMTdiZWRlOGFlMjZj1AsPnw0HPzQ4MNUBABc5MBSgYXBwZW5kQ2hpbOseAOASD4khL08zNDgw1AEHDwMBXg_YAgEIAwEPDAJILzQ43QIIBqcOGi2zFwYOAA-7AxMQN4UYC1QILzI5dBFPLzcwMAsID94AOA_BAQAJ3gAPwQFILzcwwQEMBVETAGwPN3RyL5YDkmVuZEJlYWNvbtAdCZgiPjUzMtYAARQABW8Fr1NFTkRCRUFDT06fIkEAgQAPpAMHBr0BMHRhZyIeBS8S8AlhY3RpdmV2aWV3L2pzL2N1cnJlbnQvb3PWFwBOGr8lMkZyMjAxMDAxMFYaESA0N_wKC7wCKDc5xw4PdwZCAHgAD_8AcRA4BRcP_wAKD90CRz80ODCqBggGAwILngT7AHBsdWdpbnMvdWEvbGlua9AZD4wGBj01Mjb_DiA2MGcmBfICD-oBQgB4AA_qAREP5gAHH2UNFRQ9NTI5bgcL4gAPzQFHAH0AD-cABwDYB7BzLmcuZG91YmxlY28IAQIY8AxqL2NvbGxlY3Q_dD1kYyZhaXA9MSZfcj0zJnYJAPUYdj1qODkmdGlkPVVBLTQwODQxNTA4LTEmY2lkPTIwMjkxOTMxMDEubB3wAzQmamlkPTEyOTQ4NjExNjMmZxAAwDQyNzM4NTQ4NCZfZx8AljAxNTYwNTU2OTkA9hI1Jl91PWFDaEFpRUlyQkFBQUFFfiZ6PTEzNzEwNjU4NjdXBQ_BFAM9NjE1UAU4NjE1Gh0PhBBEAHoAD3kB6S4yMPUCNzIwMWMKD3kBRS8yMGYKCA-_BBEP2QMXHzfkAAAYMV0CD7sEPcA2ODk5NDUyNzB9XX0
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:46 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sat, 17 Apr 2021 20:05:45 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-40841508-1&cid=2029193101.1618689944&jid=1294861163&_u=aChAiEIrBAAAAE~&z=412380832
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-40841508-1&cid=2029193101.1618689944&jid=1294861163&_u=aChAiEIrBAAAAE~&z=412380832
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 888B 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVVbJ2lFFvETcayTKhsWLwTJwrwxiqJBEFsgLS6a23UAF7wZMO7FjVdBtUkeLDVWiwPdTPvvShD1wovFUm7540nUtS0zRtIwf82_pjzhLorNT83yzsA6WJfKlVnwZxRVHQ56_B6vKFlNPyETqmb1UnCNf9uA&cry=1&dbm_d=AKAmf-CYJ-dtqGAh8OCH8l4s3JPMwmeVDJhFQRHNsLQ7YkUb5kUB7J3VrNDxflstzN5OHao3XQwrQ6wAbDYs97P1Xa-OKnCf6G_7RagDMtNGGbjdzBJWoWCkBF3tunnKq7SwlaJd_Uv73POo0YLIWIGjQsR9Si_jnCFLS3oxsPPUgev1Bjbk_-4CRg8kR_0SJvkba41OF1J-uqnG7_zaCWP8n9iLh8KnRVI0mhMBSgJhKv3QSCiNa6R-siebatizc0My1IsSopi5dGQsO6kk8e6ual4VUAQuxE19x97kj7HXo9wi7xS0BY1GpxauzihcHB3vEVoNq9gu5qrT2hDeDT8TxGt76Ofe1eCIJnFXBOGU4_qJWfWs6FCNjWnnezS4rOdNu67Z_He0AvwKIJu5gYdt7OBqDMl-WH8-WdksSW4jbRnpB3Yo3SDEtGipLVbBDkOoUOURxG2RjJRlxNzFuq0OsDRWElg_p_w6OWxUzysoGpd0kAPYlQSs6DH0WW3-ZNW5oIhVhOfptNYqfHMZx6Jyzb-NOVz_n6WasWDmZdxIIIyH_HVjNibE2ZspORqa4Wk7Gp8rucYLhEZ4u4_aDjfD5ivNQ9PUS5pDt8ivjHlCOyRWFyJKdPPs_nb2S4T0NHuBcLUjYq22OOTNf33gJO31g8nxPwdOk7CHS98ezxHnaNxnh2sUP0wM_dmEkXb9PLTFL0AcnHjo-bkEUxbwPLTvvHTpS_jm7sSq9HOqUa6HH19zIvjZ10ziI8cREO2mgXMdnILlqVtLMeh_oxofeq6znoEfzfYh9xzTqERdQwu6lBWvqrTuSPRBplQDSD59dNWDTekX0dDi-BYDPaj9DSXK8MnDMsmAHOcuawQ19t9OKRfclNErU1wd8hPaSsA1e5z5HBYoxFUDldATbz-1jDlZJaO5spQE0n7tkrURfRhapaN6yIvs-uSbq_13tuPyK5sQNWTNvmomyaQLus_5HYnEj8keaBF7ddV671Ojcq8mhkFECmB4ry6i48tphmecsP4ajaG665o_OyLyQpuBHzfDwdXq1oNX5juiUfPqvh4cyIMctX9il-L--2K3F_GPjk4o-7UU2FjMxWnFi1cd76uwf57pyiIi2dGGbToy7GLR_-_crkfTF3ikIGairg53bcZ8TKXYIXwOkI1_p_RRruoJoV2MBGgxK9IDbQnEtbhlhZEOMa8StO4WsPReeL4YnEWGk1Wh7z3isF680L_ujPbX8PWkbTo8ZOvpEekdbXPZU3hdVXhr65E5bRAu-LmsGyjIvSZxTbYbePkHWgR_J0pAF4cxR6ayrFdGTqpwzn9-wKTdsxboN7REcV5qv_QcDG7G9i1Hbq61For08eXxiIhw2wjwdyWaxBGic2mXIHSFBonyAweuYzB1r_amL24GYDg-arA0DDxgl_M_cACBOmytmMVHt73d4rZwH7gqFmggwe22cD4g7M56mkq5hlLpk65egBJubPlTt07cweVARelBPcoRmhcCqOxadMIjce9lhPPzLwoikwGlp4ysZs7uNhzLL-lyqpBJM5WC8wr3RmjXcEAfhqtUVU2LzI_Ig03jgyPZOsRqtUOgJ3a3vThwGWhaM7t7mrMNMFe80Na0udHEh7_StvW8BDF5EFBLGXHfUh87DgxjG1T_6J45SB7YFpY1QNi9IIurXX5M9pkTmm2YZB-rfnIiz7t1D7lDNp04je7yVlFRPfem_PvoGSUD36mdkm4TY-qbXU1s-7kP7qsB9wCpOq2gSK0JCYoBgWnrBzq6bD9mDZCvBP-z2XGMruJIK3xOya6IjoNrGlfrrSVp0-2akdnllm7FegkMT_SY_o_BTjeHbECoDLua7KTwg7vA7gdNvi0m1VwStY5xXm1OuRItrGaV4ZR1T6pk3NL7ZupY8rnZ6xPpvNwZuxWzyGPvQLOt8ee_y80kGBrFbm2cKKEYCfnD1ieICYsAlMeWZudjpqjJ3sYaM3tvfqfJlsamRz3HB7ep69HH0Re67a-WGVUOS8B-1mugv0UxFm5VKd4D17JMYY_1GV_zKRkcl-NSPbLwuHpjjdKNSZOe_ECY0N7wsVZJ64hpIoOpG_0hTbn4vx6MqpIEWdFuNydyYCIdRTKSv4N4bqc7xRC8XM8fLmeQaIYFwxRNkQc-uTzfh-0EohE1ImMTmbz8apL95BZsd4QE0wOG8dWVy1zztFEHhC1lDLxdt_vuTie-W3AE8lEVDE7GBncQZNLxTpFx2q6HY3DHX7ELBGiT8dN0Co2eANFdLNGCkuAWDr4n3gb1QF5iggqtVW858TkUSxZ64ZJHqLrNIimxuK8T6t8ShxIwY8HEtkpEeNU4aRN5AkJqrWOYL4s_pQDy9turHlhimD3ELz-P3V4Zl2lg9mMfvBCnwqTrv3vrfJOzWRKMtWG1Hk4QSO7dR60CTvaJ_j8b39vLUKno8S-EizQDxnHxYPZoMAxVHtDWKT6h9nuE-wbLUpTHkZh9cuSX6cx8cjFEkDH9G4e1Xf4NYJDeHeVit6fzZXmtZFNrhUeL9zOFX7jkBOyVe93CP9oEPCOSZnjIpqjRCiwxuY9f3yct8uiyOaZWDDrH_AQXFixSWkrmcnJfDk-bPw8zO1SiB2BV73OLtJhBZKMYr9p33ouy2-ZNvXfu_wjutnjOHI0c3jWo3a8GKd5zwqVXOPm-XjdWjzHzuXX3zOmDJDMALVa7WbjqgJ1V-pr2MnykhqAdFBIuEwANe1P4dk6lAm_4Mt7Ph4HP_MzFFqa9Wax_cJcSSTaCMhJneJAB8Vc5kCSnBdZmBsF1TFM-7Q6tCQWekKAdQHawc-l9araiiW6FVvT2IM4NBMYWyscBvr5RCZTws9I2LX3U2Wv_UF2QiknbXHagS6Vi5vUh_MqlhmYwcBTXw8bnRYqGDy-6MyKwMtZHpwyp3TnXFZ3K4dWXQRihfy_0h8r08jPurZNZgdQTL_WE1Q4IrIh7XFZp_yW7vdBhQAhMQzep2DY5nu_Q4U5Kl3N_2hqqQE2eA9lsPxrXqAZDaynzenLGc31jJ8_wQF2U-9NZgKOwuCJwrebGWckDuuCN353oeiIbC24PiDqliiRPZ4hpwf2yIht0hMbUn4jgkzI08IbFE7Pa391AHvcDKqIS3Z9XbPqY4vSZa4ScnjuYpC8upmxeewjlZ3KX6wYkL2R3pCxkMwfSDRhRCH80nFiqNN_8Yz5PsB2B8MoEH8dG9v_iuIE-0I03citHFUEYmUqJRL3lRPsUYTxcLfRCfp8Cf68m7P5RhXCJufTwDNLp7T_pFsv93oivN8kurkACwbQMpqFX48DZDoKQYJZKVBHWrBNP0w4rd3JyMSr2WY7NrZC3mTu_vBDKgHsCW7Jsw3Umibl54VtC-0iWEC2FyJ4nCSbTtfeGm9dTwIYkC5XCd2M-d-wPGCyYE7fmcHjcOjwMVVu8pERh0OUONYwcSjBVFfLNiSiU6YSQk3cpbK1_3EDWE5aAv9R9_YNj_gZvZA7pqs1bWTKk0XAL1eagNgen0gY4vnsaNrt8VAsj&cid=CAASPeRo1teYwc7LVcafzwDx4hcHvj5BUtBgW8jT2j5s1_3rf32Kk5Z0SpL7ecOjYkrMwc7V5nY_bwmjum_QR6E&rfl=1%2Chttps%253A%252F%252Fwww.latimes.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d04fe3e6d57be524334f1688f690be20fb65e09d806c549e1f78aa8d3f7dbae7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8468
x-xss-protection
0
server
cafe
etag
17868783254023373946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 May 2021 20:01:30 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 888B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVVbJ2lFFvETcayTKhsWLwTJwrwxiqJBEFsgLS6a23UAF7wZMO7FjVdBtUkeLDVWiwPdTPvvShD1wovFUm7540nUtS0zRtIwf82_pjzhLorNT83yzsA6WJfKlVnwZxRVHQ56_B6vKFlNPyETqmb1UnCNf9uA&cry=1&dbm_d=AKAmf-CYJ-dtqGAh8OCH8l4s3JPMwmeVDJhFQRHNsLQ7YkUb5kUB7J3VrNDxflstzN5OHao3XQwrQ6wAbDYs97P1Xa-OKnCf6G_7RagDMtNGGbjdzBJWoWCkBF3tunnKq7SwlaJd_Uv73POo0YLIWIGjQsR9Si_jnCFLS3oxsPPUgev1Bjbk_-4CRg8kR_0SJvkba41OF1J-uqnG7_zaCWP8n9iLh8KnRVI0mhMBSgJhKv3QSCiNa6R-siebatizc0My1IsSopi5dGQsO6kk8e6ual4VUAQuxE19x97kj7HXo9wi7xS0BY1GpxauzihcHB3vEVoNq9gu5qrT2hDeDT8TxGt76Ofe1eCIJnFXBOGU4_qJWfWs6FCNjWnnezS4rOdNu67Z_He0AvwKIJu5gYdt7OBqDMl-WH8-WdksSW4jbRnpB3Yo3SDEtGipLVbBDkOoUOURxG2RjJRlxNzFuq0OsDRWElg_p_w6OWxUzysoGpd0kAPYlQSs6DH0WW3-ZNW5oIhVhOfptNYqfHMZx6Jyzb-NOVz_n6WasWDmZdxIIIyH_HVjNibE2ZspORqa4Wk7Gp8rucYLhEZ4u4_aDjfD5ivNQ9PUS5pDt8ivjHlCOyRWFyJKdPPs_nb2S4T0NHuBcLUjYq22OOTNf33gJO31g8nxPwdOk7CHS98ezxHnaNxnh2sUP0wM_dmEkXb9PLTFL0AcnHjo-bkEUxbwPLTvvHTpS_jm7sSq9HOqUa6HH19zIvjZ10ziI8cREO2mgXMdnILlqVtLMeh_oxofeq6znoEfzfYh9xzTqERdQwu6lBWvqrTuSPRBplQDSD59dNWDTekX0dDi-BYDPaj9DSXK8MnDMsmAHOcuawQ19t9OKRfclNErU1wd8hPaSsA1e5z5HBYoxFUDldATbz-1jDlZJaO5spQE0n7tkrURfRhapaN6yIvs-uSbq_13tuPyK5sQNWTNvmomyaQLus_5HYnEj8keaBF7ddV671Ojcq8mhkFECmB4ry6i48tphmecsP4ajaG665o_OyLyQpuBHzfDwdXq1oNX5juiUfPqvh4cyIMctX9il-L--2K3F_GPjk4o-7UU2FjMxWnFi1cd76uwf57pyiIi2dGGbToy7GLR_-_crkfTF3ikIGairg53bcZ8TKXYIXwOkI1_p_RRruoJoV2MBGgxK9IDbQnEtbhlhZEOMa8StO4WsPReeL4YnEWGk1Wh7z3isF680L_ujPbX8PWkbTo8ZOvpEekdbXPZU3hdVXhr65E5bRAu-LmsGyjIvSZxTbYbePkHWgR_J0pAF4cxR6ayrFdGTqpwzn9-wKTdsxboN7REcV5qv_QcDG7G9i1Hbq61For08eXxiIhw2wjwdyWaxBGic2mXIHSFBonyAweuYzB1r_amL24GYDg-arA0DDxgl_M_cACBOmytmMVHt73d4rZwH7gqFmggwe22cD4g7M56mkq5hlLpk65egBJubPlTt07cweVARelBPcoRmhcCqOxadMIjce9lhPPzLwoikwGlp4ysZs7uNhzLL-lyqpBJM5WC8wr3RmjXcEAfhqtUVU2LzI_Ig03jgyPZOsRqtUOgJ3a3vThwGWhaM7t7mrMNMFe80Na0udHEh7_StvW8BDF5EFBLGXHfUh87DgxjG1T_6J45SB7YFpY1QNi9IIurXX5M9pkTmm2YZB-rfnIiz7t1D7lDNp04je7yVlFRPfem_PvoGSUD36mdkm4TY-qbXU1s-7kP7qsB9wCpOq2gSK0JCYoBgWnrBzq6bD9mDZCvBP-z2XGMruJIK3xOya6IjoNrGlfrrSVp0-2akdnllm7FegkMT_SY_o_BTjeHbECoDLua7KTwg7vA7gdNvi0m1VwStY5xXm1OuRItrGaV4ZR1T6pk3NL7ZupY8rnZ6xPpvNwZuxWzyGPvQLOt8ee_y80kGBrFbm2cKKEYCfnD1ieICYsAlMeWZudjpqjJ3sYaM3tvfqfJlsamRz3HB7ep69HH0Re67a-WGVUOS8B-1mugv0UxFm5VKd4D17JMYY_1GV_zKRkcl-NSPbLwuHpjjdKNSZOe_ECY0N7wsVZJ64hpIoOpG_0hTbn4vx6MqpIEWdFuNydyYCIdRTKSv4N4bqc7xRC8XM8fLmeQaIYFwxRNkQc-uTzfh-0EohE1ImMTmbz8apL95BZsd4QE0wOG8dWVy1zztFEHhC1lDLxdt_vuTie-W3AE8lEVDE7GBncQZNLxTpFx2q6HY3DHX7ELBGiT8dN0Co2eANFdLNGCkuAWDr4n3gb1QF5iggqtVW858TkUSxZ64ZJHqLrNIimxuK8T6t8ShxIwY8HEtkpEeNU4aRN5AkJqrWOYL4s_pQDy9turHlhimD3ELz-P3V4Zl2lg9mMfvBCnwqTrv3vrfJOzWRKMtWG1Hk4QSO7dR60CTvaJ_j8b39vLUKno8S-EizQDxnHxYPZoMAxVHtDWKT6h9nuE-wbLUpTHkZh9cuSX6cx8cjFEkDH9G4e1Xf4NYJDeHeVit6fzZXmtZFNrhUeL9zOFX7jkBOyVe93CP9oEPCOSZnjIpqjRCiwxuY9f3yct8uiyOaZWDDrH_AQXFixSWkrmcnJfDk-bPw8zO1SiB2BV73OLtJhBZKMYr9p33ouy2-ZNvXfu_wjutnjOHI0c3jWo3a8GKd5zwqVXOPm-XjdWjzHzuXX3zOmDJDMALVa7WbjqgJ1V-pr2MnykhqAdFBIuEwANe1P4dk6lAm_4Mt7Ph4HP_MzFFqa9Wax_cJcSSTaCMhJneJAB8Vc5kCSnBdZmBsF1TFM-7Q6tCQWekKAdQHawc-l9araiiW6FVvT2IM4NBMYWyscBvr5RCZTws9I2LX3U2Wv_UF2QiknbXHagS6Vi5vUh_MqlhmYwcBTXw8bnRYqGDy-6MyKwMtZHpwyp3TnXFZ3K4dWXQRihfy_0h8r08jPurZNZgdQTL_WE1Q4IrIh7XFZp_yW7vdBhQAhMQzep2DY5nu_Q4U5Kl3N_2hqqQE2eA9lsPxrXqAZDaynzenLGc31jJ8_wQF2U-9NZgKOwuCJwrebGWckDuuCN353oeiIbC24PiDqliiRPZ4hpwf2yIht0hMbUn4jgkzI08IbFE7Pa391AHvcDKqIS3Z9XbPqY4vSZa4ScnjuYpC8upmxeewjlZ3KX6wYkL2R3pCxkMwfSDRhRCH80nFiqNN_8Yz5PsB2B8MoEH8dG9v_iuIE-0I03citHFUEYmUqJRL3lRPsUYTxcLfRCfp8Cf68m7P5RhXCJufTwDNLp7T_pFsv93oivN8kurkACwbQMpqFX48DZDoKQYJZKVBHWrBNP0w4rd3JyMSr2WY7NrZC3mTu_vBDKgHsCW7Jsw3Umibl54VtC-0iWEC2FyJ4nCSbTtfeGm9dTwIYkC5XCd2M-d-wPGCyYE7fmcHjcOjwMVVu8pERh0OUONYwcSjBVFfLNiSiU6YSQk3cpbK1_3EDWE5aAv9R9_YNj_gZvZA7pqs1bWTKk0XAL1eagNgen0gY4vnsaNrt8VAsj&cid=CAASPeRo1teYwc7LVcafzwDx4hcHvj5BUtBgW8jT2j5s1_3rf32Kk5Z0SpL7ecOjYkrMwc7V5nY_bwmjum_QR6E&rfl=1%2Chttps%253A%252F%252Fwww.latimes.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 15:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18004
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Apr 2022 15:05:42 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTIwMzE4NjUyNyIsImVidXkiOiIyNTY3OTQ4MDc3IiwiZWFkdiI6IjQ3NDI4MjcxMzMiLCJlY2lkIjoiMTM4MzI2OTkwMzYzIiwiZWVudiI6ImoiLCJlcGlkIjoiMjE4MTg2NzgyOTYiLCJlc2lkIjoiMjE3ODYwOTg4MTIifQ&tv=js-3.0.123&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=9&tvcfg=all&tid=e7ca294c-0697-4b13-94f0-b8cabd39f1c5&pid=6c56e1d4-81e3-49e4-9b10-dc03c9fc3f4c&dtm=1618689946811&qnm=_matherq&visible=1&tabid=ffc08fe9-257b-410d-bca6-bebe2c3ddb73&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&vp=1600x1200&ds=1600x7457&tofa=1618689944&vid=1&lvidt=1618689944&duid=befb4afc5a42ca7d&fp=1072425006&cid=ma12767&mrk=212934200
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.95.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-95-93.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:46 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
truncated
/ Frame A80D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3132301dc592e8da70bf9610f82402f8454566e2d5a7d4692d667d3072e966a7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
teads-format.min.js
s8t.teads.tv/media/format/v3/ 		604 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:181::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
415e3ca720eababe99d9ce11bf8b3b7b3db36edaa56a3802865bb817d237032f

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:46 GMT
content-encoding
br
vary
Accept-Encoding
x-amz-request-id
1RTMW5MGEYY3ZGBQ
content-length
134374
x-amz-id-2
Jev9yM844L/YBHT4I3IauOgUTzjKtm5aUD0LMAuQ/evCkf1xkeH3+slYEhYQbWG0xDcffOrBXY8=
last-modified
Fri, 16 Apr 2021 13:09:53 GMT
etag
"158fbe165689175115ed17ca233efe8b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials
false
x-bucket
8
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 17 Apr 2021 20:35:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A80D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjeQ5093q89q7tYatIWNOnEiP79OaQTKZYQIDYWNhkvL99f5p3p91hAkgitZR-HkPQFGMtVEc7uDrii0Mv-uPDRr4SiWxPOHtuPztJOLmTV8d1U7oVU0gVX8V8J2wBzXolJ7B23wE6ekgiAVALhjRDwgQdrIF15sPw-84aZQT6Equ3Avr5ZoVXKiCT252_1sdu46LwcPTFyMgVBaRT2N4HVJl_rkU3EgUWF1ZZGdCaKk4uWwiJdEoXaX0Aav0YVmRRY80esCSvZgzwkz-OoOKJSm0rtPFLM0TUk6rOgY-xvAr-uhQ4NlA9JflmvTxgnA&sig=Cg0ArKJSzAkm7ZQ48g9XEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 20:05:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 17 Apr 2021 20:05:46 GMT
csi
csi.gstatic.com/ Frame 632C 		0
331 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~knm678jo&ctx=2&qqid=CK3q4_iJhvACFQK8dwodwRsPwQ&met.4=fb.y~lb.lf~ol.s3~idt.i1~dt.-t7&met.3=739.ll~736.lo~738.s3~735.s4_1~734.un_1~740.vk_1~740.vl~740.vl~740.vl~740.15u~734.19w~740.1fi~740.1in~113.1oq_5~112.1oc_j~740.1pk&met.1=1.knm676vb~14.1~15.0~16.1~17.1~18.1~19.1~20.s3~21.s4~22.dc~23.dc&met.7=CCIQBBgBICUoJTB-OFloJnB-eBewAQG4AQM~CBwQChgBIC4oLjA2OAhoL3A1eOQ3gAHJN4gB7YkBsAEBuAED~CBwQChgBIC8oLzA4OAhoMHA2eLIKgAGXCogB0ROwAQG4AQM~CCoQChgBIDAoMDBFOBU~CBsQBhgBIDEoMTBDOBI~CBcQBhgBIDMoMzBEOBFoNHA7eKHLA4ABgcsDiAGBywOwAQG4AQM~CCIQBBgBIOcFKOcFMIkHOKEBQO0FSO0FUO0FWK0GYO0FaK0GcIQHeBmwAQG4AQM~CCgQChgBIOgIKOgIMK4JOEZo7AhwoAl4zqMBgAGyowGIAcevA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:48 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F553 		170 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYiKbFlQEwAQ&v=APEucNVG2_iBPy0yhDyJs_LtDM_HctBEK1RbSA5XDTSYGyQvc5mnqRqclt9DFITDNAG3yxM6LIeh7ea5VOylVbAD3xR9qjkzDfupIlfhhJS8ln2eu42nTRMXM7PpTRgqToyBC7j6z1m5MQrCKyNqdoqvNMYottQwF6w1sip0d70EH1Sh_8WhWbkJ4H1QxuXYDTaFZWb4hHT5dRo0OibLpHeY_Xk7GQn2-Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F553
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jyYZjW-IoHIBBj-n-Zxg&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jyYZjW-IoHIBBj-n-Zxg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYiKbFlQEwAQ&v=APEucNVG2_iBPy0yhDyJs_LtDM_HctBEK1RbSA5XDTSYGyQvc5mnqRqclt9DFITDNAG3yxM6LIeh7ea5VOylVbAD3xR9qjkzDfupIlfhhJS8ln2eu42nTRMXM7PpTRgqToyBC7j6z1m5MQrCKyNqdoqvNMYottQwF6w1sip0d70EH1Sh_8WhWbkJ4H1QxuXYDTaFZWb4hHT5dRo0OibLpHeY_Xk7GQn2-Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:47 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jyYZjW-IoHIBBj-n-Zxg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F553
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHs-mx9lSUBZaOSBKbcRiAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jyYZjW-IoHIBBj-n-Zxg&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jyYZjW-IoHIBBj-n-Zxg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYiKbFlQEwAQ&v=APEucNVG2_iBPy0yhDyJs_LtDM_HctBEK1RbSA5XDTSYGyQvc5mnqRqclt9DFITDNAG3yxM6LIeh7ea5VOylVbAD3xR9qjkzDfupIlfhhJS8ln2eu42nTRMXM7PpTRgqToyBC7j6z1m5MQrCKyNqdoqvNMYottQwF6w1sip0d70EH1Sh_8WhWbkJ4H1QxuXYDTaFZWb4hHT5dRo0OibLpHeY_Xk7GQn2-Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:47 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA5jyYZjW-IoHIBBj-n-Zxg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amzns2s
rtb.gumgum.com/usync/ Frame C64C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-vmg_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.251.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
60b5dbc4c5cd2d8d94c2de2f7fe5534af63d0e42bc08ea09325bd535e1b82187

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:48 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_11eda123-d16e-4f44-8081-e4a585dea624; Domain=.gumgum.com; Expires=Sun, 17-Apr-2022 20:05:48 GMT; Path=/; Secure; SameSite=None
etag
W/"0cdd89c1a56bc30a7501569d64bb22aaf"
timing-allow-origin
*
content-encoding
gzip
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 095E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-vmg_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
951387c2947c11be22e28c446f00d8ee504487a6481aeacd5c50cf8e58521e71

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YHs-nI5ptGwGCKyi8eK4JAAA; CMPS=3258
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|45|130|65|8|3
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1691
Expires
Sat, 17 Apr 2021 20:05:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:48 GMT
Connection
keep-alive
Set-Cookie
CMID=YHs-nI5ptGwGCKyi8eK4JAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 17 Apr 2022 20:05:48 GMT CMPS=3258;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 16 Jul 2021 20:05:48 GMT CMPRO=1181;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 16 Jul 2021 20:05:48 GMT CMRUM3=27607b3f9c0b40&e6607b3f9c27600&41607b3f9c05a0&2d607b3f9c05a0&08607b3f9c05a00&03607b3f9c05a0&82607b3f9ca8c0&f1607b3f9c05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 17 Apr 2022 20:05:48 GMT CMST=YHs-nGB7P5wA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 18 Apr 2021 20:05:48 GMT

Redirect headers

Server
Apache
Content-Length
333
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 17 Apr 2021 20:05:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:48 GMT
Connection
keep-alive
Set-Cookie
CMID=YHs-nI5ptGwGCKyi8eK4JAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 17 Apr 2022 20:05:48 GMT CMPS=3258;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 16 Jul 2021 20:05:48 GMT
usync.html
eus.rubiconproject.com/ Frame 1DEC 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-vmg_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 17 Apr 2021 20:05:48 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A532
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-8WcxW2p1l2OI8tqvTGXbRPLfVoSwb_Q-&
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-8WcxW2p1l2OI8tqvTGXbRPLfVoSwb_Q-&
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-vmg_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sat, 17 Apr 2021 20:05:48 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Date
Sat, 17 Apr 2021 20:05:48 GMT
Content-Length
0
Strict-Transport-Security
max-age=31536000
Set-Cookie
IDSYNC=18y4~1xmk;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Mon, 18-Apr-2022 20:05:48 GMT;Secure;SameSite=None A3=d=AQABBJs_e2ACEJ7SE1halAEww5ftCP8g7kUFEgEBAQGRfGCFYAAAAAAA_SMAAA&S=AQAAAroNspvR_unb8-A69xDcStk; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=4brh0vtg7mfsr&b=3&s=md; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-8WcxW2p1l2OI8tqvTGXbRPLfVoSwb_Q-&
Age
0
Connection
keep-alive
Server
ATS/7.1.2.128
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 167E
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=11167679642594761015
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=11167679642594761015
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-vmg_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sat, 17 Apr 2021 20:05:48 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Sat, 17 Apr 2021 20:05:48 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=11167679642594761015
set-cookie
tluid=11167679642594761015; Max-Age=7776000; Expires=Fri, 16 Jul 2021 20:05:48 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5079 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 17 Apr 2021 15:06:07 GMT
expires
Sun, 17 Apr 2022 15:06:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
17980
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=debug-bts&fv=723&ts=1618689947351&env=js-web&pageId=121801&pid=132193&auctid=885b5569-0f23-4e67-955b-39c173055918&f=1&debug_metadata=wb&referer=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:48 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=885b5569-0f23-4e67-955b-39c173055918&pageId=121801&pid=132193&debug_metadata=2k9ttinhWs&fv=723&ts=1618689947356&f=1&referer=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:48 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=885b5569-0f23-4e67-955b-39c173055918&pageId=121801&pid=132193&slot=native&fv=723&ts=1618689947380&f=1&referer=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:48 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1618689947451&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1618689947451&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1618689947451&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=95697910&cs_ucfr=
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-38.cph50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:47 GMT
via
1.1 b3f90546650bd51f97feaab85be34b1c.cloudfront.net (CloudFront)
x-amz-cf-pop
CPH50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
1OGYSCbnSKs241Q5It-SP3LC3TiqyFXem_6y_2-AuvSbH7s15TUrVg==

Redirect headers

date
Sat, 17 Apr 2021 20:05:47 GMT
via
1.1 b3f90546650bd51f97feaab85be34b1c.cloudfront.net (CloudFront)
x-amz-cf-pop
CPH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1618689947451&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=95697910&cs_ucfr=
content-length
302
x-amz-cf-id
5zJUY4MP9CWktKmiWg2Q0tmEimsZSgcVGFxOEitnjwLV1GCFcyd8Nw==
ad
a.teads.tv/page/121801/ 		488 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/121801/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&page=%7B%22id%22%3A121801%2C%22placements%22%3A%5B%7B%22id%22%3A132193%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A680%2C%22height%22%3A383%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22us_privacy%22%3A%221YNY%22%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%7D&auctid=885b5569-0f23-4e67-955b-39c173055918&formatVersion=723&env=js-web&netBw=9.5&ttfb=641
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.68.8 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
ea238d0b573c623abee111eacb67e78bbf4dd5b8adba0ddbf78f4ff8bae18695

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.latimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
339
expires
Sat, 17 Apr 2021 20:05:47 GMT
vydnfpw7kpbp
hal9000.redintelligence.net/zone/ Frame 888B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/vydnfpw7kpbp?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCcFwIlz97YJuPNsKIrAS6m5D4B4_g-IZT3aaLpMoM8C4QASCvwLZwYJUCyAEJqQIgAuV8Ixq0PqgDAaoE7wFP0ItHiUWcl5cLi9lr757NfAjVMBGil-yBTfNPslyhVDHoLT26d768slfzLv4AEMKeJcrKVQe5P-3W52dWoc_PEN6_Qk8-ZpAlDMTvR9vOpuTa6C6vggHAP3lDcUVQUI_aJI-MyaxlTgNOVJRKRxFZFarqqteI9NxWSSJgUExUF-61QM-f1gMKTCNup8xQVFg1k1qS8b5_sWgzUDnvxmOKdf9GIB1XRyOFJQ9UZXKYNT-eA61TdPAlZiS_DiGPnmNOyRB-WPZw_dP1t7N0C6XWfaW4osdepPTWZzPwfG9jn4nLGw68MD3oQqn_9dQubsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo1teYwc7LVcafzwDx4hcHvj5BUtBgW8jT2j5s1_3rf32Kk5Z0SpL7ecOjYkrMwc7V5nY_bwmjum_QR6E%26sig%3DAOD64_3kJHMskRsow7DCtuq4-BfVDacnRQ%26client%3Dca-pub-1409437888781518%26dbm_c%3DAKAmf-DydHeqO4N96MdxiVLNbyg4Dq-WWd1z9dMdwxOrXBlxE0f-Kv00cgPRu2UwQ7d5XJJE3iJjmtwIKHkh-37ws_KtfzooT9TtiP6sEGiHu4vS34IMW71LkezsN2jGItMVU6ZrRAQQD3BGrmIliFtRcwONNmeLGA%26cry%3D1%26dbm_d%3DAKAmf-CmFOki9lOdmXVVScB0TGYa52CVeuvSHaWX49Z59pom3BQqq-48DUjT0Qojm4B4y8Qlzm7Vv4x1nEDtSYA8deYrxi6GEQPTxQ2ScXxlc8SCUyJmaDEeacqbtwi0ellLPhcaZ4ziKCDaAnokbrfPSTgioa2mFVBSU0dZOP4DSYsTkI2i-21G-a4HyxvmeCUnYcJ1-KTHwz96PgUWplLpmbb84CZt8C1MH7O5gczXGnmDvo_r7Z1jt4qYKYd66AExREXgs9-WjTQ4E7X_FHGferd0z597OVRLN1Ce16QVDnIsqR6E9qKbh5T1tpJ9GDoryH0Xl_EZvDj7xHmzpv8iKTWst2TuXi1QLjlfxN2F50bLQc_XZr41-Os9hUqyQWsPrfJyYfoTAwqv1-nm11KZ4GFyFhP4PXOXGAg8YV05VoGKyGwVliFrCASUnnwtBs-iKcDmkrxCV-JVfpRjOWDfR9qTqVmHt8vg7GwdUten8mh781Jug2_xOLAxzkrLrJT-XzzsoULLC4H-X6A7XEJ2_rISog6Dv7bsJ-NA5P0_5oqGRkyY_swvjIYcH2KoFdxbMyQt6Z5ZmSOSzeRoAjt4rA9vCH4V6Ckbjt-qFSfsPY22kVYgN6XlVmYsmT5b2DF8QsRrog3ejaSGNPtgkoHQdrO4j8pVBcvrIJC0UTSYG0ra9G-R9hCc885v9xBPPBam-0sMh_VN-YSgHC7obKYpGZcwfQFmkg%26adurl%3D
Requested by
Host: a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com
URL: https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
c0253e32147ab36452c5315d63f6d597677dbd705b475e11c910147b966302c5

Request headers

Referer
https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4151
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3A77 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.latimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sat, 17 Apr 2021 04:57:33 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 17 Apr 2021 20:05:48 GMT
Age
54494
X-Served-By
cache-lga21957-LGA, cache-hhn4061-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 732702
X-Timer
S1618689948.180356,VS0,VE0
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame F9BE
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
498 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
125d19524ca87754fd08394b4abe11d6db2409b11f9c302b787462af80bcad96

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.latimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=8540735d-78a3-0ef5-39b1-a8ce668d4255|1618689947; pd=v2|1618689947|gekin0vNiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=8540735d-78a3-0ef5-39b1-a8ce668d4255|1618689947; Version=1; Expires=Sun, 17-Apr-2022 20:05:48 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618689947.1|kiiygevNgun0.mWgqsLommOns; Version=1; Expires=Sun, 02-May-2021 20:05:48 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 17 Apr 2021 20:05:48 GMT
content-type
text/html
content-length
316
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=2a8c7e8a-8ebf-0dc6-2d2c-02850e36070d|1618689947; Version=1; Expires=Sun, 17-Apr-2022 20:05:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
date
Sat, 17 Apr 2021 20:05:47 GMT
content-length
0
via
1.1 google
alt-svc
clear
pd
eu-u.openx.net/w/1.0/ Frame 0A46
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
498 B
628 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
125d19524ca87754fd08394b4abe11d6db2409b11f9c302b787462af80bcad96

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.latimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=8540735d-78a3-0ef5-39b1-a8ce668d4255|1618689947; pd=v2|1618689947|gekin0vNiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=8540735d-78a3-0ef5-39b1-a8ce668d4255|1618689947; Version=1; Expires=Sun, 17-Apr-2022 20:05:48 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618689947.1|kiiygevNgun0.mWgqsLommOns; Version=1; Expires=Sun, 02-May-2021 20:05:48 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 17 Apr 2021 20:05:48 GMT
content-type
text/html
content-length
316
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=8540735d-78a3-0ef5-39b1-a8ce668d4255|1618689947; Version=1; Expires=Sun, 17-Apr-2022 20:05:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
date
Sat, 17 Apr 2021 20:05:47 GMT
content-length
0
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame FCD1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.latimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sat, 17 Apr 2021 20:05:48 GMT
Content-Length
1151
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 4591 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.latimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sat, 17 Apr 2021 20:05:48 GMT
Content-Length
1151
Connection
keep-alive
sync
eb2.3lift.com/ Frame A62A
Redirect Chain
  • https://eb2.3lift.com/sync?us_privacy=1YNY&
  • https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
43850c2b40191275529727b03a98e85f11ee0be4ee8c5bf048ff1b978166f452

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?us_privacy=1YNY&&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.latimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=11167679642594761015
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

date
Sat, 17 Apr 2021 20:05:48 GMT
content-type
text/html; charset=utf-8
content-length
480
set-cookie
sync=CgoIgQIQ_fTBi44vCgoIkQIQ_fTBi44vCgoI4gEQ_fTBi44vCgoIkgIQ_fTBi44vCgoI5gEQ_fTBi44vCgoIhwIQ_fTBi44vCgkIOhD99MGLji8KCQgLEP30wYuOLwoJCF8Q_fTBi44vCgkIHxD99MGLji8=; Max-Age=7776000; Expires=Fri, 16 Jul 2021 20:05:48 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=11167679642594761015; Max-Age=7776000; Expires=Fri, 16 Jul 2021 20:05:48 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Sat, 17 Apr 2021 20:05:48 GMT
content-length
0
set-cookie
tluid=9368213727109349519; Max-Age=7776000; Expires=Fri, 16 Jul 2021 20:05:48 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?us_privacy=1YNY&&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2044 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.latimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sat, 17 Apr 2021 04:57:33 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 17 Apr 2021 20:05:48 GMT
Age
54494
X-Served-By
cache-lga21957-LGA, cache-hhn4080-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 710697
X-Timer
S1618689948.180363,VS0,VE0
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame BE65 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1YNY
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.latimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 17 Apr 2021 20:05:48 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 0BE4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.latimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sat, 17 Apr 2021 20:05:48 GMT
Content-Length
1151
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame BE82 		668 B
723 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
cd8e48c72dc24022cd0886ccfb998f4a2b7aebf8a6722ced5c667e0be677a1a2

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.latimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=8540735d-78a3-0ef5-39b1-a8ce668d4255|1618689947
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=8540735d-78a3-0ef5-39b1-a8ce668d4255|1618689947; Version=1; Expires=Sun, 17-Apr-2022 20:05:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618689947|gekin0vNiygu; Version=1; Expires=Sun, 02-May-2021 20:05:47 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 17 Apr 2021 20:05:47 GMT
content-type
text/html
content-length
411
content-encoding
gzip
via
1.1 google
alt-svc
clear
sync
eb2.3lift.com/ Frame D473
Redirect Chain
  • https://eb2.3lift.com/sync?us_privacy=1YNY&
  • https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
43850c2b40191275529727b03a98e85f11ee0be4ee8c5bf048ff1b978166f452

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?us_privacy=1YNY&&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.latimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=11167679642594761015
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

date
Sat, 17 Apr 2021 20:05:48 GMT
content-type
text/html; charset=utf-8
content-length
480
set-cookie
sync=CgoIgQIQ_fTBi44vCgoIkQIQ_fTBi44vCgoI4gEQ_fTBi44vCgoIkgIQ_fTBi44vCgoI5gEQ_fTBi44vCgoIhwIQ_fTBi44vCgkIOhD99MGLji8KCQgLEP30wYuOLwoJCF8Q_fTBi44vCgkIHxD99MGLji8=; Max-Age=7776000; Expires=Fri, 16 Jul 2021 20:05:48 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=11167679642594761015; Max-Age=7776000; Expires=Fri, 16 Jul 2021 20:05:48 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Sat, 17 Apr 2021 20:05:48 GMT
content-length
0
set-cookie
tluid=17336200183184007611; Max-Age=7776000; Expires=Fri, 16 Jul 2021 20:05:48 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?us_privacy=1YNY&&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5949 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.latimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sat, 17 Apr 2021 04:57:33 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 17 Apr 2021 20:05:48 GMT
Age
54494
X-Served-By
cache-lga21957-LGA, cache-hhn4035-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 730927
X-Timer
S1618689948.180651,VS0,VE0
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 199A
Redirect Chain
  • https://eb2.3lift.com/sync?us_privacy=1YNY&
  • https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
43850c2b40191275529727b03a98e85f11ee0be4ee8c5bf048ff1b978166f452

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?us_privacy=1YNY&&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.latimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=11167679642594761015
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

date
Sat, 17 Apr 2021 20:05:48 GMT
content-type
text/html; charset=utf-8
content-length
480
set-cookie
sync=CgoIgQIQ_vTBi44vCgoIkQIQ_vTBi44vCgoI4gEQ_vTBi44vCgoIkgIQ_vTBi44vCgoI5gEQ_vTBi44vCgoIhwIQ_vTBi44vCgkIOhD-9MGLji8KCQgLEP70wYuOLwoJCF8Q_vTBi44vCgkIHxD-9MGLji8=; Max-Age=7776000; Expires=Fri, 16 Jul 2021 20:05:48 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=11167679642594761015; Max-Age=7776000; Expires=Fri, 16 Jul 2021 20:05:48 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Sat, 17 Apr 2021 20:05:48 GMT
content-length
0
set-cookie
tluid=11167679642594761015; Max-Age=7776000; Expires=Fri, 16 Jul 2021 20:05:48 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?us_privacy=1YNY&&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
activeview
pagead2.googlesyndication.com/pcs/ Frame C136 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvodCCDBcfMMbnO_yNHx72E28fds9kxQVwuGynk5iOaYLGMCaygNnhbyEBBFz1SWgYK0n81sxoJxd54Q3Pzj-2Q7Eu8xbaIb2pQKuuNGOh9veJNGtCevUlWl4H7GQ&sai=AMfl-YSHqDcarVWeuJsfbE-2hADYZP6pKWqyobbjxZ9Tq0G9byqeL4_szVE8nBwHiJiur235F-MjMUUa_TlCUXDBgL8PkozWKxeVctzZAMXssBSfQEqjIx_1DQ5cjnR_yt47&sig=Cg0ArKJSzPCIH65cqrtCEAE&cid=CAASPeRoFWK90zkKcnasGidZQXgKa3AH8HVugTCyKThhheA3dwCmxfZqxwkfGYWH_7PLFcmSJF7RZN8JZlPc6mU&id=ampim&o=315,87&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1041&mtos=0,0,0,1041,1041&tos=0,0,0,1041,0&tfs=1012&tls=2053&g=100&h=100&tt=2053&r=v&avms=ampa&adk=500406791
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame D84E 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/121801/tag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bee022a4099fdb924d19ba7cdd46c87f30d360ccf955a7fdcb45f8f83ddf4b2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"846 / 763 of 1000 / last-modified: 1618610925"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21051
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:05:48 GMT
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=885b5569-0f23-4e67-955b-39c173055918&pageId=121801&pid=132193&slot=native&vid=41ce427c-de18-43b2-a241-db5f68ad1849&fv=723&ts=1618689947988&f=1&referer=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:48 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
pagead2.googlesyndication.com/bg/ Frame 5079 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 12:29:47 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
27361
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5682
x-xss-protection
0
expires
Sun, 17 Apr 2022 12:29:47 GMT
sd
eu-u.openx.net/w/1.0/ Frame BE82
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2e13607b-3f9c-4f00-b41d-ef157c0d38b7
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2e13607b-3f9c-4f00-b41d-ef157c0d38b7
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 17 Apr 2021 20:06:51 GMT
Server
MT3 3660 495c301 master cdg-pixel-x6
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2e13607b-3f9c-4f00-b41d-ef157c0d38b7
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 17 Apr 2021 20:06:50 GMT
sd
us-u.openx.net/w/1.0/ Frame BE82
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ItgdwieOE8M53E_EJdoHkSXbHsY53RmUIIwwVI8V
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ItgdwieOE8M53E_EJdoHkSXbHsY53RmUIIwwVI8V
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:48 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ItgdwieOE8M53E_EJdoHkSXbHsY53RmUIIwwVI8V
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame BE82
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8843288730370667303
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8843288730370667303
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8843288730370667303
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame BE82 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=56ec4c04-d124-3102-6367-602602aa71a8&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.32.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame BE82
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2E4MzlmY2UtMTg1My02ZmE2LTc2ODctM2E5ZmM4NDhiZmM4
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2E4MzlmY2UtMTg1My02ZmE2LTc2ODctM2E5ZmM4NDhiZmM4&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2E4MzlmY2UtMTg1My02ZmE2LTc2ODctM2E5ZmM4NDhiZmM4&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2E4MzlmY2UtMTg1My02ZmE2LTc2ODctM2E5ZmM4NDhiZmM4&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BE82
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJGb-odnXyCCr0cOk9r6wnQ&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJGb-odnXyCCr0cOk9r6wnQ&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJGb-odnXyCCr0cOk9r6wnQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F9BE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3521235041686194610&gdpr=0&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3521235041686194610&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3521235041686194610&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 17 Apr 2021 20:05:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame F9BE
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=ibrGOHiiiCyFEyyR0bNLEg==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
e009fa153nobsvqpl1aukom4qa291h2k

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c22b2a40-4188-a34b-52b0-76d3fdfdbce1
pr-bh.ybp.yahoo.com/sync/openx/ Frame F9BE 		43 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/c22b2a40-4188-a34b-52b0-76d3fdfdbce1?gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame F9BE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=nlR0h2df1LxRco5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=nlR0h2df1LxRco5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:48 GMT
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-013d87c18de960209@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=nlR0h2df1LxRco5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F9BE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=4edc20c6-b4f1-4685-ae83-5609b5367290&ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=29&expires=30&user_id=4edc20c6-b4f1-4685-ae83-5609b5367290&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=1de1b6ff-212e-4791-8a5c-224bb3ccf682
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=1de1b6ff-212e-4791-8a5c-224bb3ccf682
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=1de1b6ff-212e-4791-8a5c-224bb3ccf682
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:53 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=1de1b6ff-212e-4791-8a5c-224bb3ccf682
date
Sat, 17 Apr 2021 20:05:53 GMT
via
1.1 google
server
OXGW/16.205.4
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
adx
match.prod.bidr.io/cookie-sync/ Frame F9BE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFETlZFN0E5bjhBQUNuVGlqVERIdw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.158.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021041301.js
securepubads.g.doubleclick.net/gpt/ Frame D84E 		295 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
31e420b79e7760a7860ed2fb595c4f11b498559791571fed7eb22be20c7fa5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 08:38:34 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106168
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:05:48 GMT
request.php
hal900028.redintelligence.net/ Frame 888B
Redirect Chain
  • https://hal900028.redintelligence.net/request.php?zone=vydnfpw7kpbp&nw=20&renderingType=javascript&namespace=4078b1676c&subid=&uid=b1443312ad8c10ae&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900028.redintelligence.net/request.php?zone=vydnfpw7kpbp&nw=20&renderingType=javascript&namespace=4078b1676c&subid=&uid=b1443312ad8c10ae&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
613 B
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/request.php?zone=vydnfpw7kpbp&nw=20&renderingType=javascript&namespace=4078b1676c&subid=&uid=b1443312ad8c10ae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCcFwIlz97YJuPNsKIrAS6m5D4B4_g-IZT3aaLpMoM8C4QASCvwLZwYJUCyAEJqQIgAuV8Ixq0PqgDAaoE7wFP0ItHiUWcl5cLi9lr757NfAjVMBGil-yBTfNPslyhVDHoLT26d768slfzLv4AEMKeJcrKVQe5P-3W52dWoc_PEN6_Qk8-ZpAlDMTvR9vOpuTa6C6vggHAP3lDcUVQUI_aJI-MyaxlTgNOVJRKRxFZFarqqteI9NxWSSJgUExUF-61QM-f1gMKTCNup8xQVFg1k1qS8b5_sWgzUDnvxmOKdf9GIB1XRyOFJQ9UZXKYNT-eA61TdPAlZiS_DiGPnmNOyRB-WPZw_dP1t7N0C6XWfaW4osdepPTWZzPwfG9jn4nLGw68MD3oQqn_9dQubsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo1teYwc7LVcafzwDx4hcHvj5BUtBgW8jT2j5s1_3rf32Kk5Z0SpL7ecOjYkrMwc7V5nY_bwmjum_QR6E%26sig%3DAOD64_3kJHMskRsow7DCtuq4-BfVDacnRQ%26client%3Dca-pub-1409437888781518%26dbm_c%3DAKAmf-DydHeqO4N96MdxiVLNbyg4Dq-WWd1z9dMdwxOrXBlxE0f-Kv00cgPRu2UwQ7d5XJJE3iJjmtwIKHkh-37ws_KtfzooT9TtiP6sEGiHu4vS34IMW71LkezsN2jGItMVU6ZrRAQQD3BGrmIliFtRcwONNmeLGA%26cry%3D1%26dbm_d%3DAKAmf-CmFOki9lOdmXVVScB0TGYa52CVeuvSHaWX49Z59pom3BQqq-48DUjT0Qojm4B4y8Qlzm7Vv4x1nEDtSYA8deYrxi6GEQPTxQ2ScXxlc8SCUyJmaDEeacqbtwi0ellLPhcaZ4ziKCDaAnokbrfPSTgioa2mFVBSU0dZOP4DSYsTkI2i-21G-a4HyxvmeCUnYcJ1-KTHwz96PgUWplLpmbb84CZt8C1MH7O5gczXGnmDvo_r7Z1jt4qYKYd66AExREXgs9-WjTQ4E7X_FHGferd0z597OVRLN1Ce16QVDnIsqR6E9qKbh5T1tpJ9GDoryH0Xl_EZvDj7xHmzpv8iKTWst2TuXi1QLjlfxN2F50bLQc_XZr41-Os9hUqyQWsPrfJyYfoTAwqv1-nm11KZ4GFyFhP4PXOXGAg8YV05VoGKyGwVliFrCASUnnwtBs-iKcDmkrxCV-JVfpRjOWDfR9qTqVmHt8vg7GwdUten8mh781Jug2_xOLAxzkrLrJT-XzzsoULLC4H-X6A7XEJ2_rISog6Dv7bsJ-NA5P0_5oqGRkyY_swvjIYcH2KoFdxbMyQt6Z5ZmSOSzeRoAjt4rA9vCH4V6Ckbjt-qFSfsPY22kVYgN6XlVmYsmT5b2DF8QsRrog3ejaSGNPtgkoHQdrO4j8pVBcvrIJC0UTSYG0ra9G-R9hCc885v9xBPPBam-0sMh_VN-YSgHC7obKYpGZcwfQFmkg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.latimes.com%2F&ancestorOrigins=https%3A%2F%2Fwww.latimes.com&random=2293414473227&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by
Host: a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com
URL: https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
af7376b950b12eeffbfce696af97d41511b634a896a2dd54b9998cc94b8cac30

Request headers

Referer
https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:49 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
13628300161032900710592011567028
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
329
Expires
Sat, 17 Apr 2021 21:05:49 +0200

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:48 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=vydnfpw7kpbp&nw=20&renderingType=javascript&namespace=4078b1676c&subid=&uid=b1443312ad8c10ae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCcFwIlz97YJuPNsKIrAS6m5D4B4_g-IZT3aaLpMoM8C4QASCvwLZwYJUCyAEJqQIgAuV8Ixq0PqgDAaoE7wFP0ItHiUWcl5cLi9lr757NfAjVMBGil-yBTfNPslyhVDHoLT26d768slfzLv4AEMKeJcrKVQe5P-3W52dWoc_PEN6_Qk8-ZpAlDMTvR9vOpuTa6C6vggHAP3lDcUVQUI_aJI-MyaxlTgNOVJRKRxFZFarqqteI9NxWSSJgUExUF-61QM-f1gMKTCNup8xQVFg1k1qS8b5_sWgzUDnvxmOKdf9GIB1XRyOFJQ9UZXKYNT-eA61TdPAlZiS_DiGPnmNOyRB-WPZw_dP1t7N0C6XWfaW4osdepPTWZzPwfG9jn4nLGw68MD3oQqn_9dQubsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo1teYwc7LVcafzwDx4hcHvj5BUtBgW8jT2j5s1_3rf32Kk5Z0SpL7ecOjYkrMwc7V5nY_bwmjum_QR6E%26sig%3DAOD64_3kJHMskRsow7DCtuq4-BfVDacnRQ%26client%3Dca-pub-1409437888781518%26dbm_c%3DAKAmf-DydHeqO4N96MdxiVLNbyg4Dq-WWd1z9dMdwxOrXBlxE0f-Kv00cgPRu2UwQ7d5XJJE3iJjmtwIKHkh-37ws_KtfzooT9TtiP6sEGiHu4vS34IMW71LkezsN2jGItMVU6ZrRAQQD3BGrmIliFtRcwONNmeLGA%26cry%3D1%26dbm_d%3DAKAmf-CmFOki9lOdmXVVScB0TGYa52CVeuvSHaWX49Z59pom3BQqq-48DUjT0Qojm4B4y8Qlzm7Vv4x1nEDtSYA8deYrxi6GEQPTxQ2ScXxlc8SCUyJmaDEeacqbtwi0ellLPhcaZ4ziKCDaAnokbrfPSTgioa2mFVBSU0dZOP4DSYsTkI2i-21G-a4HyxvmeCUnYcJ1-KTHwz96PgUWplLpmbb84CZt8C1MH7O5gczXGnmDvo_r7Z1jt4qYKYd66AExREXgs9-WjTQ4E7X_FHGferd0z597OVRLN1Ce16QVDnIsqR6E9qKbh5T1tpJ9GDoryH0Xl_EZvDj7xHmzpv8iKTWst2TuXi1QLjlfxN2F50bLQc_XZr41-Os9hUqyQWsPrfJyYfoTAwqv1-nm11KZ4GFyFhP4PXOXGAg8YV05VoGKyGwVliFrCASUnnwtBs-iKcDmkrxCV-JVfpRjOWDfR9qTqVmHt8vg7GwdUten8mh781Jug2_xOLAxzkrLrJT-XzzsoULLC4H-X6A7XEJ2_rISog6Dv7bsJ-NA5P0_5oqGRkyY_swvjIYcH2KoFdxbMyQt6Z5ZmSOSzeRoAjt4rA9vCH4V6Ckbjt-qFSfsPY22kVYgN6XlVmYsmT5b2DF8QsRrog3ejaSGNPtgkoHQdrO4j8pVBcvrIJC0UTSYG0ra9G-R9hCc885v9xBPPBam-0sMh_VN-YSgHC7obKYpGZcwfQFmkg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.latimes.com%2F&ancestorOrigins=https%3A%2F%2Fwww.latimes.com&random=2293414473227&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sat, 17 Apr 2021 21:05:48 +0200
sd
us-u.openx.net/w/1.0/ Frame 0A46
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4025638199951690162&gdpr=0&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4025638199951690162&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4025638199951690162&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 17 Apr 2021 20:05:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame 0A46
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=ibrGOHiiiCyFEyyR0bNLEg==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
k9iu2ekngqopdj5ldn6dk4n9rbqvh3ho

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c22b2a40-4188-a34b-52b0-76d3fdfdbce1
pr-bh.ybp.yahoo.com/sync/openx/ Frame 0A46 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/c22b2a40-4188-a34b-52b0-76d3fdfdbce1?gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 0A46
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=nlR0h2df1LxRco5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=nlR0h2df1LxRco5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:48 GMT
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-0c15f6a621e7ffebe@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=nlR0h2df1LxRco5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0A46
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dopenx%26expires%3D30%26user_group%3D%24%7B...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dopenx%26expires%3D30%26user_group%3D%24%7B...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=9ca8cc52-5908-526b-a947-ce58c93cf1c7&ssp=openx&expires=30&user_group=1
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=c50738e3-0638-46f0-bd51-ad706dcf96ce
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=c50738e3-0638-46f0-bd51-ad706dcf96ce
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:51 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=c50738e3-0638-46f0-bd51-ad706dcf96ce
date
Sat, 17 Apr 2021 20:05:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame 0A46
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFSkEwN0E5bjhBQUNxcjVrV2FQUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fe840f35-e6f1-4dd2-b657-486fcbc77695&gdpr=0&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.158.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 1DEC 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aab475e61325aa8b10d5fc1127dc89c6562731d9a0dbd32db36b85a5e792ced5

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Apr 2021 20:37:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18125
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9236
Expires
Sun, 18 Apr 2021 01:07:53 GMT
usync.js
eus.rubiconproject.com/ Frame BE65 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aab475e61325aa8b10d5fc1127dc89c6562731d9a0dbd32db36b85a5e792ced5

Request headers

Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1YNY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Apr 2021 20:37:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18125
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9236
Expires
Sun, 18 Apr 2021 01:07:53 GMT
usersync
rtb.gumgum.com/ Frame C64C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://rtb.gumgum.com/usersync?b=apn&i=3739850456940124250
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=3739850456940124250
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.251.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:49 GMT
X-Proxy-Origin
84.17.53.159; 84.17.53.159; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.39:80
AN-X-Request-Uuid
77df61da-e132-432c-88d5-2ac31a806c1a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=3739850456940124250
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame C64C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_11eda123-d16e-4f44-8081-e4a585dea624&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_11eda123-d16e-4f44-8081-e4a585dea624&gdpr=&gdpr_consent=&us_privacy=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=c50738e3-0638-46f0-bd51-ad706dcf96ce
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=c50738e3-0638-46f0-bd51-ad706dcf96ce
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=28653c43-7bd1-4882-b098-a68bb1f68bea&ssp=gumgum2&expires=30&user_group=5&bsw_param=c50738e3-0638-46f0-bd51-ad706dcf96ce
  • https://rtb.gumgum.com/usersync?b=bsw&i=1de1b6ff-212e-4791-8a5c-224bb3ccf682
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=1de1b6ff-212e-4791-8a5c-224bb3ccf682
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.251.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:57 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=1de1b6ff-212e-4791-8a5c-224bb3ccf682
date
Sat, 17 Apr 2021 20:05:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie-sync
sync.outbrain.com/ Frame C64C
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Dy0cZMTtT-bxLsJdLM-IlC91xiFMNEoRSM0hNtVQ2ZOFKmsuO4RxBZTWK8HlwwWx%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_11eda123-d16e-4f44-8081-e4a585dea624&obuid=ENC(Dy0cZMTtT-bxLsJdLM-IlC91xiFMNEoRSM0hNtVQ2ZOFKmsuO4RxBZTWK8HlwwWx)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DDy0cZMTtT-bxLsJdLM-IlC91xiFMNEoRSM0hNtVQ2ZOFKmsuO4RxBZTWK8...
  • https://sync.outbrain.com/cookie-sync?p=openx&obUid=Dy0cZMTtT-bxLsJdLM-IlC91xiFMNEoRSM0hNtVQ2ZOFKmsuO4RxBZTWK8HlwwWx&uid=e6fd6503-aeca-0cfe-0008-328bba11b683
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=openx&obUid=Dy0cZMTtT-bxLsJdLM-IlC91xiFMNEoRSM0hNtVQ2ZOFKmsuO4RxBZTWK8HlwwWx&uid=e6fd6503-aeca-0cfe-0008-328bba11b683
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:51 GMT
Cache-Control
no-cache
X-TraceId
a3572c33a91dfb6c78923fa666eff802
Content-Length
0

Redirect headers

date
Sat, 17 Apr 2021 20:05:51 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.outbrain.com/cookie-sync?p=openx&obUid=Dy0cZMTtT-bxLsJdLM-IlC91xiFMNEoRSM0hNtVQ2ZOFKmsuO4RxBZTWK8HlwwWx&uid=e6fd6503-aeca-0cfe-0008-328bba11b683
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame C64C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=a1d1e874-f931-0954-041c-70cbcafa70ee
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=a1d1e874-f931-0954-041c-70cbcafa70ee
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.251.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Sat, 17 Apr 2021 20:05:48 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=a1d1e874-f931-0954-041c-70cbcafa70ee
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame C64C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-d5e1ffce-48c1-4408-609e-44eb8d46f28e$ip$84.17.53.159
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-d5e1ffce-48c1-4408-609e-44eb8d46f28e$ip$84.17.53.159
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.251.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-d5e1ffce-48c1-4408-609e-44eb8d46f28e$ip$84.17.53.159
Date
Sat, 17 Apr 2021 20:05:49 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame C64C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-ot0_4nBE2pf8rm6JeIQrwmZQuINRvzY4L26h~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-ot0_4nBE2pf8rm6JeIQrwmZQuINRvzY4L26h~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.251.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Sat, 17 Apr 2021 20:05:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-ot0_4nBE2pf8rm6JeIQrwmZQuINRvzY4L26h~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame C64C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3...
  • https://rtb.gumgum.com/usersync?b=vnt&i=4dbb9611-9fb8-11eb-92c8-493c66029fd8
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=4dbb9611-9fb8-11eb-92c8-493c66029fd8
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.251.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=4dbb9611-9fb8-11eb-92c8-493c66029fd8
Date
Sat, 17 Apr 2021 20:05:48 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
4dbb9612-9fb8-11eb-92c8-493c66029fd8
services
sync.technoratimedia.com/ Frame C64C 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:49 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
870259435
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame C64C 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:48 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame C64C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_11eda123-d16e-4f44-8081-e4a585dea624&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.251.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
67
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame C64C
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=b7d74238-11fe-442a-985b-ec4acff48b67
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=b7d74238-11fe-442a-985b-ec4acff48b67
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.251.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=b7d74238-11fe-442a-985b-ec4acff48b67
date
Sat, 17 Apr 2021 20:05:49 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame C64C
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.251.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:49 GMT
Server
Tengine
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
usersync
rtb.gumgum.com/ Frame C64C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=xusr4b8dBdI6&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=xusr4b8dBdI6&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.251.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=xusr4b8dBdI6&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-wc9zq
expires
-1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C64C 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_11eda123-d16e-4f44-8081-e4a585dea624
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:49 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 62F6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=a933607b-3f9c-4100-97a8-1d2a0e452464&gdpr=&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=a933607b-3f9c-4100-97a8-1d2a0e452464&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.251.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=a933607b-3f9c-4100-97a8-1d2a0e452464&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_11eda123-d16e-4f44-8081-e4a585dea624
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Sat, 17 Apr 2021 20:05:48 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Sat, 17 Apr 2021 20:06:52 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3660 495c301 master cdg-pixel-x14
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
uuid=a933607b-3f9c-4100-97a8-1d2a0e452464; domain=.mathtag.com; path=/; expires=Sun, 15-May-2022 20:05:48 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=a933607b-3f9c-4100-97a8-1d2a0e452464&gdpr=&gdpr_consent=
Expires
Sat, 17 Apr 2021 20:06:51 GMT
usersync
rtb.gumgum.com/ Frame 8209
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YHs-nAAANzApdABg
  • https://rtb.gumgum.com/usersync?b=atm&i=YHs-nAAANzApdABg&gdpr=&gdpr_consent=&_test=YHs-nAAANzApdABg
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YHs-nAAANzApdABg&gdpr=&gdpr_consent=&_test=YHs-nAAANzApdABg
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.251.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YHs-nAAANzApdABg&gdpr=&gdpr_consent=&_test=YHs-nAAANzApdABg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_11eda123-d16e-4f44-8081-e4a585dea624
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Sat, 17 Apr 2021 20:05:49 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YHs-nAAANzApdABg&gdpr=&gdpr_consent=&_test=YHs-nAAANzApdABg
accept-ranges
bytes
date
Sat, 17 Apr 2021 20:05:49 GMT
via
1.1 varnish
x-served-by
cache-hhn4065-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1618689949.022467,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8A99 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xMWVkYTEyMy1kMTZlLTRmNDQtODA4MS1lNGE1ODVkZWE2MjQ=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV8xMWVkYTEyMy1kMTZlLTRmNDQtODA4MS1lNGE1ODVkZWE2MjQ=&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Sat, 17 Apr 2021 20:05:48 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4491 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=96044
Expires
Sun, 18 Apr 2021 22:46:32 GMT
Date
Sat, 17 Apr 2021 20:05:48 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 22C4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=50016032-4ad4-4d9a-b9ca-db93bdb6eb91&t=1621281948
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=50016032-4ad4-4d9a-b9ca-db93bdb6eb91&t=1621281948
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.251.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=50016032-4ad4-4d9a-b9ca-db93bdb6eb91&t=1621281948
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_11eda123-d16e-4f44-8081-e4a585dea624
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Sat, 17 Apr 2021 20:05:49 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sat, 17 Apr 2021 20:05:48 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=50016032-4ad4-4d9a-b9ca-db93bdb6eb91&t=1621281948
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=50016032-4ad4-4d9a-b9ca-db93bdb6eb91; domain=.adsrvr.org; expires=Sun, 17-Apr-2022 20:05:48 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwiU7MbM3fnAORAFOAE.; domain=.adsrvr.org; expires=Sun, 17-Apr-2022 20:05:48 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame AD02 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Sat, 17 Apr 2021 20:05:48 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame C68F
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YHs-ncCo8YwAAGg6KUgAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YHs-ncCo8YwAAGg6KUgAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.251.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YHs-ncCo8YwAAGg6KUgAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_11eda123-d16e-4f44-8081-e4a585dea624
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Sat, 17 Apr 2021 20:05:50 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Sat, 17 Apr 2021 20:05:49 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YHs-ncCo8YwAAGg6KUgAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie
SOC=YHs-ncCo8YwAAGg6KUgAAAAA; path=/; expires=Mon, 17-Apr-23 20:05:49 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time
10
X-SO-HostName
a-ad40253.dc2p.scaleout.jp
X-SO-LB-Hostname
m-tgng40.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":17,"gdpr":false,"ipv4":"84.17.53.159","key":"YHs-ncCo8YwAAGg6KUgAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40253"}
X-SO-Key
YHs-ncCo8YwAAGg6KUgAAAAA
X-SO-IP
84.17.53.159
X-SO-Cluster-ID
17
X-SO-Upstream-ID
a-ad40253
usersync
rtb.gumgum.com/ Frame A3EB
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1871878969296785799
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1871878969296785799
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.251.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=1871878969296785799
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_11eda123-d16e-4f44-8081-e4a585dea624
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Sat, 17 Apr 2021 20:05:50 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Sat, 17 Apr 2021 20:05:50 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAAFslxmtoZmhhZmFpaWpgYm4MAAWpQbEQAAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 12 May 2022 20:05:50 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwByILSzNLI0szcwtTc0tLIT5D3eyqqOTSHI_MsvLyEileQzNDCzMLS0tTAxNzYwDY0d7pNAAAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 12 May 2022 20:05:50 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwByILSzNLI0szcwtTc0tLIT5D3eyqqOTSHI_MsvLyEgAAgIfRJQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=1871878969296785799
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame E366
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=vXGcuko3VAGVPrbjk75M&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=vXGcuko3VAGVPrbjk75M&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.251.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=vXGcuko3VAGVPrbjk75M&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_11eda123-d16e-4f44-8081-e4a585dea624
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Sat, 17 Apr 2021 20:05:49 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sat, 17 Apr 2021 20:05:49 GMT Sat, 17 Apr 2021 20:05:49 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=vXGcuko3VAGVPrbjk75M&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
bounce
ib.adnxs.com/ Frame 3A77
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:49 GMT
X-Proxy-Origin
84.17.53.159; 84.17.53.159; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.138:80
AN-X-Request-Uuid
ccf5d41a-7210-4091-a00e-af17ee305fd7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:48 GMT
X-Proxy-Origin
84.17.53.159; 84.17.53.159; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.153:80
AN-X-Request-Uuid
3b17f528-d551-4eef-8cb1-904cbfea50ef
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 2044
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:49 GMT
X-Proxy-Origin
84.17.53.159; 84.17.53.159; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.135:80
AN-X-Request-Uuid
b2094c44-3bd6-4f40-8397-dcc3564050ee
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:48 GMT
X-Proxy-Origin
84.17.53.159; 84.17.53.159; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.118:80
AN-X-Request-Uuid
09c1e9bf-d5df-4c2c-a214-8229552d25db
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5949 		0
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:48 GMT
X-Proxy-Origin
84.17.53.159; 84.17.53.159; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.58:80
AN-X-Request-Uuid
7ae32a86-6a4b-4c64-8b9b-48d1d57337af
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 8337 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0cee18dbc3ba54f229f87eedf2dfdbf1dd73586b8dfec0090a86c13c452ccd49

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YHs-nI5ptGwGCKyi8eK4JAAA; CMPS=3258; CMPRO=1181; CMRUM3=27607b3f9c0b40&e6607b3f9c27600&41607b3f9c05a0&2d607b3f9c05a0&08607b3f9c05a00&03607b3f9c05a0&82607b3f9ca8c0&f1607b3f9c05a0; CMST=YHs-nGB7P5wA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|206|88|176|13|218|57
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1569
Expires
Sat, 17 Apr 2021 20:05:49 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:49 GMT
Connection
keep-alive
Set-Cookie
CMID=YHs-nI5ptGwGCKyi8eK4JAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 17 Apr 2022 20:05:49 GMT CMPS=3258;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 16 Jul 2021 20:05:49 GMT CMPRO=1181;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 16 Jul 2021 20:05:49 GMT CMST=YHs-nGB7P50A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 18 Apr 2021 20:05:49 GMT CMRUM3=39607b3f9d05a0&b0607b3f9d05a00&ce607b3f9d05a00&03607b3f9c05a0&08607b3f9c05a00&e6607b3f9c27600&da607b3f9d27600&41607b3f9c05a0&27607b3f9c0b40&0d607b3f9d05a0&49607b3f9d05a00&2e607b3f9d05a0&82607b3f9ca8c0&f1607b3f9c05a0&2d607b3f9c05a0&58607b3f9d05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 17 Apr 2022 20:05:49 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 5FA2 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9f8d654fb20921c6b840169faa41d5d9ec300d10c458a07118e86204711b089a

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YHs-nI5ptGwGCKyi8eK4JAAA; CMPS=3258; CMPRO=1181; CMST=YHs-nGB7P50A; CMRUM3=39607b3f9d05a0&b0607b3f9d05a00&ce607b3f9d05a00&03607b3f9c05a0&08607b3f9c05a00&e6607b3f9c27600&da607b3f9d27600&41607b3f9c05a0&27607b3f9c0b40&0d607b3f9d05a0&49607b3f9d05a00&2e607b3f9d05a0&82607b3f9ca8c0&f1607b3f9c05a0&2d607b3f9c05a0&58607b3f9d05a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
4|81|64|111|190|3|90|40
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1425
Expires
Sat, 17 Apr 2021 20:05:49 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:49 GMT
Connection
keep-alive
Set-Cookie
CMID=YHs-nI5ptGwGCKyi8eK4JAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 17 Apr 2022 20:05:49 GMT CMPS=3258;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 16 Jul 2021 20:05:49 GMT CMPRO=1181;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 16 Jul 2021 20:05:49 GMT CMRUM3=28607b3f9d05a00&f1607b3f9c05a0&82607b3f9ca8c0&2e607b3f9d05a0&49607b3f9d05a00&51607b3f9d05a0&0d607b3f9d05a0&58607b3f9d05a0&40607b3f9d05a0&2d607b3f9c05a0&03607b3f9d05a0&6f607b3f9d05a0&ce607b3f9d05a00&5a607b3f9d05a0&be607b3f9d05a0&b0607b3f9d05a00&39607b3f9d05a0&27607b3f9c0b40&41607b3f9c05a0&04607b3f9d05a0&da607b3f9d27600&e6607b3f9c27600&08607b3f9c05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 17 Apr 2022 20:05:49 GMT
1.gif
activate.platform.californiatimes.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activate.platform.californiatimes.com/privacy/v1/b/1.gif?n=3&c=2715&i=8thlsj&p=latimes&s=6214&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNDU1IiwiY2xpZW50SWQiOjI3MTUsInB1Ymxpc2hQYXRoIjoibGF0aW1lcyIsImluc3RhbmNlSWQiOiI4dGhsc2oiLCJwYWNrZXQiOjMsIm1vZGUiOiJlbmZvcmNlWgDyJ29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLMA8bFodHRwczovL3d3dy5nb29nbGUuY29tL2Fkcy9nYS1hdWRpZW5jZXM_dD1zciZhaXA9MSZfcj00JnNsZl9yZD0xJnY9MSZfdj1qODkmdGlkPVVBLTQwODQxNTA4LTEmY2lkPTIwMjkxOTMxMDEuMTYxODY4OTk0NCZqaWQ9MTI5NDg2MTE2MyZfdT1hQ2hBaUVJckJBQUFBRX4mej00MTIzODA4MzIiLCJ0eXBlIjoiaW1nIiwic3RhcnQiOjE2MThPAEA2NTY4-wAoZCIUAJM3Niwic291cmM5APECX0RPTUF0dHJNb2RpZmllZCJJALF0dXMiOiJhbGxvdxMAYHJlYXNvbisB1F0sImRhdGFQYXR0ZXISALpsaXN0IjpbXSwiaW4ATzY4fSxdARAvZGVcAZ4vNzdcAQAfN1wBWS83N1wBEg-5AqEPXQEANzg3NF0BMW11dKwDmE9ic2VydmVyQbcCMGxvYccCD7QCJQ9YARQPtAKhDRAEODcwM7QCD1cBSg8LBAjwCmEudGVhZHMudHYvcGFnZS8xMjE4MDEvdGHYBBJ05QRic2NyaXB06AEYcugETDczNTSMAwIUAAboBIJubmVySFRNTD8AD94EMwBkAA-CAwfxBXNiLnNjb3JlY2FyZHJlc2VhcmNoRQbwFnA_YzE9MiZjMj0xNzE5ODk3MSZuc19hcF9zdj0yLjE1MTEuMTATAAD4AHA9aGlkZGVuDwBzc3RfaXQ9YQsAQHN2PTRYBwMPABBhdQaRbnNfc3Rfc3E9UgAAMAAlZD1dBjQ3NDUXACVlYyIAJWNuCwBzZXY9cGxheVEAYWN0PXZhMIgAZHN0X2NsPQsA9AFwdD0wJmMzPSpudWxsJmM0CQATNgkA_whuc190cz05NTY5NzkxMCZjc191Y2ZyPa0GDU03NDU2xQEBFAAGxQEvbWetBkkAggAPzwEIJjh0pALxAW1lZGlhL2Zvcm1hdC92My-9AhItEAB2Lm1pbi5qc_AAD7gCBk42ODYz8wAYNucEoGFwcGVuZENoaWzRBDJzdGG6Ag_hBCs_ODYz6ABdHznoAAwMeAQZQ6kDD-8ALR857wAHoWFjZG4uYWRueHOcA-BkbXAvYXN5bmNfdXNlcgkAVi5odG1szQFQaWZyYW09CgxtCT43NTnNAQEUAAbAAg-FBEIvNTnOAQjwUGV1LXUub3BlbngubmV0L3cvMS4wL3BkP3BsbT02JnBoPWZlODQwZjM1LWU2ZjEtNGRkMi1iNjU3LTQ4NmZjYmM3NzY5NSZnZHByPTAmdXNfcHJpdmFjeT0xWU5ZIiwiogQ_IjoiFQEJDvoBNzU5OckHH2kVAUQP9AEIDxUBbS42MCoCARQADyoCTC82MCoCCOFqcy1zZWMuaW5kZXh3dw0Dr3VtL2l4bWF0Y2gFAxY9NjEw6gM_NjEx8AFOPzYxMOQDBw_bADUOZQgQNrMOD7YBTS8xNNsAB5FlYjIuM2xpZnSxAQCwBBs_pgMfJrwEET42MjK3AQAUAA_cAE0vMjLcAAcPmwU3LjYzWwgBFAAP3wBNLzM23wAH8gJldXMucnViaWNvbnByb2plY8QBEHXFAQFwAwzKAQ_JARIfNIADAAAUAA_qAE0fNIADTx80NgUAGDQtCQ9LBkMvNjQ2BQgPSwZuHTSGECA3NhQAD_ABTg98EAgPlQQ1HjU8CBA2FAAP3ABNHzU8CAgPlQQ4AOkLKGVuLxMgNzYUAA_fAE0fNlAGUC43MVAGABQAD9wATS83MXEFBw-RD_8gDlwELzc4LhJOwDY4OTk0NzQ1N31dfQ
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:49 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sat, 17 Apr 2021 20:05:48 GMT
khaos.jpg
token.rubiconproject.com/ Frame BE65 		284 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?us_privacy=1YNY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/jpg
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame ED59 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2616588cd7d480d6031dafcfffbae7a42900f99ee11d9cc5707bb6e7854a2209

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YHs-nI5ptGwGCKyi8eK4JAAA; CMPS=3258; CMPRO=1181; CMRUM3=40607b3f9d05a0&2d607b3f9c05a0&58607b3f9d05a0&f1607b3f9c05a0&82607b3f9ca8c0&2e607b3f9d05a0&49607b3f9d05a00&0d607b3f9d05a0&51607b3f9d05a0&28607b3f9d05a00&04607b3f9d05a0&41607b3f9c05a0&e6607b3f9c27600&da607b3f9d27600&08607b3f9c05a00&27607b3f9c0b40&5a607b3f9d05a0&ce607b3f9d05a00&b0607b3f9d05a00&be607b3f9d05a0&39607b3f9d05a0&03607b3f9d05a0&6f607b3f9d05a0; CMST=YHs-nGB7P54A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
41|47|105|156|241|191|196|45
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1551
Expires
Sat, 17 Apr 2021 20:05:50 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
Connection
keep-alive
Set-Cookie
CMID=YHs-nI5ptGwGCKyi8eK4JAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 17 Apr 2022 20:05:50 GMT CMPS=3258;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 16 Jul 2021 20:05:50 GMT CMPRO=1181;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 16 Jul 2021 20:05:50 GMT CMRUM3=58607b3f9d05a0&40607b3f9d05a0&2d607b3f9e05a0&28607b3f9d05a00&c4607b3f9e05a0&2f607b3f9e05a0&f1607b3f9e05a0&82607b3f9ca8c0&49607b3f9d05a00&2e607b3f9d05a0&51607b3f9d05a0&9c607b3f9e05a00&0d607b3f9d05a0&29607b3f9e05a00&27607b3f9c0b40&04607b3f9d05a0&bf607b3f9e05a0&41607b3f9c05a0&da607b3f9d27600&e6607b3f9c27600&08607b3f9c05a00&03607b3f9d05a0&6f607b3f9d05a0&69607b3f9e05a0&ce607b3f9d05a00&5a607b3f9d05a0&be607b3f9d05a0&b0607b3f9d05a00&39607b3f9d05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 17 Apr 2022 20:05:50 GMT
generic
match.adsrvr.org/track/cmf/ Frame A62A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.32.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame A62A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMeO1MDQhlTzeUtFr8qzSSM&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMeO1MDQhlTzeUtFr8qzSSM&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMeO1MDQhlTzeUtFr8qzSSM&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A62A
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTExNjc2Nzk2NDI1OTQ3NjEwMTU%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTExNjc2Nzk2NDI1OTQ3NjEwMTU%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTExNjc2Nzk2NDI1OTQ3NjEwMTU%3D
date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame A62A 		42 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=11167679642594761015&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: 2A232B25D468472F9C973FE3EF64D468 Ref B: FRAEDGE1320 Ref C: 2021-04-17T20:05:49Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame A62A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/11167679642594761015?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-knnYJb5E2oSlLVM_3l1X_UTPfSbUMyn0TH.A0nRogQ--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-knnYJb5E2oSlLVM_3l1X_UTPfSbUMyn0TH.A0nRogQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 17 Apr 2021 20:05:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-knnYJb5E2oSlLVM_3l1X_UTPfSbUMyn0TH.A0nRogQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame A62A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3739850456940124250&dongle=4d58&gdpr=1&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=3739850456940124250&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
X-Proxy-Origin
84.17.53.159; 84.17.53.159; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.17:80
AN-X-Request-Uuid
5c16cf0c-2c69-4fd3-abed-b846feb53951
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=3739850456940124250&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame A62A
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=11167679642594761015
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11167679642594761015&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11167679642594761015&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:51 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11167679642594761015&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame A62A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame A62A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=11167679642594761015
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame A62A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=11167679642594761015
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame D473 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.32.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame D473
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMeO1MDQhlTzeUtFr8qzSSM&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMeO1MDQhlTzeUtFr8qzSSM&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMeO1MDQhlTzeUtFr8qzSSM&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D473
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTExNjc2Nzk2NDI1OTQ3NjEwMTU%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTExNjc2Nzk2NDI1OTQ3NjEwMTU%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTExNjc2Nzk2NDI1OTQ3NjEwMTU%3D
date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame D473 		42 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=11167679642594761015&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: 50974B0D203144599ECC348383ED94D4 Ref B: FRAEDGE1320 Ref C: 2021-04-17T20:05:50Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame D473
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/11167679642594761015?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-knnYJb5E2oSlLVM_3l1X_UTPfSbUMyn0TH.A0nRogQ--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-knnYJb5E2oSlLVM_3l1X_UTPfSbUMyn0TH.A0nRogQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 17 Apr 2021 20:05:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-knnYJb5E2oSlLVM_3l1X_UTPfSbUMyn0TH.A0nRogQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D473
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3739850456940124250&dongle=4d58&gdpr=1&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=3739850456940124250&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
X-Proxy-Origin
84.17.53.159; 84.17.53.159; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.75:80
AN-X-Request-Uuid
4d65ae0f-7412-4b96-a883-4ab24d3a6662
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=3739850456940124250&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame D473
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=11167679642594761015
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11167679642594761015&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11167679642594761015&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:51 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11167679642594761015&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D473
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame D473 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=11167679642594761015
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame D473 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=11167679642594761015
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame 199A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.32.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 199A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMeO1MDQhlTzeUtFr8qzSSM&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMeO1MDQhlTzeUtFr8qzSSM&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMeO1MDQhlTzeUtFr8qzSSM&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 199A
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTExNjc2Nzk2NDI1OTQ3NjEwMTU%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTExNjc2Nzk2NDI1OTQ3NjEwMTU%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTExNjc2Nzk2NDI1OTQ3NjEwMTU%3D
date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame 199A 		42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=11167679642594761015&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:49 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: 6664D3C1B4D1442BAE09414A362789E3 Ref B: FRAEDGE1320 Ref C: 2021-04-17T20:05:50Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 199A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/11167679642594761015?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-knnYJb5E2oSlLVM_3l1X_UTPfSbUMyn0TH.A0nRogQ--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-knnYJb5E2oSlLVM_3l1X_UTPfSbUMyn0TH.A0nRogQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 17 Apr 2021 20:05:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-knnYJb5E2oSlLVM_3l1X_UTPfSbUMyn0TH.A0nRogQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 199A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3739850456940124250&dongle=4d58&gdpr=1&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=3739850456940124250&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
X-Proxy-Origin
84.17.53.159; 84.17.53.159; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.75:80
AN-X-Request-Uuid
90c6b422-8247-4b94-98ab-cce79517ea1e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=3739850456940124250&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 199A
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=11167679642594761015
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11167679642594761015&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11167679642594761015&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:51 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11167679642594761015&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 199A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 199A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=11167679642594761015
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame 199A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=11167679642594761015
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 3A77 		0
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
X-Proxy-Origin
84.17.53.159; 84.17.53.159; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.56:80
AN-X-Request-Uuid
9b5eaa90-1d62-42e8-9b26-78069f8ba203
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2044 		0
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
X-Proxy-Origin
84.17.53.159; 84.17.53.159; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.81:80
AN-X-Request-Uuid
13200df9-a8e7-4d14-ab5f-4bf1d49d2f49
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5949 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
X-Proxy-Origin
84.17.53.159; 84.17.53.159; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.233:80
AN-X-Request-Uuid
04f25c11-79bf-4278-bc7c-242843c81055
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1DEC
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KNM67AUD-1-H8Q&ex=d-rubiconproject.com&status=ok
43 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KNM67AUD-1-H8Q&ex=d-rubiconproject.com&status=ok
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_rbd_n-vmg_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:52 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KNM67AUD-1-H8Q&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 095E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEJKASYtAfoMQtStjMH9as9Q&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEJKASYtAfoMQtStjMH9as9Q&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:50 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEJKASYtAfoMQtStjMH9as9Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 095E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YHs-nI5ptGwGCKyi8eK4JAAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.32.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 095E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:54 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:51 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 095E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YHs-nI5ptGwGCKyi8eK4JAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF8fKl7W84aOK5MVqP6OQAU&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF8fKl7W84aOK5MVqP6OQAU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:50 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF8fKl7W84aOK5MVqP6OQAU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 095E 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.158.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 095E
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1618776350
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1618776350
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:52 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1618776350
pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 095E
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=5e51783e-a1b9-4534-8a63-3a06756da5be&expiration=1650225952
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=5e51783e-a1b9-4534-8a63-3a06756da5be&expiration=1650225952
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:52 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=5e51783e-a1b9-4534-8a63-3a06756da5be&expiration=1650225952
date
Sat, 17 Apr 2021 20:05:52 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 095E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a933607b-3f9c-4100-97a8-1d2a0e452464
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a933607b-3f9c-4100-97a8-1d2a0e452464
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:50 GMT

Redirect headers

Date
Sat, 17 Apr 2021 20:06:53 GMT
Server
MT3 3660 495c301 master cdg-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a933607b-3f9c-4100-97a8-1d2a0e452464
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 17 Apr 2021 20:06:52 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 095E 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
request_content.php
hal900028.redintelligence.net/ Frame 97EB 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/request_content.php?s=13628300161032900710592011567028&a=99c9ade3
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=vydnfpw7kpbp&nw=20&renderingType=javascript&namespace=4078b1676c&subid=&uid=b1443312ad8c10ae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCcFwIlz97YJuPNsKIrAS6m5D4B4_g-IZT3aaLpMoM8C4QASCvwLZwYJUCyAEJqQIgAuV8Ixq0PqgDAaoE7wFP0ItHiUWcl5cLi9lr757NfAjVMBGil-yBTfNPslyhVDHoLT26d768slfzLv4AEMKeJcrKVQe5P-3W52dWoc_PEN6_Qk8-ZpAlDMTvR9vOpuTa6C6vggHAP3lDcUVQUI_aJI-MyaxlTgNOVJRKRxFZFarqqteI9NxWSSJgUExUF-61QM-f1gMKTCNup8xQVFg1k1qS8b5_sWgzUDnvxmOKdf9GIB1XRyOFJQ9UZXKYNT-eA61TdPAlZiS_DiGPnmNOyRB-WPZw_dP1t7N0C6XWfaW4osdepPTWZzPwfG9jn4nLGw68MD3oQqn_9dQubsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo1teYwc7LVcafzwDx4hcHvj5BUtBgW8jT2j5s1_3rf32Kk5Z0SpL7ecOjYkrMwc7V5nY_bwmjum_QR6E%26sig%3DAOD64_3kJHMskRsow7DCtuq4-BfVDacnRQ%26client%3Dca-pub-1409437888781518%26dbm_c%3DAKAmf-DydHeqO4N96MdxiVLNbyg4Dq-WWd1z9dMdwxOrXBlxE0f-Kv00cgPRu2UwQ7d5XJJE3iJjmtwIKHkh-37ws_KtfzooT9TtiP6sEGiHu4vS34IMW71LkezsN2jGItMVU6ZrRAQQD3BGrmIliFtRcwONNmeLGA%26cry%3D1%26dbm_d%3DAKAmf-CmFOki9lOdmXVVScB0TGYa52CVeuvSHaWX49Z59pom3BQqq-48DUjT0Qojm4B4y8Qlzm7Vv4x1nEDtSYA8deYrxi6GEQPTxQ2ScXxlc8SCUyJmaDEeacqbtwi0ellLPhcaZ4ziKCDaAnokbrfPSTgioa2mFVBSU0dZOP4DSYsTkI2i-21G-a4HyxvmeCUnYcJ1-KTHwz96PgUWplLpmbb84CZt8C1MH7O5gczXGnmDvo_r7Z1jt4qYKYd66AExREXgs9-WjTQ4E7X_FHGferd0z597OVRLN1Ce16QVDnIsqR6E9qKbh5T1tpJ9GDoryH0Xl_EZvDj7xHmzpv8iKTWst2TuXi1QLjlfxN2F50bLQc_XZr41-Os9hUqyQWsPrfJyYfoTAwqv1-nm11KZ4GFyFhP4PXOXGAg8YV05VoGKyGwVliFrCASUnnwtBs-iKcDmkrxCV-JVfpRjOWDfR9qTqVmHt8vg7GwdUten8mh781Jug2_xOLAxzkrLrJT-XzzsoULLC4H-X6A7XEJ2_rISog6Dv7bsJ-NA5P0_5oqGRkyY_swvjIYcH2KoFdxbMyQt6Z5ZmSOSzeRoAjt4rA9vCH4V6Ckbjt-qFSfsPY22kVYgN6XlVmYsmT5b2DF8QsRrog3ejaSGNPtgkoHQdrO4j8pVBcvrIJC0UTSYG0ra9G-R9hCc885v9xBPPBam-0sMh_VN-YSgHC7obKYpGZcwfQFmkg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.latimes.com%2F&ancestorOrigins=https%3A%2F%2Fwww.latimes.com&random=2293414473227&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
651711f6abcfeab5fa45353f8c3821f0803c9bd6dc22d47b8480b07c92c9c24f

Request headers

Host
hal900028.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=acaf27b0aecc1b66
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/

Response headers

Date
Sat, 17 Apr 2021 20:05:51 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sat, 17 Apr 2021 21:05:51 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2103
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame 888B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65e790504ef6e2cb810cdec8cb4321334a06eaf039e837684fffd2b1abad72ec

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ Frame D84E 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.latimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 20:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D84E 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.latimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 20:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D84E 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2706065191266531&correlator=3703543314276395&output=ldjh&impl=fif&eid=31060320%2C31060506&vrg=2021041301&ptt=17&us_privacy=1YNY&sc=1&sfv=1-0-38&ecs=20210417&iu_parts=21787098806%2Cweb.latimes%2Cteads%2Chouse&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&eri=2&cookie_enabled=1&cdm=www.latimes.com&bc=31&abxe=1&lmt=1618689950&dt=1618689950431&dlt=1618689948026&idt=1845&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=495&adys=1811&adks=3560212982&ucis=75fu6ljhg5gf&ifi=1&ifk=4289824697&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&top=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1921910884.1618689950&ga_sid=1618689950&ga_hid=1948323001&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
672972c4d455956a3c33de51dc55806fc15d62a9f62f0fde4e5aa671e2fa5a60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10468
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.latimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D84E 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame D84E 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
showad.js
ads.pubmatic.com/AdServer/js/ Frame 97EE 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=

Response headers

Server
Apache/2.2.15 (CentOS)
ETag
"13006b6-98c2-5bfeb3aef82b4"
Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=30416
Expires
Sun, 18 Apr 2021 04:32:46 GMT
Date
Sat, 17 Apr 2021 20:05:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
tap.php
pixel.rubiconproject.com/ Frame BE65
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YNY
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/v5r9rqdAxq1ixk4tdkOdMw?csrc=&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7635419384855118915
42 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7635419384855118915
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

date
Sat, 17 Apr 2021 20:05:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7635419384855118915
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BE65
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1YNY
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NNjdBVUQtMS1IOFE=&us_privacy=1YNY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NNjdBVUQtMS1IOFE=&us_privacy=1YNY
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NNjdBVUQtMS1IOFE=&us_privacy=1YNY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame BE65 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?us_privacy=1YNY
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:52 GMT
via
1.1 google
alt-svc
clear
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame BE65 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1YNY
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.32.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame BE65
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YHs-nAAANzApdABg&us_privacy=1YNY
42 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YHs-nAAANzApdABg&us_privacy=1YNY
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
via
1.1 varnish
server
Varnish
x-timer
S1618689951.664016,VS0,VE0
x-served-by
cache-hhn4065-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YHs-nAAANzApdABg&us_privacy=1YNY
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame BE65
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1YNY
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjJhNzk3Zjc2OWVhMGMyZDZhYmEwZWVlYTlhMGZhNDJiNDQyMzZlZg&us_privacy=1YNY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjJhNzk3Zjc2OWVhMGMyZDZhYmEwZWVlYTlhMGZhNDJiNDQyMzZlZg&us_privacy=1YNY
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjJhNzk3Zjc2OWVhMGMyZDZhYmEwZWVlYTlhMGZhNDJiNDQyMzZlZg&us_privacy=1YNY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame BE65
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a933607b-3f9c-4100-97a8-1d2a0e452464
42 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a933607b-3f9c-4100-97a8-1d2a0e452464
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

Date
Sat, 17 Apr 2021 20:06:54 GMT
Server
MT3 3660 495c301 master cdg-pixel-x3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a933607b-3f9c-4100-97a8-1d2a0e452464
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 17 Apr 2021 20:06:53 GMT
tap.php
pixel.rubiconproject.com/ Frame BE65
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECklLc4EaTO_azAoLhwV1hk&google_cver=1
42 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECklLc4EaTO_azAoLhwV1hk&google_cver=1
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECklLc4EaTO_azAoLhwV1hk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8337
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3739850456940124250
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3739850456940124250
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:50 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
X-Proxy-Origin
84.17.53.159; 84.17.53.159; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.37:80
AN-X-Request-Uuid
a9384abb-4108-4742-8834-86f72c035713
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3739850456940124250
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8337 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8337
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB
  • https://pr-bh.ybp.yahoo.com/sync/casale/YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB
43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sat, 17 Apr 2021 20:05:50 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 8337
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YHs-nAAANzApdABg
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YHs-nAAANzApdABg
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:50 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
via
1.1 varnish
server
Varnish
x-timer
S1618689951.750460,VS0,VE0
x-served-by
cache-hhn4065-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YHs-nAAANzApdABg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
113
match.deepintent.com/usersync/ Frame 8337 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:50 GMT
content-length
0
server
b
crum
dsum-sec.casalemedia.com/ Frame 8337
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=061f2204050114495f525d8b&expiration=[EXPIRATION]
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=061f2204050114495f525d8b&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:52 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=061f2204050114495f525d8b&expiration=[EXPIRATION]
Date
Sat, 17 Apr 2021 20:05:52 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
demconf.jpg
dpm.demdex.net/ Frame 8337
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YHs-nI5ptGwGCKyi8eK4JAAA%261181
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YHs-nI5ptGwGCKyi8eK4JAAA%261181
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YHs-nI5ptGwGCKyi8eK4JAAA%261181
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.135.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-135-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v090-0527b83e9.edge-irl1.demdex.com 5.80.7.20210304103356 1ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
ziLfM1jpTsc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
8u90POYWQgQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YHs-nI5ptGwGCKyi8eK4JAAA%261181
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8337
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878969296785799
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878969296785799
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:50 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878969296785799
Date
Sat, 17 Apr 2021 20:05:50 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 8337 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YHs-nI5ptGwGCKyi8eK4JAAA%261181
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:50 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3028
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:56:18 GMT
rum
dsum-sec.casalemedia.com/ Frame 5FA2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4025638199951690162
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4025638199951690162
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:50 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4025638199951690162
pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 5FA2
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=5_EWX-KnGF789URZ4PMMDODyFVv89BIJ5aWEj5H1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=5_EWX-KnGF789URZ4PMMDODyFVv89BIJ5aWEj5H1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:50 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=5_EWX-KnGF789URZ4PMMDODyFVv89BIJ5aWEj5H1
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5FA2
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1621281952
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1621281952
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:53 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:52 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1621281952
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 5FA2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8843288730370667303&expiration=1619899550
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8843288730370667303&expiration=1619899550
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:50 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:50 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8843288730370667303&expiration=1619899550
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum.casalemedia.com/ Frame 5FA2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3739850456940124250
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3739850456940124250
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:52 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
X-Proxy-Origin
84.17.53.159; 84.17.53.159; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.147:80
AN-X-Request-Uuid
a140ba47-f055-4475-897d-a819e42bb5f7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3739850456940124250
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5FA2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a933607b-3f9c-4100-97a8-1d2a0e452464
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a933607b-3f9c-4100-97a8-1d2a0e452464
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:50 GMT

Redirect headers

Date
Sat, 17 Apr 2021 20:06:54 GMT
Server
MT3 3660 495c301 master cdg-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a933607b-3f9c-4100-97a8-1d2a0e452464
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 17 Apr 2021 20:06:53 GMT
crum
dsum-sec.casalemedia.com/ Frame 5FA2
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=19C2D881768C4EE989A7169C42F153D7
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=19C2D881768C4EE989A7169C42F153D7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:55 GMT

Redirect headers

date
Sat, 17 Apr 2021 20:05:55 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=19C2D881768C4EE989A7169C42F153D7
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Fri, 16 Apr 2021 20:05:55 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 5FA2 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YHs-nI5ptGwGCKyi8eK4JAAA%261181
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:50 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3028
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:56:18 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 4980
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.142.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
55fee199fa5c142d545101d62201c4a84550b141582d0bf04d0e626beef9a585

Request headers

:method
GET
:authority
um2.eqads.com
:scheme
https
:path
/um/cs&eq_cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ssum-sec.casalemedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
EQUser=UID=68c06cc3-b32b-4024-a478-466a0595d4a9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Sat, 17 Apr 2021 20:05:52 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Sat, 17 Apr 2021 20:05:52 GMT
pragma
no-cache

Redirect headers

date
Sat, 17 Apr 2021 20:05:52 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
set-cookie
EQUser=UID=68c06cc3-b32b-4024-a478-466a0595d4a9; Path=/; Domain=eqads.com; Expires=Sat, 17 Jul 2021 20:05:52 GMT; Secure; SameSite=None
container.html
5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9CC1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.latimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 17 Apr 2021 20:05:52 GMT
expires
Sun, 17 Apr 2022 20:05:52 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame D84E 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423639646658"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:05:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D84E 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fa0ee43e8468bfee1c149d149658578c07601a99b2711430cf723f945e360d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 20:05:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6915
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5079 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrZdFmj97YIjDAaaN3gPEgKPwDgAAAAA4AeAEAg&bg=!8vGl8bXNAAZUuIlwVLg7ACkAdvg8Wug0y0Pu9JZrta1fCRy0inno1raC9kqoFjIKDt4b6cKFtyJ6ZwIAAAkHUgAAAEBoAQcKARb9welKzsEFIzxINlFypsm_5skpAYoAUWq0oMuojg4ubW14lPXs9hYZw_uFpWq-lUnVzE9R2UPJjlRTFZMe2s9iwBFw_k7SfQM4WPSOMD3qMDvj79RkijDqhhclSTUhbomqKhIIJk7VE_vTz36eDzIAAbtzGi8RjcOsVouTuUwrGO6eXSmM9sVECCDQZ-WdaIBNYNULXpGYvx-3AoFYs0doc1kYAMr-fiKZzQrRuWh2So1zXGfayVlSpkjERbfM7cRDV1_Qyb4HCoy3luNlLGeDxBLcLc51Ef0tupPGaAYMz3TVGo_jSvxdZBdmQbLfHrUb-Z2Cj2EDy7DudDfaSsuLvOa60i8p_BrE-nbSFbe2SYomzxXGYJkCcBHhEGjfW980W71UnS863giqFAKrnJ27bVoomiScWgF4d4xOQuFpoOzpm02fgi9ggociOhibVuPLyYq617OLdocaw4g7IIjVWnp2dGCfoWNAvzTryLzlTwQ6dpBvys3VvkwIwqL6pXpo8vruOeL5BSGOZ3yc_5pgaLL_5tppgMipgxTf73x4b1iWIZdsedv9YR0XW_UbXWI4gjzug8lc83jgyHHkvlM8P9RV5zApXWVLELhTnmtwBC9PQoSyTXbnfkbkQT30oDoucjQqv0OnSkPGNnh0hj8xlYxtx2ZjnM8OPHyOAceyfVdK1gYCPe0zjADAXFiCNfu9IIsWA77Ehketp-wWGfFfhQlHw4uvLeDmwpfjfyMwoSqthJDgZbrS5tvOeaUVKcqsJ00QCIMmZqThQFhWSjd1TvltItVUUV5_WxPn5kM1A5A1sWB7RhWTSWCzFNQoiJ_bpV1fKgrj2r_ugH4nN26yc6dvkfQWkL68ldKqIweC78TfM3DLCQDfYg6BMFUkxVhKf6siG_zHZR9cBHQJTbf8jlUJufpPLHEC-rd_yD1cBAO_wZO_vuuJYKh_iLUWdxjpa_YKG5B2VHuMqMWNrU34rPKqeaa5bIkke6r7P0RaB92yNVcWuBiy6wA7C8BY7aRzf1B6j3CJE1IhoinGtuMjYXVOyvohVnF8VCwFb5X3IS1lT3St33AZnFtGK5fV2SkoWmBnWcbf1EqTSLnSzULllD0_-EhnbhxTxJ2Iks0c5AKvctpoRCUc0r0PPIUOSVDi3aTnoMEbrpvpWq5O7SJ-w9_MraPpaq16BIHT5oCUQgrwSm1F3MbdUQ
Requested by
Host: a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com
URL: https://a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1.gif
activate.platform.californiatimes.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activate.platform.californiatimes.com/privacy/v1/b/1.gif?n=4&c=2715&i=8thlsj&p=latimes&s=3772&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNDU1IiwiY2xpZW50SWQiOjI3MTUsInB1Ymxpc2hQYXRoIjoibGF0aW1lcyIsImluc3RhbmNlSWQiOiI4dGhsc2oiLCJwYWNrZXQiOjQsIm1vZGUiOiJlbmZvcmNlWgDyJ29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLMA9lZodHRwczovL2V1cy5ydWJpY29ucHJvamVjdC5jb20vdXN5bmMuaHRtbD91c19wcml2YWN5PTFZTlkiLCJ0eXBlIjoiaWZyYW1lIiwic3RhcnQiOjE2MTg2ODk5NDc2NDAsImVuZBQAwTUwMjY1LCJzb3VyYzwAoG5zZXJ0QmVmb3KpAGBzdGF0dXMQATFvYWS5AEBhc29uuADUXSwiZGF0YVBhdHRlchIAxmxpc3QiOltdLCJpZGQAAXgAL30s6gAH_zwtdS5vcGVueC5uZXQvdy8xLjAvcGQ_cGxtPTYmcGg9ZmU4NDBmMzUtZTZmMS00ZGQyLWI2NTctNDg2ZmNiYzc3Njk1JmdkcHI9MCYVASEgODmnAQexAAwVATFtdXSfAaJPYnNlcnZlckNMXQEPGwEyLzg5GwGILTQ3GwE_NTA4MAJQHzcVAQehYWNkbi5hZG54cxIDUGRtcC9hFgNQX3VzZXIJAAEfAw8PAxE9NTk03wA_NzMy3wBOPzU5NN8AUT82ODXfAAwP2QJLHzXlAFIeM6MCLzgxowJQHzOjAlI9Njg4xAEK3wAPxAFLHzjEAVIeNogDPzgyNIgDTi82NogDUx45dgcK3wAPxAFKLzkwxAEHgmViMi4zbGlmXQgAPQUMVwgfJkkFETw2MjOmAk8xNDczwQFPLzIz3ABPHTUfCE8xNTQ23ABPHzUZCIkdMLIDPzE1NRUBUB8wsgMIL2V1SQptHTYGAwoVAQ_oA0ovODYMA08vNzLiAAAPbQdQLzcy3ABPLzkx3AAMD74BQ8A2ODk5NDc2OTF9XX0
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:51 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sat, 17 Apr 2021 20:05:50 GMT
bridge
cm.adgrx.com/ Frame ED59 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:52 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-2
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame ED59
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=nlR0h2df1LxRco5
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=nlR0h2df1LxRco5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:52 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:51 GMT
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-0c15f6a621e7ffebe@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=nlR0h2df1LxRco5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame ED59
Redirect Chain
  • https://d.adroll.com/cm/index/ssp
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:55 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sat, 17 Apr 2021 20:05:55 GMT
server
nginx/1.18.0
content-length
76
cookiesync
bttrack.com/pixel/ Frame ED59 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Sat, 17 Apr 2021 20:04:55 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
dcm
s.amazon-adsystem.com/ Frame ED59 		43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YHs_nI5ptGwGCKyi8eK4JAAABJ0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:54 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame ED59
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=368a8bd1-f6ca-ad89-70f2d697
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=368a8bd1-f6ca-ad89-70f2d697
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:54 GMT

Redirect headers

date
Sat, 17 Apr 2021 20:05:54 GMT
via
1.1 google
server
nginx/1.19.10
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=368a8bd1-f6ca-ad89-70f2d697
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
119
crum
dsum-sec.casalemedia.com/ Frame ED59
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030003_607b3fa2c9bcb&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030003_607b3fa2c9bcb
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030003_607b3fa2c9bcb
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:55 GMT

Redirect headers

date
Sat, 17 Apr 2021 20:05:54 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030003_607b3fa2c9bcb
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame ED59
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YHs-nI5ptGwGCKyi8eK4JAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF8fKl7W84aOK5MVqP6OQAU&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF8fKl7W84aOK5MVqP6OQAU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:52 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF8fKl7W84aOK5MVqP6OQAU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame ED59 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YHs-nI5ptGwGCKyi8eK4JAAA%261181
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.latimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:52 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3026
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:56:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D84E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:05:52 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 97EE 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36816007&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:52 GMT
Content-Length
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 97EB 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=13628300161032900710592011567028&a=99c9ade3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 10:36:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120567
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 10:36:25 GMT
mircosoft-300-600%20(1).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 97EB 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/advertiser/32995/creativesup/mircosoft-300-600%20(1).jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=13628300161032900710592011567028&a=99c9ade3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
5057f7beaa08450682a5418bdce93e9783bd704527406843fb019ea0a52778d4

Request headers

Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:53 GMT
Last-Modified
Mon, 20 Jun 2016 09:27:03 GMT
Server
nginx
ETag
"5767b6e7-f6a2"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
63138
trk.gif
jadserve.postrelease.com/ 		43 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=386,387,388,389&ntv_r1=11698&ntv_r2=11698&ntv_r3=11698&ntv_r4=12261&ntv_pl=1069570&ntv_it
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.108.168 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:52 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
viewability
hal900028.redintelligence.net/ Frame 97EB 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/viewability?s=13628300161032900710592011567028&a=3641b859&vb=m
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=13628300161032900710592011567028&a=99c9ade3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal900028.redintelligence.net/request_content.php?s=13628300161032900710592011567028&a=99c9ade3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:55 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 97EB 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame CFA0 		478 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVJ63rRYlun2C9p2XHstro1tweMoybBmUyLmMZVB6N3noh6GakPRLYYzeBi88xm_YDacUB9uCetrcoYgk-d7iFGygkHhXbmFdhZSfjkh3eVJj53628spfuZdwHro3EbGkkdVmaYMmDfmI3Ma1kuqE83CAbidww8xqsk_xGVo3sNaweDUlZD5vbD-VkIBlp7T_r9F0VSI9mecbOQgCtaa3ysummdyA
Requested by
Host: 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
URL: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVJ63rRYlun2C9p2XHstro1tweMoybBmUyLmMZVB6N3noh6GakPRLYYzeBi88xm_YDacUB9uCetrcoYgk-d7iFGygkHhXbmFdhZSfjkh3eVJj53628spfuZdwHro3EbGkkdVmaYMmDfmI3Ma1kuqE83CAbidww8xqsk_xGVo3sNaweDUlZD5vbD-VkIBlp7T_r9F0VSI9mecbOQgCtaa3ysummdyA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlT8wYwLNF4oYuuD8w2NWE0u-3vZjFtxvNoull2SAFEvWlUDlRUewlQXoaKoIg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 17 Apr 2021 20:05:52 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 9CC1 		22 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyY1lcHHoJQUcr3UQNfBlwbVc9adZ2LTykmpdjxqh5kv6RRqduv_8n1qo1ImK7CST20VOFE-rxIqjK6KmeUfvrCZQ5Bi8zYjrZTecwbjSSvfp_9Gl8AlL2QDpL7OXBphipaiXzJCpqh6r3AApMzVBYdOckOg&cry=1&dbm_d=AKAmf-D3Rg4PMFxl1LcY3UiQuPCzMXc-TeU49DHEqqAg0QpJfWt-8aWmxbsaL6fsQ8LwwVxbhq9Cuw8S76Q_oRMn0xsAocfL23bKMuAq4qCjka7Pg4pT8CDrvk3MifU1cZc461fcww5H1qIMewGeJrC6w97cK5N4aFN3_-Ka2HeqM2UMBzkD2GHqhE8BzrOQ2oG7uxsD7RHgXNg2RjdlVCbFkrQJrafbWNQj-ytiDPJZkwFURtRdBOyTMdla6n4__U7ME9Bn6lyncLflcEswlEkFs6SSkm-kOmVDc2Zc-o240unrCGcWOVGOl6FUsrKs4bX_8TaidhfVlUntupxNdR2cUMiT_iUX6cAaN-pYk4n94XABgGaOdR1bsUS6OBeCXghhAJdr-eG1jukzhoT6N0cVdAYZ6Je0dFEg_EUPZ8-blkFvbP4Kvmm8XBFQLKBVepSQt59S2fOYIEKl04OtLdBLIt77lVTn7b-V_7QHYDNtygT2k06oTn7OSy0UhGfBFic3v2xhXB7Pw7DQ6JEl80dXaeg6KzIheHDXc-aJqMOAP5l_xn-UbASoafRPCDWDMArIYDv-sd3XvDl2mK0SvoDPcx6NzKc4uOGomlvCHndV3s7JTQvvvNKIhJWySRBxS0jG2EEv7GOsxWXgZURY8OkyO_LTq7vbkYADPGkcWZtaVMTHOQgI6Uetkp77YsyLPCXbxfwQ4_5pIaGln3nn334er8CxlCm5X-rr6q3CZKxnK99IQabwkhTLujlIynxx52ib19exMuMu0f29unJdpJUiWMgfl3A6-C0CiYROZetk5Utp1ORmFuvafOMmPvMlYmnTCf-M6f2LplYDIKIZX040KcYBQ2Qhv--cCwUcMiS5HiLsFzvj2x72jeTORiVRGsdq0Ap-D_Dy4vC7FUT9NV_BceV59ImNCHY4V5KO_BPAuC5CAV9kqfM4riEXaV4boBVnkdIQTAvhCeGklZ69cxsnLDhUYJsiD20uJ4T4TSJ7SFXhlSVPGKdJ2l2Z0G-MpQV8DcMRC_hkn56FenYmo5tYVAaVgmolHbEGZmIKQSkRABBF8yYV-kzGrivtQyHR4U-gl6yXdwAEuGn3EHCp10ijfBdJZrMxutAvYq3MLdF9STjIObEfNvn4ffYFMBpfr1XZyPESUAaym-qx-WyDeZ47qOQuhGpy1ObTDK60y4aW5tQXmmOEE3Ru_JO-aAuQRDJILQPuGAycpUnvm3fLUuJI3Hy3tUm2uotYwoey6amdq3qzWFyExn5FhBSz0bHUlV6812p75KgrZAAOqaNzMTP8yAUJoUPeDJQNguGn_snZI8Pq4S2jij6o7xXTo6nsSmSiPuZHtjEHjW8l-EIH1N2TIxTk0nwaF33K9loo8bW-xMwUs8F9cGTKTn-B80J1k8WDV5cyRyElrW5BwlBUfn0RksePrRSsWSa6dJa8FxD_5ho30FgwoLsBgGjnvwgFSkQMDXfDqS_qp8CV6xhzGmOEJtCSy0Doem6qnMcX_ZKXPHEgA_tCPpQD-p26J7sfsmkYWSBAL3IrlPXzdmdk27DiBfhHAtCIuFhPGPZSvAaRTFFyJlsvPe4dR9UDqtYQYz9l4KYL2IaUAi2XAnDMP1rmyWtzQB5PlK4Z6wD0Ht6cqgp2zHwxjIQqdJ9XngTOge8qpORI4sdJiqFZwDtMWwVNkMjNKtpokMsV4MEDFCAIHJJ2gFoy3MZuB1YY6uE7KU-FOzCFLgMoxrLqaUB66qxzNAqBINjW7S5Ffsjcn3xv3b9Ak2AB5GTTaTjwPnU__iHd54eFm1w_o_9S-uuSaM0_vetTblG4Dlu-GHFJk1ZDZyHBqlgClF1fb6RQyuqhxxrz7XGzSj3uNCfRSp11lpCwlGIgfY7Utw1fyKPB9R0yExEzvwWmgG77k19Wfx3aIVQAyNhleO1Jb84qQlMCY660Ib514h1I58a30jfS6mMfZxzVo4kCQQZ4NnrADcZeYpGO2oTuwdIHBIfq6C9reh2X8V6HioshIA-ibwQ7BgZiubH1fRIjOeIrcI0Ck4olPBdT9v3uqlmpyMcOjm1u1SSAZbkaVd4MIJ-CsQE3JqEo2hMi_bgIz0Nb102b7W_z8ynY6-7Xc39crOxZQVyYE3o7Kj1J_C06KfhkOftpkeohHuhILK1UsNzXc3vPuHfLBTrfC0eXnbU6Y_z0o76P0ZowV4DgKyJXGWF9MmfWhITQyPkGAUETu_HxUjtnrDUWvkBFeRmTXLkag-D27IvysHHb2_X4mr37k9SrqLxS32SobAAj6sGVTUm0pQnvXRYUWGznAxcUzvsB91poTxivcdMOtIofOdc4Mx_SJriKQ6PnOGFlcF-WrzsJrgVOL1__EnShy-qGeRdxYS5zRRA8E2OeFEnlbXkfxurzc3EIzi24ydGlXJIJmviLVW6Op2mxgRqcm31_E3jgqQ_BYrJEz6kwUUGBttQqvoHTfEb-4E4PsVin20eCHGAj1SI7E7ftsoMfLuPD7uzmLELDX7q44T1Bd5UmaqP7CIYVazuRgFEhclJcdph2G7KjIjoAvK-61gqETEgv2CDVBuUz3gJY1A3vRT-7KBsIRBdDcyVAQDqwhOmNPcrav4_RdnA0MjLQqDlo8knSiQwN9lAaxoZSMgLAAbzwJxLh5S3YWob3778cY5GeRurmclVy8rimSahY1_F6hxMjvmY1bBeIAxLoC-ckLh8_gyQOl4D98ZUR24Cyx7itU8pI8VGpBI0n9njNnSl5obWpE4P0mpa178EGBb3ddi-nE_6Wvk30sUXstuKkqqy9YAvb9wLUehJMs__zs9SO79fFwx0u79HoNZ0lcYhSFwsnEJXBL-XVzZuASIUhbBzmDy5DUHmlJ7pKPe_0UktMRhcxeoHy2yTeE4HS1LqFF0mpcGezHGL_eCMZiBpGwGytm6NNdBizT1JawV4S9YsD7qWNlwKK1p0usTT5Was-X7kdVjt5VgV2-7wrhtkW3hp3A7SQF6rUeVl3qWAZRPwb05jUVKC-d-45EETp99MRW2yxHoCg9LoDtepWZNcjj0lhC9Fgff1J0_xXFn9SusnwouM6FpF2djX7dzmB-j6NhFdtJdLooP5ZCXjW5azbv07j8-lYf6LQHoxTMSSLCyQUKomzwbJT-9qjmAg4lTRKqUV6UiirxSmpL6UUI0b1OPd7J2onLBo5ZNrHebRbiky6NfDNv14FAy4Yj2XvUlbmVY1SftnAfKl73cobN8TL6MANysWibwKYRsg8YzBsERMmii-AP-zMLEo7_HxvjT_nZweJjcNhxC_a6jspi3-khEPYrRB2R3_fiE55HalQ3TcQVX57YhyGcrVwvQG-myyRkMN0_487CYVwpzta4cw9194sbConYS7wC8Yc2pqWmJ33QolG_51-7nKAvlzXngGupRuTltfBbm0xNfu4dqJ9TGGjZRdV0QXesEDi9M2SucDGJhq-5tEt&cid=CAASEuRo8oRWIojfhKDAfrJOLiv3Cg&rfl=2%2Chttps%253A%252F%252Fwww.latimes.com%242%2Chttps%253A%252F%252Fwww.latimes.com%252F%240
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a33c61f06323e15f6e6b0c6e454c0a7e04f0f3959322f8428324e154107d99d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11440
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CC1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A0820gM6XwGqAFx8bkSI8xUuv5GTXB49OuFdnHbI16rIGDUR0s2cRxqFHqjszGQHgTlGaf2ogMvbfBKwje1z5hRl95gEvNY73nc6LTlTVUOI70kQk
Requested by
Host: 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
URL: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 9CC1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
URL: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 May 2021 20:04:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9CC1 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
URL: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:05:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 9CC1 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
URL: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:03:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 May 2021 20:03:43 GMT
l
www.google.com/ads/measurement/ Frame 9CC1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRg5-lE8hPXhBDkJkJGvXESrhLqsZqQIzhP2-Pt-Sjgwa9_b31R9UIQVWXbH-0Fih_O8bJiYu3jLx092OrwwGk6sH8oaQ
Requested by
Host: 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
URL: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 37B1 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.latimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sat, 17 Apr 2021 15:25:26 GMT
expires
Sun, 17 Apr 2022 15:25:26 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16826
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
crum
dsum-sec.casalemedia.com/ Frame 4980
Redirect Chain
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=68c06cc3-b32b-4024-a478-466a0595d4a9&expiration=1626552352
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=68c06cc3-b32b-4024-a478-466a0595d4a9&expiration=1626552352&C=1
43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=68c06cc3-b32b-4024-a478-466a0595d4a9&expiration=1626552352&C=1
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:52 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=68c06cc3-b32b-4024-a478-466a0595d4a9&expiration=1626552352&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
326
Expires
Sat, 17 Apr 2021 20:05:52 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 9CC1 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyY1lcHHoJQUcr3UQNfBlwbVc9adZ2LTykmpdjxqh5kv6RRqduv_8n1qo1ImK7CST20VOFE-rxIqjK6KmeUfvrCZQ5Bi8zYjrZTecwbjSSvfp_9Gl8AlL2QDpL7OXBphipaiXzJCpqh6r3AApMzVBYdOckOg&cry=1&dbm_d=AKAmf-D3Rg4PMFxl1LcY3UiQuPCzMXc-TeU49DHEqqAg0QpJfWt-8aWmxbsaL6fsQ8LwwVxbhq9Cuw8S76Q_oRMn0xsAocfL23bKMuAq4qCjka7Pg4pT8CDrvk3MifU1cZc461fcww5H1qIMewGeJrC6w97cK5N4aFN3_-Ka2HeqM2UMBzkD2GHqhE8BzrOQ2oG7uxsD7RHgXNg2RjdlVCbFkrQJrafbWNQj-ytiDPJZkwFURtRdBOyTMdla6n4__U7ME9Bn6lyncLflcEswlEkFs6SSkm-kOmVDc2Zc-o240unrCGcWOVGOl6FUsrKs4bX_8TaidhfVlUntupxNdR2cUMiT_iUX6cAaN-pYk4n94XABgGaOdR1bsUS6OBeCXghhAJdr-eG1jukzhoT6N0cVdAYZ6Je0dFEg_EUPZ8-blkFvbP4Kvmm8XBFQLKBVepSQt59S2fOYIEKl04OtLdBLIt77lVTn7b-V_7QHYDNtygT2k06oTn7OSy0UhGfBFic3v2xhXB7Pw7DQ6JEl80dXaeg6KzIheHDXc-aJqMOAP5l_xn-UbASoafRPCDWDMArIYDv-sd3XvDl2mK0SvoDPcx6NzKc4uOGomlvCHndV3s7JTQvvvNKIhJWySRBxS0jG2EEv7GOsxWXgZURY8OkyO_LTq7vbkYADPGkcWZtaVMTHOQgI6Uetkp77YsyLPCXbxfwQ4_5pIaGln3nn334er8CxlCm5X-rr6q3CZKxnK99IQabwkhTLujlIynxx52ib19exMuMu0f29unJdpJUiWMgfl3A6-C0CiYROZetk5Utp1ORmFuvafOMmPvMlYmnTCf-M6f2LplYDIKIZX040KcYBQ2Qhv--cCwUcMiS5HiLsFzvj2x72jeTORiVRGsdq0Ap-D_Dy4vC7FUT9NV_BceV59ImNCHY4V5KO_BPAuC5CAV9kqfM4riEXaV4boBVnkdIQTAvhCeGklZ69cxsnLDhUYJsiD20uJ4T4TSJ7SFXhlSVPGKdJ2l2Z0G-MpQV8DcMRC_hkn56FenYmo5tYVAaVgmolHbEGZmIKQSkRABBF8yYV-kzGrivtQyHR4U-gl6yXdwAEuGn3EHCp10ijfBdJZrMxutAvYq3MLdF9STjIObEfNvn4ffYFMBpfr1XZyPESUAaym-qx-WyDeZ47qOQuhGpy1ObTDK60y4aW5tQXmmOEE3Ru_JO-aAuQRDJILQPuGAycpUnvm3fLUuJI3Hy3tUm2uotYwoey6amdq3qzWFyExn5FhBSz0bHUlV6812p75KgrZAAOqaNzMTP8yAUJoUPeDJQNguGn_snZI8Pq4S2jij6o7xXTo6nsSmSiPuZHtjEHjW8l-EIH1N2TIxTk0nwaF33K9loo8bW-xMwUs8F9cGTKTn-B80J1k8WDV5cyRyElrW5BwlBUfn0RksePrRSsWSa6dJa8FxD_5ho30FgwoLsBgGjnvwgFSkQMDXfDqS_qp8CV6xhzGmOEJtCSy0Doem6qnMcX_ZKXPHEgA_tCPpQD-p26J7sfsmkYWSBAL3IrlPXzdmdk27DiBfhHAtCIuFhPGPZSvAaRTFFyJlsvPe4dR9UDqtYQYz9l4KYL2IaUAi2XAnDMP1rmyWtzQB5PlK4Z6wD0Ht6cqgp2zHwxjIQqdJ9XngTOge8qpORI4sdJiqFZwDtMWwVNkMjNKtpokMsV4MEDFCAIHJJ2gFoy3MZuB1YY6uE7KU-FOzCFLgMoxrLqaUB66qxzNAqBINjW7S5Ffsjcn3xv3b9Ak2AB5GTTaTjwPnU__iHd54eFm1w_o_9S-uuSaM0_vetTblG4Dlu-GHFJk1ZDZyHBqlgClF1fb6RQyuqhxxrz7XGzSj3uNCfRSp11lpCwlGIgfY7Utw1fyKPB9R0yExEzvwWmgG77k19Wfx3aIVQAyNhleO1Jb84qQlMCY660Ib514h1I58a30jfS6mMfZxzVo4kCQQZ4NnrADcZeYpGO2oTuwdIHBIfq6C9reh2X8V6HioshIA-ibwQ7BgZiubH1fRIjOeIrcI0Ck4olPBdT9v3uqlmpyMcOjm1u1SSAZbkaVd4MIJ-CsQE3JqEo2hMi_bgIz0Nb102b7W_z8ynY6-7Xc39crOxZQVyYE3o7Kj1J_C06KfhkOftpkeohHuhILK1UsNzXc3vPuHfLBTrfC0eXnbU6Y_z0o76P0ZowV4DgKyJXGWF9MmfWhITQyPkGAUETu_HxUjtnrDUWvkBFeRmTXLkag-D27IvysHHb2_X4mr37k9SrqLxS32SobAAj6sGVTUm0pQnvXRYUWGznAxcUzvsB91poTxivcdMOtIofOdc4Mx_SJriKQ6PnOGFlcF-WrzsJrgVOL1__EnShy-qGeRdxYS5zRRA8E2OeFEnlbXkfxurzc3EIzi24ydGlXJIJmviLVW6Op2mxgRqcm31_E3jgqQ_BYrJEz6kwUUGBttQqvoHTfEb-4E4PsVin20eCHGAj1SI7E7ftsoMfLuPD7uzmLELDX7q44T1Bd5UmaqP7CIYVazuRgFEhclJcdph2G7KjIjoAvK-61gqETEgv2CDVBuUz3gJY1A3vRT-7KBsIRBdDcyVAQDqwhOmNPcrav4_RdnA0MjLQqDlo8knSiQwN9lAaxoZSMgLAAbzwJxLh5S3YWob3778cY5GeRurmclVy8rimSahY1_F6hxMjvmY1bBeIAxLoC-ckLh8_gyQOl4D98ZUR24Cyx7itU8pI8VGpBI0n9njNnSl5obWpE4P0mpa178EGBb3ddi-nE_6Wvk30sUXstuKkqqy9YAvb9wLUehJMs__zs9SO79fFwx0u79HoNZ0lcYhSFwsnEJXBL-XVzZuASIUhbBzmDy5DUHmlJ7pKPe_0UktMRhcxeoHy2yTeE4HS1LqFF0mpcGezHGL_eCMZiBpGwGytm6NNdBizT1JawV4S9YsD7qWNlwKK1p0usTT5Was-X7kdVjt5VgV2-7wrhtkW3hp3A7SQF6rUeVl3qWAZRPwb05jUVKC-d-45EETp99MRW2yxHoCg9LoDtepWZNcjj0lhC9Fgff1J0_xXFn9SusnwouM6FpF2djX7dzmB-j6NhFdtJdLooP5ZCXjW5azbv07j8-lYf6LQHoxTMSSLCyQUKomzwbJT-9qjmAg4lTRKqUV6UiirxSmpL6UUI0b1OPd7J2onLBo5ZNrHebRbiky6NfDNv14FAy4Yj2XvUlbmVY1SftnAfKl73cobN8TL6MANysWibwKYRsg8YzBsERMmii-AP-zMLEo7_HxvjT_nZweJjcNhxC_a6jspi3-khEPYrRB2R3_fiE55HalQ3TcQVX57YhyGcrVwvQG-myyRkMN0_487CYVwpzta4cw9194sbConYS7wC8Yc2pqWmJ33QolG_51-7nKAvlzXngGupRuTltfBbm0xNfu4dqJ9TGGjZRdV0QXesEDi9M2SucDGJhq-5tEt&cid=CAASEuRo8oRWIojfhKDAfrJOLiv3Cg&rfl=2%2Chttps%253A%252F%252Fwww.latimes.com%242%2Chttps%253A%252F%252Fwww.latimes.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d04fe3e6d57be524334f1688f690be20fb65e09d806c549e1f78aa8d3f7dbae7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8468
x-xss-protection
0
server
cafe
etag
17868783254023373946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 May 2021 20:01:30 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9CC1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyY1lcHHoJQUcr3UQNfBlwbVc9adZ2LTykmpdjxqh5kv6RRqduv_8n1qo1ImK7CST20VOFE-rxIqjK6KmeUfvrCZQ5Bi8zYjrZTecwbjSSvfp_9Gl8AlL2QDpL7OXBphipaiXzJCpqh6r3AApMzVBYdOckOg&cry=1&dbm_d=AKAmf-D3Rg4PMFxl1LcY3UiQuPCzMXc-TeU49DHEqqAg0QpJfWt-8aWmxbsaL6fsQ8LwwVxbhq9Cuw8S76Q_oRMn0xsAocfL23bKMuAq4qCjka7Pg4pT8CDrvk3MifU1cZc461fcww5H1qIMewGeJrC6w97cK5N4aFN3_-Ka2HeqM2UMBzkD2GHqhE8BzrOQ2oG7uxsD7RHgXNg2RjdlVCbFkrQJrafbWNQj-ytiDPJZkwFURtRdBOyTMdla6n4__U7ME9Bn6lyncLflcEswlEkFs6SSkm-kOmVDc2Zc-o240unrCGcWOVGOl6FUsrKs4bX_8TaidhfVlUntupxNdR2cUMiT_iUX6cAaN-pYk4n94XABgGaOdR1bsUS6OBeCXghhAJdr-eG1jukzhoT6N0cVdAYZ6Je0dFEg_EUPZ8-blkFvbP4Kvmm8XBFQLKBVepSQt59S2fOYIEKl04OtLdBLIt77lVTn7b-V_7QHYDNtygT2k06oTn7OSy0UhGfBFic3v2xhXB7Pw7DQ6JEl80dXaeg6KzIheHDXc-aJqMOAP5l_xn-UbASoafRPCDWDMArIYDv-sd3XvDl2mK0SvoDPcx6NzKc4uOGomlvCHndV3s7JTQvvvNKIhJWySRBxS0jG2EEv7GOsxWXgZURY8OkyO_LTq7vbkYADPGkcWZtaVMTHOQgI6Uetkp77YsyLPCXbxfwQ4_5pIaGln3nn334er8CxlCm5X-rr6q3CZKxnK99IQabwkhTLujlIynxx52ib19exMuMu0f29unJdpJUiWMgfl3A6-C0CiYROZetk5Utp1ORmFuvafOMmPvMlYmnTCf-M6f2LplYDIKIZX040KcYBQ2Qhv--cCwUcMiS5HiLsFzvj2x72jeTORiVRGsdq0Ap-D_Dy4vC7FUT9NV_BceV59ImNCHY4V5KO_BPAuC5CAV9kqfM4riEXaV4boBVnkdIQTAvhCeGklZ69cxsnLDhUYJsiD20uJ4T4TSJ7SFXhlSVPGKdJ2l2Z0G-MpQV8DcMRC_hkn56FenYmo5tYVAaVgmolHbEGZmIKQSkRABBF8yYV-kzGrivtQyHR4U-gl6yXdwAEuGn3EHCp10ijfBdJZrMxutAvYq3MLdF9STjIObEfNvn4ffYFMBpfr1XZyPESUAaym-qx-WyDeZ47qOQuhGpy1ObTDK60y4aW5tQXmmOEE3Ru_JO-aAuQRDJILQPuGAycpUnvm3fLUuJI3Hy3tUm2uotYwoey6amdq3qzWFyExn5FhBSz0bHUlV6812p75KgrZAAOqaNzMTP8yAUJoUPeDJQNguGn_snZI8Pq4S2jij6o7xXTo6nsSmSiPuZHtjEHjW8l-EIH1N2TIxTk0nwaF33K9loo8bW-xMwUs8F9cGTKTn-B80J1k8WDV5cyRyElrW5BwlBUfn0RksePrRSsWSa6dJa8FxD_5ho30FgwoLsBgGjnvwgFSkQMDXfDqS_qp8CV6xhzGmOEJtCSy0Doem6qnMcX_ZKXPHEgA_tCPpQD-p26J7sfsmkYWSBAL3IrlPXzdmdk27DiBfhHAtCIuFhPGPZSvAaRTFFyJlsvPe4dR9UDqtYQYz9l4KYL2IaUAi2XAnDMP1rmyWtzQB5PlK4Z6wD0Ht6cqgp2zHwxjIQqdJ9XngTOge8qpORI4sdJiqFZwDtMWwVNkMjNKtpokMsV4MEDFCAIHJJ2gFoy3MZuB1YY6uE7KU-FOzCFLgMoxrLqaUB66qxzNAqBINjW7S5Ffsjcn3xv3b9Ak2AB5GTTaTjwPnU__iHd54eFm1w_o_9S-uuSaM0_vetTblG4Dlu-GHFJk1ZDZyHBqlgClF1fb6RQyuqhxxrz7XGzSj3uNCfRSp11lpCwlGIgfY7Utw1fyKPB9R0yExEzvwWmgG77k19Wfx3aIVQAyNhleO1Jb84qQlMCY660Ib514h1I58a30jfS6mMfZxzVo4kCQQZ4NnrADcZeYpGO2oTuwdIHBIfq6C9reh2X8V6HioshIA-ibwQ7BgZiubH1fRIjOeIrcI0Ck4olPBdT9v3uqlmpyMcOjm1u1SSAZbkaVd4MIJ-CsQE3JqEo2hMi_bgIz0Nb102b7W_z8ynY6-7Xc39crOxZQVyYE3o7Kj1J_C06KfhkOftpkeohHuhILK1UsNzXc3vPuHfLBTrfC0eXnbU6Y_z0o76P0ZowV4DgKyJXGWF9MmfWhITQyPkGAUETu_HxUjtnrDUWvkBFeRmTXLkag-D27IvysHHb2_X4mr37k9SrqLxS32SobAAj6sGVTUm0pQnvXRYUWGznAxcUzvsB91poTxivcdMOtIofOdc4Mx_SJriKQ6PnOGFlcF-WrzsJrgVOL1__EnShy-qGeRdxYS5zRRA8E2OeFEnlbXkfxurzc3EIzi24ydGlXJIJmviLVW6Op2mxgRqcm31_E3jgqQ_BYrJEz6kwUUGBttQqvoHTfEb-4E4PsVin20eCHGAj1SI7E7ftsoMfLuPD7uzmLELDX7q44T1Bd5UmaqP7CIYVazuRgFEhclJcdph2G7KjIjoAvK-61gqETEgv2CDVBuUz3gJY1A3vRT-7KBsIRBdDcyVAQDqwhOmNPcrav4_RdnA0MjLQqDlo8knSiQwN9lAaxoZSMgLAAbzwJxLh5S3YWob3778cY5GeRurmclVy8rimSahY1_F6hxMjvmY1bBeIAxLoC-ckLh8_gyQOl4D98ZUR24Cyx7itU8pI8VGpBI0n9njNnSl5obWpE4P0mpa178EGBb3ddi-nE_6Wvk30sUXstuKkqqy9YAvb9wLUehJMs__zs9SO79fFwx0u79HoNZ0lcYhSFwsnEJXBL-XVzZuASIUhbBzmDy5DUHmlJ7pKPe_0UktMRhcxeoHy2yTeE4HS1LqFF0mpcGezHGL_eCMZiBpGwGytm6NNdBizT1JawV4S9YsD7qWNlwKK1p0usTT5Was-X7kdVjt5VgV2-7wrhtkW3hp3A7SQF6rUeVl3qWAZRPwb05jUVKC-d-45EETp99MRW2yxHoCg9LoDtepWZNcjj0lhC9Fgff1J0_xXFn9SusnwouM6FpF2djX7dzmB-j6NhFdtJdLooP5ZCXjW5azbv07j8-lYf6LQHoxTMSSLCyQUKomzwbJT-9qjmAg4lTRKqUV6UiirxSmpL6UUI0b1OPd7J2onLBo5ZNrHebRbiky6NfDNv14FAy4Yj2XvUlbmVY1SftnAfKl73cobN8TL6MANysWibwKYRsg8YzBsERMmii-AP-zMLEo7_HxvjT_nZweJjcNhxC_a6jspi3-khEPYrRB2R3_fiE55HalQ3TcQVX57YhyGcrVwvQG-myyRkMN0_487CYVwpzta4cw9194sbConYS7wC8Yc2pqWmJ33QolG_51-7nKAvlzXngGupRuTltfBbm0xNfu4dqJ9TGGjZRdV0QXesEDi9M2SucDGJhq-5tEt&cid=CAASEuRo8oRWIojfhKDAfrJOLiv3Cg&rfl=2%2Chttps%253A%252F%252Fwww.latimes.com%242%2Chttps%253A%252F%252Fwww.latimes.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 15:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18010
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Apr 2022 15:05:42 GMT
pixel
cm.g.doubleclick.net/ Frame CFA0 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVJ63rRYlun2C9p2XHstro1tweMoybBmUyLmMZVB6N3noh6GakPRLYYzeBi88xm_YDacUB9uCetrcoYgk-d7iFGygkHhXbmFdhZSfjkh3eVJj53628spfuZdwHro3EbGkkdVmaYMmDfmI3Ma1kuqE83CAbidww8xqsk_xGVo3sNaweDUlZD5vbD-VkIBlp7T_r9F0VSI9mecbOQgCtaa3ysummdyA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CFA0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_dbm=&google_tc=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCCzRszu_JZ31FscRe0m7k&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCCzRszu_JZ31FscRe0m7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVJ63rRYlun2C9p2XHstro1tweMoybBmUyLmMZVB6N3noh6GakPRLYYzeBi88xm_YDacUB9uCetrcoYgk-d7iFGygkHhXbmFdhZSfjkh3eVJj53628spfuZdwHro3EbGkkdVmaYMmDfmI3Ma1kuqE83CAbidww8xqsk_xGVo3sNaweDUlZD5vbD-VkIBlp7T_r9F0VSI9mecbOQgCtaa3ysummdyA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:52 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCCzRszu_JZ31FscRe0m7k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CFA0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHs-oPOTvHbcpWlYCy.98wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCCzRszu_JZ31FscRe0m7k&google_cver=1&google_hm=2
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCCzRszu_JZ31FscRe0m7k&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVJ63rRYlun2C9p2XHstro1tweMoybBmUyLmMZVB6N3noh6GakPRLYYzeBi88xm_YDacUB9uCetrcoYgk-d7iFGygkHhXbmFdhZSfjkh3eVJj53628spfuZdwHro3EbGkkdVmaYMmDfmI3Ma1kuqE83CAbidww8xqsk_xGVo3sNaweDUlZD5vbD-VkIBlp7T_r9F0VSI9mecbOQgCtaa3ysummdyA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 17 Apr 2021 20:05:53 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCCzRszu_JZ31FscRe0m7k&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D54E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 17 Apr 2021 15:06:07 GMT
expires
Sun, 17 Apr 2022 15:06:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
17985
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hjtkt1t9m63l
hal9000.redintelligence.net/zone/ Frame 9CC1 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjLYXnj97YLq_IYe33wPmoqWoAo_g-IZT9aiLpMoM8C4QASCvwLZwYJUCyAEJqQIgAuV8Ixq0PqgDAaoE8gFP0Gljp0lb4EdcMgNiZhlF9gha3RD18QM3D_tBbbIWIEJW0IuH-9EWbRb5YlHGo2jg0xENGGxFkDgKy7ohobENL4emwacPWk9Ek-NjydtOXMQb6woxvH3PgAmrElb4_IfejWby1PK5NMk7X0ZfocaJuIL2o17ut9BysIMLp4ZvR5H6-JjzHGdTVo1LkJ5aGTjXPk7wnuzBdpa6SIcbI6cIK6KAhP4t5_W6j7YqwmsA-M-snne3cjYL1mWZDpmdUJSTBBgkFt24j9BZz2zNFtLu_r1HCrTKF2bWktBfBcBAJBnVVfip6c3k2ilbOGiPgjARJcAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo8oRWIojfhKDAfrJOLiv3Cg%26sig%3DAOD64_3IS7M56jYmeh1kARuZPSZuqcu1dw%26client%3Dca-pub-1409437888781518%26dbm_c%3DAKAmf-Cla-gdA8iDBlZT43DIvDTg83WFO6b0DeO79XK3uyNg_nXGc_4TrUbZu0lVRBPGXug7KwxiB7rqkQkEXYFWMtzuMQAevrhTfccVZpyH3wX7085oRnck0lHjkcTizG66_Av1sfF3iItxHhzgCsZugkBANVAz-w%26cry%3D1%26dbm_d%3DAKAmf-DGirQ5Wfqfj4c5HtvNiRcCJgiNJjRPChIzFlgTRwp2Ln9OVkE0tXUykt488Atiu8kjAz8eoVfXeDlSTGHfbHyYQ4lu1y3ozPl0yF4xj9mt91jeyY_9El4srVYDbknwayohENQO6keBDZSIsQ1nXgyFkySJ_HwIZYUmEcVkaPX7ERB5wb7slBjIqrmlETfEKOi58VvgiMTs9IBhLbmXemUGrty6cPlYIwUfhelIbXxFVnF5HAPTsdGp3uPF1k4rWUzV21TpLOtvYlf6OsV-DLmXum7UdHKeK-5R09L0QSEJAT9sD-N5W94RrDKzZaXkqmuJ_dEBmGYk6avyG4iCggrIiNSe6PGZWF8iE143uTHqJrSZnd2Wtn4rgRekycvdDHZkC7H6QNTZR6b-xgMnBH_B5ceSOanf1CrDLNyO-qeA_Axj_aF1p1RTGyXr3EZi28MfRwgRaEGU96quPF1_j0wvIbP3nBHke3xofAPtiEEVuFirjs1gfs7cStD58a9DRvaEBkhLDl3xMPrmimw1shKe0utXdiPwG7GZt9v0aLvmkbQJ8AXtN2JTSTZeXUg19xMxE2xGr0Ry3sxWPk-2NG_znlC_mrTnSiHqaywoiU4FKLIBp21LXKa3QamkoxdwZbeFN6sd6jmzvd-mghqZ4l3CbBc62bmxRKmlpgsK8HXMCYpXqbcLnYlpi4tPz-Ubf4RvSy-AP6Q9rNGOFteMdob23boZPA%26adurl%3D
Requested by
Host: 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
URL: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
39ee5aef42b49b8a48d418da74bb95f7a4b2dd19557bbb148d2b689477f3cb65

Request headers

Referer
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:52 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4103
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
pagead2.googlesyndication.com/bg/ Frame 37B1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 12:29:47 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
27365
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5682
x-xss-protection
0
expires
Sun, 17 Apr 2022 12:29:47 GMT
aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
pagead2.googlesyndication.com/bg/ Frame D54E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 12:29:47 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
27365
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5682
x-xss-protection
0
expires
Sun, 17 Apr 2022 12:29:47 GMT
request.php
hal90003.redintelligence.net/ Frame 9CC1
Redirect Chain
  • https://hal90003.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=1628b5ff93&subid=&uid=6dc2bfc76a472206&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90003.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=1628b5ff93&subid=&uid=6dc2bfc76a472206&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
610 B
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90003.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=1628b5ff93&subid=&uid=6dc2bfc76a472206&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjLYXnj97YLq_IYe33wPmoqWoAo_g-IZT9aiLpMoM8C4QASCvwLZwYJUCyAEJqQIgAuV8Ixq0PqgDAaoE8gFP0Gljp0lb4EdcMgNiZhlF9gha3RD18QM3D_tBbbIWIEJW0IuH-9EWbRb5YlHGo2jg0xENGGxFkDgKy7ohobENL4emwacPWk9Ek-NjydtOXMQb6woxvH3PgAmrElb4_IfejWby1PK5NMk7X0ZfocaJuIL2o17ut9BysIMLp4ZvR5H6-JjzHGdTVo1LkJ5aGTjXPk7wnuzBdpa6SIcbI6cIK6KAhP4t5_W6j7YqwmsA-M-snne3cjYL1mWZDpmdUJSTBBgkFt24j9BZz2zNFtLu_r1HCrTKF2bWktBfBcBAJBnVVfip6c3k2ilbOGiPgjARJcAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo8oRWIojfhKDAfrJOLiv3Cg%26sig%3DAOD64_3IS7M56jYmeh1kARuZPSZuqcu1dw%26client%3Dca-pub-1409437888781518%26dbm_c%3DAKAmf-Cla-gdA8iDBlZT43DIvDTg83WFO6b0DeO79XK3uyNg_nXGc_4TrUbZu0lVRBPGXug7KwxiB7rqkQkEXYFWMtzuMQAevrhTfccVZpyH3wX7085oRnck0lHjkcTizG66_Av1sfF3iItxHhzgCsZugkBANVAz-w%26cry%3D1%26dbm_d%3DAKAmf-DGirQ5Wfqfj4c5HtvNiRcCJgiNJjRPChIzFlgTRwp2Ln9OVkE0tXUykt488Atiu8kjAz8eoVfXeDlSTGHfbHyYQ4lu1y3ozPl0yF4xj9mt91jeyY_9El4srVYDbknwayohENQO6keBDZSIsQ1nXgyFkySJ_HwIZYUmEcVkaPX7ERB5wb7slBjIqrmlETfEKOi58VvgiMTs9IBhLbmXemUGrty6cPlYIwUfhelIbXxFVnF5HAPTsdGp3uPF1k4rWUzV21TpLOtvYlf6OsV-DLmXum7UdHKeK-5R09L0QSEJAT9sD-N5W94RrDKzZaXkqmuJ_dEBmGYk6avyG4iCggrIiNSe6PGZWF8iE143uTHqJrSZnd2Wtn4rgRekycvdDHZkC7H6QNTZR6b-xgMnBH_B5ceSOanf1CrDLNyO-qeA_Axj_aF1p1RTGyXr3EZi28MfRwgRaEGU96quPF1_j0wvIbP3nBHke3xofAPtiEEVuFirjs1gfs7cStD58a9DRvaEBkhLDl3xMPrmimw1shKe0utXdiPwG7GZt9v0aLvmkbQJ8AXtN2JTSTZeXUg19xMxE2xGr0Ry3sxWPk-2NG_znlC_mrTnSiHqaywoiU4FKLIBp21LXKa3QamkoxdwZbeFN6sd6jmzvd-mghqZ4l3CbBc62bmxRKmlpgsK8HXMCYpXqbcLnYlpi4tPz-Ubf4RvSy-AP6Q9rNGOFteMdob23boZPA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.latimes.com%2F&ancestorOrigins=https%3A%2F%2Fwww.latimes.com%2Chttps%3A%2F%2Fwww.latimes.com&random=4729719290886&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by
Host: 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
URL: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
78520fa66920dba260b65c345aa7da01404e4abed0efad8c182b1675e50f681b

Request headers

Referer
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:54 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
23200300178898500710584011567003
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
329
Expires
Sat, 17 Apr 2021 21:05:54 +0200

Redirect headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:54 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=1628b5ff93&subid=&uid=6dc2bfc76a472206&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjLYXnj97YLq_IYe33wPmoqWoAo_g-IZT9aiLpMoM8C4QASCvwLZwYJUCyAEJqQIgAuV8Ixq0PqgDAaoE8gFP0Gljp0lb4EdcMgNiZhlF9gha3RD18QM3D_tBbbIWIEJW0IuH-9EWbRb5YlHGo2jg0xENGGxFkDgKy7ohobENL4emwacPWk9Ek-NjydtOXMQb6woxvH3PgAmrElb4_IfejWby1PK5NMk7X0ZfocaJuIL2o17ut9BysIMLp4ZvR5H6-JjzHGdTVo1LkJ5aGTjXPk7wnuzBdpa6SIcbI6cIK6KAhP4t5_W6j7YqwmsA-M-snne3cjYL1mWZDpmdUJSTBBgkFt24j9BZz2zNFtLu_r1HCrTKF2bWktBfBcBAJBnVVfip6c3k2ilbOGiPgjARJcAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo8oRWIojfhKDAfrJOLiv3Cg%26sig%3DAOD64_3IS7M56jYmeh1kARuZPSZuqcu1dw%26client%3Dca-pub-1409437888781518%26dbm_c%3DAKAmf-Cla-gdA8iDBlZT43DIvDTg83WFO6b0DeO79XK3uyNg_nXGc_4TrUbZu0lVRBPGXug7KwxiB7rqkQkEXYFWMtzuMQAevrhTfccVZpyH3wX7085oRnck0lHjkcTizG66_Av1sfF3iItxHhzgCsZugkBANVAz-w%26cry%3D1%26dbm_d%3DAKAmf-DGirQ5Wfqfj4c5HtvNiRcCJgiNJjRPChIzFlgTRwp2Ln9OVkE0tXUykt488Atiu8kjAz8eoVfXeDlSTGHfbHyYQ4lu1y3ozPl0yF4xj9mt91jeyY_9El4srVYDbknwayohENQO6keBDZSIsQ1nXgyFkySJ_HwIZYUmEcVkaPX7ERB5wb7slBjIqrmlETfEKOi58VvgiMTs9IBhLbmXemUGrty6cPlYIwUfhelIbXxFVnF5HAPTsdGp3uPF1k4rWUzV21TpLOtvYlf6OsV-DLmXum7UdHKeK-5R09L0QSEJAT9sD-N5W94RrDKzZaXkqmuJ_dEBmGYk6avyG4iCggrIiNSe6PGZWF8iE143uTHqJrSZnd2Wtn4rgRekycvdDHZkC7H6QNTZR6b-xgMnBH_B5ceSOanf1CrDLNyO-qeA_Axj_aF1p1RTGyXr3EZi28MfRwgRaEGU96quPF1_j0wvIbP3nBHke3xofAPtiEEVuFirjs1gfs7cStD58a9DRvaEBkhLDl3xMPrmimw1shKe0utXdiPwG7GZt9v0aLvmkbQJ8AXtN2JTSTZeXUg19xMxE2xGr0Ry3sxWPk-2NG_znlC_mrTnSiHqaywoiU4FKLIBp21LXKa3QamkoxdwZbeFN6sd6jmzvd-mghqZ4l3CbBc62bmxRKmlpgsK8HXMCYpXqbcLnYlpi4tPz-Ubf4RvSy-AP6Q9rNGOFteMdob23boZPA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.latimes.com%2F&ancestorOrigins=https%3A%2F%2Fwww.latimes.com%2Chttps%3A%2F%2Fwww.latimes.com&random=4729719290886&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sat, 17 Apr 2021 21:05:54 +0200
gen_204
pagead2.googlesyndication.com/pagead/ Frame D84E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041301&jk=2706065191266531&bg=!srGlsfXNAAZUuIlwVLg7ACkAdvg8Wqa9YPy1YTgFV-KHrI4jVXV3fHjCerFRHaLXwOJAr0NRY8nivwIAAAJNUgAAABRoAQcKAV20ToPN6HSoZRue3taK8T2bBoFNjCcNAPl9ZxSXYetyEi8jLh1ywOzeeNlz2UIvpWmcjOMREMLAawqsII6zWhAY8_kJKh2k1jJ4zFoDFmgpSWHWKt_243hnP_yw6MXPf_pktjCzKcmudcrlDM3zBMi4Dm3GhTVOoDp6m2qufCRRuQjaAsrepJfr-v2q95X7YXiqcdhGt0oiSB945Tc-GJ8Qtl376O7A_pkxo31Fex1xNlaMOdwbXdiosw8rjlG4yOaSOJEUeddFP6gdSbrCoVgvhlhqPzYppioKb0y35wKk0fxGatNcGSF3btuoXbBEkyNlcfcG2Z5S5Eq_rLBM39oybYI9uN6jbHB37OdfS0u13881jPdHNJkSVJsx2Z6ETfSjv7agFCXO8JGMdNi_IB7TFpDbBdpqW8I_Kk-jF8h4gzLyab0TuCTUGnlX4HKkjGK6UNEDpRn8QifCFwXGmQI2vtWFyb3nV-Zq7ofQnYd1WUJnBU-gXaFpgOlZOOFmJ7-bRF8JCXOcvyLfwB5IIy7Dai_iMGWUs35GSBBSGIHusUQDYt9-6W2VDRpVzydq_RHwuh7kxnvVEjm6X9M1wul6gSC5FecZ56WSdaqNOHglDAE9zodG5k_Qpzf6htPXC7GRWAT-WTACA1twOXS1WUCAqwLrcZXlFEmAd5dLl1wfEw-o8rs3MCJjwXEimJ-c6IA-gLUd_-zQ1w9RY6WGYXfnQIP4Iru3XwVqki45myE5oX9GykLv2-hw158VN2k35csg_o4OwPO3NbOdplStIAXyUUsNRKGY8zbPsEOODwI3Q2L4E2PjTDIs2QIxGIgQ1EhgmzXf6daQUsj2eIEsDPxg-sb0mhxATJC3pJimBSXWXqjsXpuHj1vCGDXpjqz6YV8-qXSexHAKFn4dB3S5y4ddbGL6VgzEdbSGb-qBy-NhjQ5ADMDQChgp1nvCOjVCd-CPcMWzMmH1eKWJrsy-h_nVJqwsTrrmagVC7mETCRtjvz604mInBjZvB4hP3omLgb_SK1dDJ3duM_WazOwZA0AniS4himolUW8QVteHKvGAxx8dUTd_urPUN2hjoM2sNZViHmc3HjddmEwJxmTbtoLvpIRzDzI-kHxlyXJyVl4phsDZ4PIoc0KeqxGslkpCnrsb04FAGajZjOSQxmCTxCXPIyM2boLvnFMQfAWjNE3ULRiNeXHgEzud1BlwPDEp0ICPKjFvzCk
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D54E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0xz6oD97YO3TIoGR3wOVy7OQBQAAAAA4AeAEAg&bg=!zM-lz4vNAAZUuIlwVLg7ACkAdvg8WmTaGTPPkB4LicHJfHLoZaODZ4eALjnOblw9iSinFzOn9uv4CAIAAAJAUgAAACRoAQcKAQjU2DFLEFHW4r9_cI0U2BScoDaPJKsOzmrZ86m0xKrdSACXionZHgANO-7vG93w0ep-qEYDC_VkEHX3tuTQdJMzUjOr4E2xIyNMqoqwzpsApPRaHinJc4kJgmvsD0NCRP5kXRHSm6cfxOyqLJtmhuKRAbBE6JTr9NS8wStcI_kZqkrD-361H0xfU2zirtHfbIdH47c47p8VzkeGNZXLBB4cXam_C_sfmYCzRgYZ2OFILcUmifN0to5tlwcxZRA1l07-zZ1XnD5kVvwkZDBwh-wsIyjGS9HXqQ2u-mBtAmfZ4ulZN0a1CZWs2FSWzKoAwmRs5I0fHp8v66EVRKe6cKKKMRlZ9pzwEoOZAn2HQE6e3WX_mfGknNUTc6GtMdJS2ims2oMCf1OiuW79xnY7SAM14a00JFwlZZpDEOnDvMvEBicF1GLaSC2xQ-2EO_CD24fWT2DmWLxHw9yT2bCQlunljFO3TxfEUHkeqsGAuiGgBtS5oeFs0_M17BAPVDvnZJt00lr82Qtl4Ohxze_klcQjJw5RcpjPoIdo0SLzbURQ6RjydbFVJ5yIsp8qtrnK-WZwU4ZdpYjLFPvqG_8RADzSuHPrbVcEeIOdt3G45qDP-Rb4H_9GdiOxiJ129NSFOdHklaqQXYgm_XFofuRfrYzQrwQCqzmQufO3LLwX9NSRNN4266AqBieCANxVJmX8Zozny0tqYry3LQyh1vVKcq1-JN21eNOLSqjM_3qF9hWG7dxDqntYwNIkXrvn-flNa8_b4zRtg9w9ggv68mn2WlBbUFsaSLMlL8bWw_IPtN7vkV5r3qEGHuKAq_WZhMht2Cv77KsQBTRnt4xlovG7PpQ4p8LbayLoLZEd5lA8gijC3zBXGiX3VOaFgXrsCMHulTeYeSl3_YIXO88bOhWzlsEhGFoaGW8Qm5PhNj0AKUF4TarOCuyhGywxg6WKQDJbmbWdxgGJPoaQeJlJ2D9Aq2WaptGh0EVnnw1NPN3KL1-a95XYu-t5T-iHMwJ4h_jt2PKXTF4pvpFmN0pIsCq37ZunKCOUP2nSWRyuJd0z1JTYPFUa67YtSuy1pr_jBDRCL9Ql-CI2pPeqQp96IC8mQG2nHc1hYRiqgEE3L2a9pTYgcohCSlmHO687GESuQx3H6HlDiet5ETqHr0PuhdsOZwVafsGl6rjAj82HrKzIySqTx3sBVSIRwP2g
Requested by
Host: 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
URL: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1.gif
activate.platform.californiatimes.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activate.platform.californiatimes.com/privacy/v1/b/1.gif?n=5&c=2715&i=8thlsj&p=latimes&s=1534&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNDU1IiwiY2xpZW50SWQiOjI3MTUsInB1Ymxpc2hQYXRoIjoibGF0aW1lcyIsImluc3RhbmNlSWQiOiI4dGhsc2oiLCJwYWNrZXQiOjUsIm1vZGUiOiJlbmZvcmNlWgDyJ29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLMA8D5odHRwczovL2phZHNlcnZlLnBvc3RyZWxlYXNlLmNvbS90cmsuZ2lmP250dl9hdD0zODYsMzg3LDM4OCwzODkmbnR2X3IxPTExNjk4JiQAN3IyPQ0AGDMNAHE0PTEyMjYxNAChcGw9MTA2OTU3MA8A8BdpdCIsInR5cGUiOiJpbWciLCJzdGFydCI6MTYxODY4OTk1MjQ4ON8AHWQUAFNzb3VyYzkA8gFfRE9NQXR0ck1vZGlmaWVkSQCxdHVzIjoiYWxsb3cTAGByZWFzb24PAdRdLCJkYXRhUGF0dGVyEgC8bGlzdCI6W10sImluAC99LEEBqR05QQEQN1UBBUEBMW11dBgCIU9iDAIockE_ATBsb2FPAQ88ASYfOTwBCNFzLXNlYy5pbmRleHd3dwL3AHVtL2l4bWF0Y2guaHRtbB4CQGZyYW3VAgshAlw0NzYxMeAAZTMxNTIsIuAAs2luc2VydEJlZm9yQgACGgIP2wApAXgAD9sATi84N9sADAy7AS9DTLwBNV80NzY4N-EAB_ZOZXUtdS5vcGVueC5uZXQvdy8xLjAvcGQ_cGxtPTYmcGg9ZmU4NDBmMzUtZTZmMS00ZGQyLWI2NTctNDg2ZmNiYzc3Njk1JmdkcHI9MCZ1c19wcml2YWN5PTFZTlkiFAQP9gEGLTU51gJPMzk1N_YBSMA2ODk5NDc1OTl9XX0
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:54 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sat, 17 Apr 2021 20:05:53 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.123&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=9&tvcfg=all&f_privb=1&tid=921b3262-3a44-4547-acd4-9db8f5b5db72&pid=6c56e1d4-81e3-49e4-9b10-dc03c9fc3f4c&dtm=1618689954318&qnm=_matherq&visible=1&tabid=ffc08fe9-257b-410d-bca6-bebe2c3ddb73&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&vp=1600x1200&ds=1600x7676&tofa=1618689954&vid=1&lvidt=1618689954&duid=cd314fe21932a52f&fp=1072425006&cid=ma12767&mrk=212934200&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxODY4OTkzODkyNSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyNy42bWIiLCJoZWFwVCI6IjM3LjNtYiIsImZzdFBhaW50IjoiMTE2OSIsImZldGNoUyI6IjIwNiIsImRvbWFpblMiOiIyMTkiLCJkb21haW5FIjoiMjI0IiwiY29ublMiOiIyMjQiLCJjb25uRSI6IjM4MiIsInNzbFMiOiIyNjIiLCJyZXF1UyI6IjM4OSIsInJlc3BTIjoiMTAzMCIsInJlc3BFIjoiMTA5MSIsImRvbUxvYWQiOiIxMDM0IiwiZG9tSW50ZXIiOiIxMjA2IiwiZG9tTG9hZFMiOiIxNzkwIiwiZG9tTG9hZEUiOiIxNzk3In19
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.95.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-95-93.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:54 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
request_content.php
hal90003.redintelligence.net/ Frame 3374 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90003.redintelligence.net/request_content.php?s=23200300178898500710584011567003&a=95be9f7f
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=1628b5ff93&subid=&uid=6dc2bfc76a472206&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjLYXnj97YLq_IYe33wPmoqWoAo_g-IZT9aiLpMoM8C4QASCvwLZwYJUCyAEJqQIgAuV8Ixq0PqgDAaoE8gFP0Gljp0lb4EdcMgNiZhlF9gha3RD18QM3D_tBbbIWIEJW0IuH-9EWbRb5YlHGo2jg0xENGGxFkDgKy7ohobENL4emwacPWk9Ek-NjydtOXMQb6woxvH3PgAmrElb4_IfejWby1PK5NMk7X0ZfocaJuIL2o17ut9BysIMLp4ZvR5H6-JjzHGdTVo1LkJ5aGTjXPk7wnuzBdpa6SIcbI6cIK6KAhP4t5_W6j7YqwmsA-M-snne3cjYL1mWZDpmdUJSTBBgkFt24j9BZz2zNFtLu_r1HCrTKF2bWktBfBcBAJBnVVfip6c3k2ilbOGiPgjARJcAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo8oRWIojfhKDAfrJOLiv3Cg%26sig%3DAOD64_3IS7M56jYmeh1kARuZPSZuqcu1dw%26client%3Dca-pub-1409437888781518%26dbm_c%3DAKAmf-Cla-gdA8iDBlZT43DIvDTg83WFO6b0DeO79XK3uyNg_nXGc_4TrUbZu0lVRBPGXug7KwxiB7rqkQkEXYFWMtzuMQAevrhTfccVZpyH3wX7085oRnck0lHjkcTizG66_Av1sfF3iItxHhzgCsZugkBANVAz-w%26cry%3D1%26dbm_d%3DAKAmf-DGirQ5Wfqfj4c5HtvNiRcCJgiNJjRPChIzFlgTRwp2Ln9OVkE0tXUykt488Atiu8kjAz8eoVfXeDlSTGHfbHyYQ4lu1y3ozPl0yF4xj9mt91jeyY_9El4srVYDbknwayohENQO6keBDZSIsQ1nXgyFkySJ_HwIZYUmEcVkaPX7ERB5wb7slBjIqrmlETfEKOi58VvgiMTs9IBhLbmXemUGrty6cPlYIwUfhelIbXxFVnF5HAPTsdGp3uPF1k4rWUzV21TpLOtvYlf6OsV-DLmXum7UdHKeK-5R09L0QSEJAT9sD-N5W94RrDKzZaXkqmuJ_dEBmGYk6avyG4iCggrIiNSe6PGZWF8iE143uTHqJrSZnd2Wtn4rgRekycvdDHZkC7H6QNTZR6b-xgMnBH_B5ceSOanf1CrDLNyO-qeA_Axj_aF1p1RTGyXr3EZi28MfRwgRaEGU96quPF1_j0wvIbP3nBHke3xofAPtiEEVuFirjs1gfs7cStD58a9DRvaEBkhLDl3xMPrmimw1shKe0utXdiPwG7GZt9v0aLvmkbQJ8AXtN2JTSTZeXUg19xMxE2xGr0Ry3sxWPk-2NG_znlC_mrTnSiHqaywoiU4FKLIBp21LXKa3QamkoxdwZbeFN6sd6jmzvd-mghqZ4l3CbBc62bmxRKmlpgsK8HXMCYpXqbcLnYlpi4tPz-Ubf4RvSy-AP6Q9rNGOFteMdob23boZPA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.latimes.com%2F&ancestorOrigins=https%3A%2F%2Fwww.latimes.com%2Chttps%3A%2F%2Fwww.latimes.com&random=4729719290886&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
5f28d48a62ead10aeecc59f81e935a850563534948efc6b4a1a89220663c8e1f

Request headers

Host
hal90003.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=55fca26710fe782f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/

Response headers

Date
Sat, 17 Apr 2021 20:05:54 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sat, 17 Apr 2021 21:05:54 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2119
Connection
close
Content-Type
text/html; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 670B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
URL: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 17 Apr 2021 03:14:09 GMT
expires
Sun, 18 Apr 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
60705
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 9CC1 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d7a59d0d0e6fd0ec79c8b79b728d93883f5076332cfc18a53439d944cfa6f1f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 670B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEG0WJBSzedENlgkjko260BI&google_cver=1&google_push=AQvitUK79U-2-LSEbNdI3QVqt58PxOEWVu0xOnHTnbpisXbAX-mKWsI7_R2lSp1trcMo1aNW_bl2XULyPhv_pUAyhG9-A5MpPTQ
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzMzNjkxNTMyMzUzMzk4NjIyNg==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEJ7B9bSXTMAPA48KnsQjkM0&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEJ7B9bSXTMAPA48KnsQjkM0&google_cver=1
Requested by
Host: 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
URL: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEJ7B9bSXTMAPA48KnsQjkM0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 670B 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP5NA6-fEnopcoDKP9s_B4Q&google_cver=1&google_push=AQvitUIYoaCewQSATUL7V3RE32cfO2bH0iIlQeURaRozCfwimXJZkDVL34buDI7O5O-9fwVqBW5o4UwSFfp9bCrGQCfjN08GKhfg
Requested by
Host: 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
URL: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:54 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 670B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPJsTBdzdIZ4Y2vzF7BewsQ&google_cver=1&google_push=AQvitUKIjJH-egoJb74ZPpxEcEXoUhmW6L4kX_kJjF5E0xexAqyLclD_gXvMJqxY_cZb4SgCmzpfdR5RXk_-yQDGW1AeRrCNli4U&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPJsTBdzdIZ4Y2vzF7BewsQ&google_cver=1&google_push=AQvitUKIjJH-egoJb74ZPpxEcEXoUhmW6L4kX_kJjF5E0xexAqyLclD_gXvMJqxY_cZb4SgCmzpfdR5RXk_-yQDGW1AeRrCNli4...
43 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPJsTBdzdIZ4Y2vzF7BewsQ&google_cver=1&google_push=AQvitUKIjJH-egoJb74ZPpxEcEXoUhmW6L4kX_kJjF5E0xexAqyLclD_gXvMJqxY_cZb4SgCmzpfdR5RXk_-yQDGW1AeRrCNli4U&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUKIjJH-egoJb74ZPpxEcEXoUhmW6L4kX_kJjF5E0xexAqyLclD_gXvMJqxY_cZb4SgCmzpfdR5RXk_-yQDGW1AeRrCNli4U%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
URL: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:55 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6418455ad93f4a5c-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
098309acc400004a5c9e33a000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:54 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
127
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
641845599e9e4a5c-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPJsTBdzdIZ4Y2vzF7BewsQ&google_cver=1&google_push=AQvitUKIjJH-egoJb74ZPpxEcEXoUhmW6L4kX_kJjF5E0xexAqyLclD_gXvMJqxY_cZb4SgCmzpfdR5RXk_-yQDGW1AeRrCNli4U&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUKIjJH-egoJb74ZPpxEcEXoUhmW6L4kX_kJjF5E0xexAqyLclD_gXvMJqxY_cZb4SgCmzpfdR5RXk_-yQDGW1AeRrCNli4U%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
098309abfe00004a5c8c1fc000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 670B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO08DDQX38fRTzZ3BJCvDyc&google_cver=1&google_push=AQvitUJ8MLAZcvLtTfKUtywj2-wHDBeHEdfmGEA-RMLE-U9Wx55iC6XCatjsxBesB32_wCGyzxo...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NNjdFTkUtMS1FTENZ&google_push=AQvitUJ8MLAZcvLtTfKUtywj2-wHDBeHEdfmGEA-RMLE-U9Wx55iC6XCatjsxBesB32_wCGyzxosXLRo6-MsOQe2qUCGaaMgfWkk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NNjdFTkUtMS1FTENZ&google_push=AQvitUJ8MLAZcvLtTfKUtywj2-wHDBeHEdfmGEA-RMLE-U9Wx55iC6XCatjsxBesB32_wCGyzxosXLRo6-MsOQe2qUCGaaMgfWkk
Requested by
Host: 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
URL: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NNjdFTkUtMS1FTENZ&google_push=AQvitUJ8MLAZcvLtTfKUtywj2-wHDBeHEdfmGEA-RMLE-U9Wx55iC6XCatjsxBesB32_wCGyzxosXLRo6-MsOQe2qUCGaaMgfWkk
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
cm.g.doubleclick.net/ Frame 670B
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEohcjxEDirR5i02hToDXDs&google_cver=1&google_push=AQvitUINgCxzYwH2ttN3cnJt4ilFHp-ilKvvZdH8lLYMjbm5YCmx2CeYTYXP3wxNf6KzOutImafOZMGpoSakptzH...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=57deaef958ecddd4cd4f&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUINgCxzYwH2ttN3cnJt4ilFHp-ilKvv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=57deaef958ecddd4cd4f&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUINgCxzYwH2ttN3cnJt4ilFHp-ilKvvZdH8lLYMjbm5YCmx2CeYTYXP3wxNf6KzOutImafOZMGpoSakptzH-lveGCufWBSC
Requested by
Host: 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
URL: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 17 Apr 2021 20:05:54 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=57deaef958ecddd4cd4f&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUINgCxzYwH2ttN3cnJt4ilFHp-ilKvvZdH8lLYMjbm5YCmx2CeYTYXP3wxNf6KzOutImafOZMGpoSakptzH-lveGCufWBSC
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
N1sa0GPbXbeGI49U2fTHGXYRjJoYwnWXbXc1enA_y996iE9q2BphAw==
pixel
cm.g.doubleclick.net/ Frame 670B
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHnWpy1XFWkleTWpHTcyALE&google_cver=1&google_push=AQvitUInxteGvqNHarM33_nJh3OpZqdxfNUvastksbZa2hLbl-1QJOuYdSGKk4Rgv85JmskqRfTiU_jV-KVbDaHsl2k2mYm3IUxk
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUInxteGvqNHarM33_nJh3OpZqdxfNUvastksbZa2hLbl-1QJOuYdSGKk4Rgv85JmskqRfTiU_jV-KVbDaHsl2k2mYm3IUxk&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTIwMTk2NTg0NzYwNjE2NDUyNg%3D%3D&google_push=AQvitUInxteGvqNHarM33_nJh3OpZqdxfNUvastksbZa2hLbl-1QJOuYdSGK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTIwMTk2NTg0NzYwNjE2NDUyNg%3D%3D&google_push=AQvitUInxteGvqNHarM33_nJh3OpZqdxfNUvastksbZa2hLbl-1QJOuYdSGKk4Rgv85JmskqRfTiU_jV-KVbDaHsl2k2mYm3IUxk
Requested by
Host: 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
URL: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTIwMTk2NTg0NzYwNjE2NDUyNg%3D%3D&google_push=AQvitUInxteGvqNHarM33_nJh3OpZqdxfNUvastksbZa2hLbl-1QJOuYdSGKk4Rgv85JmskqRfTiU_jV-KVbDaHsl2k2mYm3IUxk
date
Sat, 17 Apr 2021 20:05:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 670B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGfRh5H7hbO0bXcqqZAm7Gw&google_cver=1&google_push=AQvitUJ1x7NNynb-3qImWRIcrG8CRKwxhmnbfvf9fdfETs4rhLQoFnik6XSdYkTF4Su9bw3dJw...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGfRh5H7hbO0bXcqqZAm7Gw&google_cver=1&google_push=AQvitUJ1x7NNynb-3qImWRIcrG8CRKwxhmnbfvf9fdfETs4rhLQoFnik6XSdYkTF4Su9bw3dJw...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SWHNSempaRTJ1RnQxVkxsQjN6TkU5SXRHV2FEdHRxOH5B&google_push=AQvitUJ1x7NNynb-3qImWRIcrG8CRKwxhmnbfvf9fdfETs4rhLQoFnik6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SWHNSempaRTJ1RnQxVkxsQjN6TkU5SXRHV2FEdHRxOH5B&google_push=AQvitUJ1x7NNynb-3qImWRIcrG8CRKwxhmnbfvf9fdfETs4rhLQoFnik6XSdYkTF4Su9bw3dJw-FeYhReccSUbX81LaUKxuDfvWRYQ
Requested by
Host: 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
URL: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 17 Apr 2021 20:05:55 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SWHNSempaRTJ1RnQxVkxsQjN6TkU5SXRHV2FEdHRxOH5B&google_push=AQvitUJ1x7NNynb-3qImWRIcrG8CRKwxhmnbfvf9fdfETs4rhLQoFnik6XSdYkTF4Su9bw3dJw-FeYhReccSUbX81LaUKxuDfvWRYQ
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 670B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K8U00bBtP8aVa_ZFBFZNKwB1qavjx1XOq2_3GdiucS_9ro1qMJ3ndeEU0y6zlAMop3SIEdLQ
Requested by
Host: 5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
URL: https://5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:54 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 3374 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=23200300178898500710584011567003&a=95be9f7f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 10:36:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120569
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 10:36:25 GMT
300x250_OMAC_2016_Launch%20(3).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 3374 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/advertiser/32995/creativesup/300x250_OMAC_2016_Launch%20(3).jpg
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=23200300178898500710584011567003&a=95be9f7f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614

Request headers

Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:55 GMT
Last-Modified
Mon, 20 Jun 2016 09:16:21 GMT
Server
nginx
ETag
"5767b465-ce63"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
52835
viewability
hal90003.redintelligence.net/ Frame 3374 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90003.redintelligence.net/viewability?s=23200300178898500710584011567003&a=57a85040&vb=m
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=23200300178898500710584011567003&a=95be9f7f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal90003.redintelligence.net/request_content.php?s=23200300178898500710584011567003&a=95be9f7f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:55 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 3374 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
1.gif
activate.platform.californiatimes.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activate.platform.californiatimes.com/privacy/v1/b/1.gif?n=6&c=2715&i=8thlsj&p=latimes&s=1191&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNDU1IiwiY2xpZW50SWQiOjI3MTUsInB1Ymxpc2hQYXRoIjoibGF0aW1lcyIsImluc3RhbmNlSWQiOiI4dGhsc2oiLCJwYWNrZXQiOjYsIm1vZGUiOiJlbmZvcmNlWgDyJ29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLMA8CpodHRwczovL2pzLXNlYy5pbmRleHd3LmNvbS91bS9peG1hdGNoLmh0bWwiLCJ0eXBlIjoiaWZyYW1YAPADc3RhcnQiOjE2MTg2ODk5NDc22gA2ZW5kFADBNTUzMzUsInNvdXJjPACjbnNlcnRCZWZvckIAMHR1cwEBMW9hZKoAQGFzb26pANRdLCJkYXRhUGF0dGVyEgC3bGlzdCI6W10sImlkAAF4AC99LNsATCA0NF4BB3cAXzU1NDY52wBPLzQ02wAH8RZhNTM2N2M5YWE5ZTdjNzE5YmQyYTNjMDVhZDU5ZGViMi5zYWZlrgHRLmdvb2dsZXN5bmRpY_0BAeQBBSAAgC8xLTAtMzgv6gGvL2NvbnRhaW5lcvkBFU00ODYyHgE3NzczHgGgYXBwZW5kQ2hpbOgBP3N0YfgBMAB3AA8dAZEvODAdAQwxbXV0lAHfT2JzZXJ2ZXJDTCIsIiQBLsA2ODk5NDQ4ODB9XX0
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:56 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sat, 17 Apr 2021 20:05:55 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96902d017777a7455babe758ae0129&pos=Latimes_banner_dyn_6&cmd=bid&secure=1&us_privacy=1YNY
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
60da6fd4d0f56f671a0e70e5a2d0a854f6eb1de2df29493e6ee6be6d6c3fd049

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 17 Apr 2021 20:05:57 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.latimes.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
cygnus
htlb.casalemedia.com/ 		25 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=390694&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%226492c2a2a949ffd%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNY%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2265c0b61c3b86057%22%2C%22ext%22%3A%7B%22siteID%22%3A%22390694%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22679b6bc374f5813%22%2C%22ext%22%3A%7B%22siteID%22%3A%22390694%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
38c6ddec9970201f800be7da722d9ca288deeec0be9f2c166b354fc8c8fd4e73

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:57 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[84.17.53.159], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.latimes.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Sat, 17 Apr 2021 20:05:57 GMT
auction
tlx.3lift.com/header/ 		19 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.29.0&referrer=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&tmax=1000&us_privacy=1YNY
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.137.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:57 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.latimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
bd87ed324287f359191bfc2bd4d8488b8e590831bdd80982369d8fa17bd2aaab
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:57 GMT
X-Proxy-Origin
84.17.53.159; 84.17.53.159; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.36:80
AN-X-Request-Uuid
6e60204f-81fd-4da5-96dd-37eb0412695e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.latimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
latimes-d.openx.net/w/1.0/ 		189 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://latimes-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d7d5721a-62c8-4273-b300-3bc3768b4a8a&nocache=1618689957110&us_privacy=1YNY&aus=970x250%2C728x90&divIds=google-ad209d3215-1e69-43e1-b165-de45d4117098&auid=540799224
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
1590e9b4040c082d0c54c7083036b3cb26d77b4015774e9b9237686078cc785f

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:57 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.latimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
179
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20520&site_id=267796&zone_id=1328004&size_id=2&alt_size_ids=57&p_pos=atf&us_privacy=1YNY&rf=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&tg_i.aupName=%2F21787098806%2Fweb.latimes%2F.*%26pagetype%3Dstory%2Cposition%3D1&tg_i.dfp_ad_unit_code=21787098806%2Fweb.latimes%2Fopinion&tg_i.pbadslot=21787098806%2Fweb.latimes%2Fopinion&tk_flint=dmpbjs_v4.29.0&x_source.tid=d7d5721a-62c8-4273-b300-3bc3768b4a8a&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.16790480162300003
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
3992ecf5d1f73edc95c24941555a81c2c180c6f23dfb721133f76a2a6ebc4443

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:57 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.latimes.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1833
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		195 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=106&profileId=185&av=33&wv=4.29.0&cb=49214205606
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e1d414ea56b919d1d5a25b1ad89ee022d612143b109336c5e3fde32552c4106a

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Apr 2021 20:05:56 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.latimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
180
bid
c.amazon-adsystem.com/e/dtb/ 		549 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3886&u=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&pid=lV3D5nvVkOdVK&cb=3&ws=1600x1200&v=7.63.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F21787098806%2Fweb.latimes%2Fopinion%22%7D%5D&pj=%7B%22aps_privacy%22%3A%221YN%22%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-247-127.cph50.r.cloudfront.net
Software
Server /
Resource Hash
cdeae921fcde0c68b7d0a91389bd7fe431306edc7c9e14b7e88b42faefab2294

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:57 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
CPH50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.latimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
372
via
1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
x-amz-cf-id
bg8NOrIP8o3iRoChHIIC08Zt2OmSomjYU7qKVPVlbfdZeXgCp1ec7w==
events
bidder.criteo.com/csm/ 		0
145 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.latimes.com
date
Sat, 17 Apr 2021 20:05:56 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
pixels
3pd.criteo.com/user-sync/ 		13 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://3pd.criteo.com/user-sync/pixels?ccpa=1YNY&countrycode=CH
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.173 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:56 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.latimes.com
cache-control
public,max-age=86400
access-control-allow-credentials
true
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.latimes.com
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 20:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.latimes.com
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 20:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2207639593809262&correlator=2639434330431000&output=ldjh&impl=fifs&hxva=1&scor=4274947159630993&eid=31060690%2C21064368&vrg=2021041301&ptt=17&us_privacy=1YNY&sc=1&sfv=1-0-38&ecs=20210417&iu_parts=21787098806%2Cweb.latimes%2Copinion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90&prev_scp=position%3D1%26r_round%3D1%26amznbid%3D22vwg0%26amznp%3Dmyjchs%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D970x250%26hb_pb_rubicon%3D0.21%26hb_adid_rubicon%3D7900aff7434b9f3%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x250%26hb_pb%3D0.21%26hb_adid%3D7900aff7434b9f3%26hb_bidder%3Drubicon%26amzniid%3DIkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0%26amznsz%3D970x250&eri=1&cust_params=slug%3Ddonald-trump-election-fraud-lies-psychology%26slugwords%3Ddonald%252Ctrump%252Celection%252Cfraud%252Clies%252Cpsychology%26topictags%3Dop-ed%26pagetype%3Dstory%26design%3Dbs%26epvid%3D701261005236508709%26screensize%3Dmedium%26rb_sync%3D1%26rb_creative%3D4&cookie_enabled=1&bc=31&abxe=1&lmt=1618689957&dt=1618689957590&dlt=1618689939959&idt=1700&frm=20&biw=1600&bih=1200&oid=3&adxs=140&adys=87&adks=516304235&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1320x-1&msz=1320x-1&psts=AGkb-H_YErcjaXj7Pxew5pJhYFhUyGUDX-IEfJDuSygEuybGJHxliPb3DemXGmAuFk8PEg1XeKiUfLbaatrycrgmCt2eBsR0vU7BD6p2Tu4%2CAGkb-H_iijXoMGDso6p_Hd8jHI9duF_nZQskZABvgHjkgqoZK9OKfkWrQ-Fw2Qztx8iXlqz29NDNzxsjK4FE416ai61ty3mNmwNodm-_tZM&ga_vid=2029193101.1618689944&ga_sid=1618689944&ga_hid=1169130723&ga_fc=false&fws=4&ohw=1320&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
2d02b050af817214ae10e6665ac1e5e338c3ea2b6ae3ecdbecf3a51ab8c749dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5316
x-xss-protection
0
google-lineitem-id
5214244503
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138293519200
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.latimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/ 		31 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nuumm&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_a /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
12
pragma
no-cache
last-modified
Sat, 17 Apr 2021 20:05:58 GMT
server
tsa_a
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
cb135c8eeae8996358ffecdb753c64fc
x-transaction
008ac3ba00bbfe89
expires
Tue, 31 Mar 1981 05:00:00 GMT
syncframe
gum.criteo.com/ Frame D53F 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.latimes.com
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.latimes.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.latimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid3pd=9d0023fc-a663-4bae-87fa-fb511b4d120a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1496
date
Sat, 17 Apr 2021 20:05:56 GMT
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041301&st=env
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5bd863d97c53024744cb323584e330e94736888df6de373a747db158c82255a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 20:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7013
x-xss-protection
0
chartbeat_video.js
static.chartbeat.com/js/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2021:a400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 16:44:44 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 00:06:15 GMT
server
nginx
age
12073
etag
W/"60665ff7-11377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 cc61fd5dae580ac4dd735e074a4fbe83.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
CPH50-C2
x-amz-cf-id
qTaxCrLOfbAqiHpZuifuWNHYFTKKd44lPFNxCnMXlTjUkGkAqx_4Dw==
expires
Sun, 18 Apr 2021 16:44:44 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:05:57 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame AE44 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.latimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sat, 17 Apr 2021 15:25:26 GMT
expires
Sun, 17 Apr 2022 15:25:26 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16831
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ping
ping.chartbeat.net/ 		43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=latimes.com&p=%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology&u=DuGBanBCOdLpD6G55e&d=latimes.com&g=3908&g0=opinion&g1=Aaron%20C.%20Kay%20and%20Mark%20J.%20Landau&g4=story&n=1&f=00001&c=0&x=0&m=0&y=7676&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=18708&_s=%7B%22l%22%3A%22%22%2C%22uuid%22%3A%22NA%22%2C%22ga%22%3A%222029193101.1618689944%22%7D&t=B_i8NcBK5oSsbqd3dCmi2GLB2psbr&V=126&i=Why%20so%20many%20people%20want%20to%20believe%20the%20election%20was%20stolen&tz=-120&_acct=&sn=1&sv=6VZcFBAs3k3hCG867C4kRB807B2&sd=1&im=067b0ef3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
pagead2.googlesyndication.com/bg/ Frame AE44 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 12:29:47 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
27370
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5682
x-xss-protection
0
expires
Sun, 17 Apr 2022 12:29:47 GMT
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Server
18.157.108.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.latimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 17 Apr 2021 20:05:58 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
view
securepubads.g.doubleclick.net/pcs/ Frame 755F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZkOMah1TFKKMKz6T25UcqaTfAe1cVKx0s9Igf9iaeKOdLw8aYoksVOCsjDWloJF7IILx9z_2EHQOcieAhrQknCiO81j5KcameWGtA6OU1kjRu9sK-hFOaDw2S_ehVPI-Wo9BbGNLrGH1SEa5mdF8i3X0nSC7yb58mWSHuURWVbgkDWKLPS1vmsIgP4Hst6gH9kfkel-yUeLn3HNFHJjy6w5hj4OSaThH4L6ZkEyttMIsvratbV7cZXKnD3JI9AwNY9uM37OZCcmd944ifa5v86Mt30eh12TjKJw9XFhCm2J6OEUhf5_uRqcIkfko&sig=Cg0ArKJSzMMCxGGg3scvEAE&urlfix=1&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 20:05:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 755F 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:05:58 GMT
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.108.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sat, 17 Apr 2021 20:05:58 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTIxNDI0NDUwMyIsImVidXkiOiIyNjIxOTQ0NTQwIiwiZWFkdiI6IjQ3NDE4OTU0NTMiLCJlY2lkIjoiMTM4MjkzNTE5MjAwIiwiZWVudiI6ImoiLCJlcGlkIjoiMjE4MTg2NzgyOTYiLCJlc2lkIjoiMjE3ODYwOTg4MTIifQ&tv=js-3.0.123&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=9&tvcfg=all&f_privb=1&tid=b4c47f3f-3652-4ae9-bc74-9e6a48cfe94b&pid=6c56e1d4-81e3-49e4-9b10-dc03c9fc3f4c&dtm=1618689958143&qnm=_matherq&visible=1&tabid=ffc08fe9-257b-410d-bca6-bebe2c3ddb73&url=https%3A%2F%2Fwww.latimes.com%2Fopinion%2Fstory%2F2020-12-06%2Fdonald-trump-election-fraud-lies-psychology%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU&vp=1600x1200&ds=1600x7676&tofa=1618689954&vid=1&lvidt=1618689954&duid=cd314fe21932a52f&fp=1072425006&cid=ma12767&mrk=212934200
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.95.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-95-93.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:58 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
admi
aax-eu.amazon-adsystem.com/e/dtb/ Frame D330 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/e/dtb/admi?b=IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0&rnd=3198343944861618689958034&pp=22vwg0&p=myjchs&crid=2676:45400975&ep=%7B%22ce%22%3A%221%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c79a2c14a550c57bee69ab8b5368c2ee48e1731fb00e865605915e52d628923b

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.latimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A_Jf0WYb2EsVjM3xpQgDEZg; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.latimes.com/

Response headers

Server
Server
Date
Sat, 17 Apr 2021 20:05:58 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
2597
Connection
keep-alive
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
csm_othersv5.js
c.amazon-adsystem.com/bao-csm/direct/ Frame 755F 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/direct/csm_othersv5.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-247-127.cph50.r.cloudfront.net
Software
Server /
Resource Hash
ee2038ee4b5d1b0ad0d699a90b605cbc7aebc8b18f62a12b6596a067241ad42b

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
6eftoJsUqICKKgCcFFDn09Rnz0z0L832
content-encoding
gzip
server
Server
age
40395
etag
cea0ea9972e073858d8de90ee4cf862f
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
date
Sat, 17 Apr 2021 08:52:43 GMT
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
x-amz-cf-id
f_1csULmwuHa6oV8N0HX16n9eCUQ-TeIH0yDs87QWZx6TiYsnEaUlg==
truncated
/ Frame 755F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e8469b77e344808b46ef00f98c52374856040f16fdc1a615bb69312f636536f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
%7B%22adCsm%22:[%7B%22tld%22:%22www.latimes.com%22%7D,%7B%22vfrd%22:4,%22dbg%22:%22nomime%22%7D,%7B%22ns%22:1618689958023,%22st%22:%22140.04%22,%22re%22:%22229.23%22,%22ldTot%22:%2289.19%22%7D,%7B%...
aax.amazon-adsystem.com/x/px/IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0/ Frame 755F 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax.amazon-adsystem.com/x/px/IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0/%7B%22adCsm%22:[%7B%22tld%22:%22www.latimes.com%22%7D,%7B%22vfrd%22:4,%22dbg%22:%22nomime%22%7D,%7B%22ns%22:1618689958023,%22st%22:%22140.04%22,%22re%22:%22229.23%22,%22ldTot%22:%2289.19%22%7D,%7B%22lteu%22:%220.06%22,%22ltut%22:%220.01%22,%22ltpq%22:%220.03%22,%22lths%22:%220.09%22,%22ltpm%22:%2212.03%22,%22ltdm%22:%220.30%22,%22ltdb%22:%220.01%22,%22csmTot%22:%222.06%22%7D],%22pixelId%22:%22p96g1azh3ug%22,%22ts%22:1618689958383,%22ver%22:%22d-1.20%22%7D?cb=9725098
Requested by
Host: www.latimes.com
URL: https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:58 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
config.js
confiant-integrations.global.ssl.fastly.net/GfBGK_P3Adzw1hvTTkQjebew6Z4/gpt_and_prebid/ Frame D330 		99 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/GfBGK_P3Adzw1hvTTkQjebew6Z4/gpt_and_prebid/config.js
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/e/dtb/admi?b=IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0&rnd=3198343944861618689958034&pp=22vwg0&p=myjchs&crid=2676:45400975&ep=%7B%22ce%22%3A%221%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7893b347476acdc54088886b51d4a623d22106078aba68ecbef90d1dce53002

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:58 GMT
Content-Encoding
gzip
Age
223
X-Cache
HIT
Connection
keep-alive
Content-Length
22820
x-amz-id-2
FHBERxFr12cDsYwJBgRvR3f9SdCArUGRl4+Bg6P2Gb+rVbP3HkADZ93QKL94Ctklo4AO3iTeDzo=
X-Served-By
cache-hhn4058-HHN
Last-Modified
Sat, 17 Apr 2021 19:34:16 GMT
Server
AmazonS3
X-Timer
S1618689959.505967,VS0,VE1
ETag
"eb7cfdacda2c67601d3186fd5f924e6b"
x-amz-request-id
2JXMJSE64DYDWPWG
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
1
wrap.js
confiant-integrations.global.ssl.fastly.net/gpt/202104121324/ Frame D330 		191 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gpt/202104121324/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/GfBGK_P3Adzw1hvTTkQjebew6Z4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
158d7c3c8d931a587c66b7947fdc4a9e9c741dade62fff14a88430482835c4a2

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:58 GMT
Content-Encoding
gzip
Age
792
X-Cache
HIT
Connection
keep-alive
Content-Length
58345
x-amz-id-2
908L94XXz/NPt0KLX41VlOO4giUVLlYahLMwy6e+tsmEe3jKW4sfJCS/beaVT8/z3WqIaUhxItI=
X-Served-By
cache-hhn4058-HHN
Last-Modified
Mon, 12 Apr 2021 17:25:04 GMT
Server
AmazonS3
X-Timer
S1618689959.609085,VS0,VE0
ETag
"433db6c7dd2773cf1cb7be08520ec08b"
x-amz-request-id
5FMZFTNP4W280YTR
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
985
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid/202104121324/ Frame D330 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/prebid/202104121324/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/GfBGK_P3Adzw1hvTTkQjebew6Z4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9f62c3875012662294f9653e4116e7ccb9b612202d6b43248e11cc39ad07893

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:58 GMT
Content-Encoding
gzip
Age
864
X-Cache
HIT
Connection
keep-alive
Content-Length
27577
x-amz-id-2
gwOdOfZUXyZ15vG77Ee8Xuue7kr8XuFI4SUGD9tZUnoex1koqRu+EdcHdgihSVVft8xXx+8YQzw=
X-Served-By
cache-hhn4077-HHN
Last-Modified
Mon, 12 Apr 2021 17:25:06 GMT
Server
AmazonS3
X-Timer
S1618689959.617317,VS0,VE0
ETag
"f56955ab8ecd49b50ae9336e4ece4ad4"
x-amz-request-id
AT0DWBSZBXNSFA06
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
1048
wrap.js
confiant-integrations.global.ssl.fastly.net/native/202104121324/ Frame D330 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/native/202104121324/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/GfBGK_P3Adzw1hvTTkQjebew6Z4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b251e71f1986d056ac51fcdbc492a97fd915695dfaf4ca8a21670829ea9dfe62

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:58 GMT
Content-Encoding
gzip
Age
725
X-Cache
HIT
Connection
keep-alive
Content-Length
37415
x-amz-id-2
sNNjLTvNs0iBuQ6Ug1Ttu4QmStIfaR1QlDj3ySF5TRh8LbcF8hw9OTAADW1N5zTtUX6pKYOJQJ4=
X-Served-By
cache-hhn4035-HHN
Last-Modified
Mon, 12 Apr 2021 17:25:17 GMT
Server
AmazonS3
X-Timer
S1618689959.615263,VS0,VE0
ETag
"c0e8a4b520916c48c3a7c418874ddb4e"
x-amz-request-id
VYB1YPQJGTDJWBJD
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
25
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041301&jk=2207639593809262&bg=!hoWlhcHNAAZUuIlwVLg7ACkAdvg8Wi3NLdADcQRn-pDLseXW7bBopS6axlH0APjzdi-8t0zYgsy4rAIAAAKKUgAAACFoAQcKAUiiTyL7-xVEw7GcZDPoixrPVtFgk4F8NKnh-UtZgBurVJAxysSQyrFwm-GCM8jEJ32pxMF_-MFaOaieBv6bp4Lxufb8RKwMYEbpBg8w8k_WOITGXiKNXbFYgomcJDBN9LYEnCF192K2zlbLIpmZig8-D5-XWYa8PUoSeWIk29mzFSzyEsJUBZQ46OZolVx981FyKuhyVvjIhMqkt1Hn1B8cW4jxEZf4l5BAhAgPRLWZaeo-JIpM607dHonkYJZbHcBKqct3fCVjIm0ES4liBEhjcgPPRRK8TjlrZdizEo5U4cm3vqzW2x0A8MtjV3k7ivA-mUxPIfHrywCY9gFuS6E0HbRtJDeNDH8ob2A7gHCHMQvo50x-b4BaLF779TuaHohyrZSUnRZ76b6DDRbcKq28MgJ3NF8OzOcl63T-Nkc319-CAOHFbk3ymQIaTbWyWxx0aiPVScjnpOnm6YxfXX1Tm3nN2_29mfmVHyOnuoOMnB2rH9r45bEGrk-Y-OP6hqH5HlOh1v_V8_47OqyBR7i9NQY8nLU-jvlLgpSf0P2wDGEnpCHHeAD5lFRi28_10iN_75NZtethmViN2aVUlG_HEjUCk8liQb3g_2Ls9z1bdn9gecZAWl5lWFbF_u5HqLzVZJVcaySo-0AIDWzoetFLWEEuvVTBVazEOWwnSB8IiJUr3qdLALTpmUjgWhQrjq4RlgsN0Wu7C96QD2s_1dwerCuoIevRQ-lXvAz62Xc9Kpf_CNme6TPbBJfJhlSzTllnzLzZSD5knZNvGk_ZJFhE_SvDvGjSydtKhq0BQnM1drWB7wYqPO1Hufi1aTjDNqxjmJhqNstkEXazFW_ACf2TIuk9vamurSrcF7V1IjThBo5_j7yQjaEunyK9yhMXqQrMncrdmfM-263Th0jRfBwCpSMtdRn8CdWwV8LcGV34yw5dmwktf9BTwfJ5Cwmtkwtg1Pm4Eij2gSiBGvo8eQ7kfD3vv5r68c9ObE2fxWnTOplNAmtckGkAfun--eTWaPDiOx60reTngdLKnr8LqKvi95CkIbA18PI-jvEHOvWqw4c9grLSZcEYwnaR6yTEMGLG9VI2RcSmu8gFrka34vAJBDR7R-chlZUKkP7qp3gv8Doncxl5asL2f6-DzuyJsPVxAEaq6A
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfscript/ Frame D330 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=45400975;rtbwp=1A488D41E9486B98;rtbdata=2E4JqRQohZ5RaqvzozAVLuTdeVQEHTXpTGknqpGiDY586U_00E69yy4j62PcqWS5RsCCrUjuQD-03bwbTNOIZ_Ks-r4puR2FoX5Diha3tcKbtVvQKZ2Q3-k7jtXaq12LtlrAHqDDuhVk_tpatNV338vwBLNWd9RyGj40wkkl_CcDbHSz_Z7EEBY4KeS6TMfoE04IF2y1KdkuchpDWd4iYxeNTW3CT3lVMzRFhiGcpsbvxFtkuZewNxvRUiGDyMyMOSsb6aAya6wlEvc-o29QLlmjEhqprHbjZDtGVeU-5YmYjs4JCzg7WDl8sXJlprlSBxzx6Ci1CCuMHQgXWCZrVvx4bTZ5yyjqhF_UWZFSk42qOF1bi2p4wo0wBkxBd19oobTTJ3BdwHV9Nk_BUc6CQC8OiDPjmUJeZJii1XUC4TuCCJt53P-QlSdn-XUlo3uFt3frtksErWL-la3dKld06Nyng_nT6UVxD4oxJd3DCrthdwc-UbzrF4tHjV2MCY-sxcDUaoFNRdKHGM5farb1jg3V0_hKkg1eUi2-_wdzSrlB4SKZKGrNxw2;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/ce6e2e5c-39fe-48d5-9c92-21d79a1b1756/
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f99a6ffd2dcf6455fe550f5a7d289fe6d8bb31822a91941b051754283db0cb85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1240
expires
-1
register
token.rubiconproject.com/ Frame D330 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=KNM67GK7-20-F9OA
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
imp
aax-eu.amazon-adsystem.com/e/dtb/ Frame D330 		43 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/e/dtb/imp?b=IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0&pp=22vwg0&isip=1&vi=1
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://aax-eu.amazon-adsystem.com/e/dtb/admi?b=IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0&rnd=3198343944861618689958034&pp=22vwg0&p=myjchs&crid=2676:45400975&ep=%7B%22ce%22%3A%221%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:58 GMT
Server
Server
Connection
keep-alive
Content-Length
43
Vary
User-Agent
Content-Type
image/gif
csm_view_only.js
c.amazon-adsystem.com/ Frame D330 		32 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/csm_view_only.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-247-127.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25eac7e83b8d2c9110241c740d45b0d8fd0f173b7af0ee374b1a5e946836bbf2

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
PzDKHnQsRWvO62LfcXo.XHhfgy2qwtR7
via
1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
last-modified
Wed, 07 Apr 2021 08:53:11 GMT
server
AmazonS3
age
50682
etag
"028a4a4c5648a7ea9ba1063d51247227"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
date
Sat, 17 Apr 2021 08:53:19 GMT
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
content-length
33212
x-amz-cf-id
eqxyCWliBuMTDlhL5x-yqyenCggXgrV5V_1EsqsL31fa4l-dFF79xw==
ce6e2e5c-39fe-48d5-9c92-21d79a1b1756
beacon-ams3.rubiconproject.com/beacon/d/ Frame D330 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/ce6e2e5c-39fe-48d5-9c92-21d79a1b1756?oo=0&accountId=20520&siteId=325550&zoneId=1691396&sizeId=57&e=6A1E40E384DA563BA3037A5A0EF8DF28DCA481D23FB5826DE42B725E45B87A8917E46CB7CB8D778B17705BC46551FAF8683D50851BF2EEDF6C3F06B13C85F1524D11F9F5440B2F3755D9B36CCD736E64D07FEA065308EE5102E962698A383800D0DF42FFDB197ADF735EF0EDA8AF61DC87F96C077FF31BF24E9CB1E500F42BB9C9D5C0C178D7976049EFE27DDEA36CF124F5207A2458AD77CD6C0DFB64045B4C8898DCBD34205010B7BA9AA36443D487F4B5CB807FD3A0BFF55DC9444D6E10C1CDA10306204D320B
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::37 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:58 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
pixel
protected-by.clarium.io/ Frame D330 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_R2ZCR0tfUDNBZHp3MWh2VFRrUWplYmV3Nlo0L2FtYXpvbjo5NzB4MjUw&v=5&s=v31f3gn18t0&id=eyJwcmViaWQiOnsiYWRJZCI6IjI2NzY6NDU0MDA5NzUiLCJjcG0iOm51bGwsInNyYyI6IiUlU09VUkNFJSUifSwidHBfY3JpZCI6IlBCOm15amNoczt1bmRlZmluZWQifQ%3D%3D&sb=-1&cb=9042324&h=aax-eu.amazon-adsystem.com&d=eyJ3aCI6IlIyWkNSMHRmVUROQlpIcDNNV2gyVkZSclVXcGxZbVYzTmxvMEwyRnRZWHB2YmpvNU56QjRNalV3Iiwid2QiOnsiayI6eyJoYl9iaWRkZXIiOlsiYW1hem9uIl0sImhiX3NpemUiOlsiOTcweDI1MCJdfX0sIndyIjowfQ==
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/e/dtb/admi?b=IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0&rnd=3198343944861618689958034&pp=22vwg0&p=myjchs&crid=2676:45400975&ep=%7B%22ce%22%3A%221%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.239.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-239-130.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:59 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bootstrap.js
s1.adform.net/stoat/622/s1.adform.net/ Frame D330 		35 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2a7a5a103d7d2d395f95fabbcbce1e975df8fee2226795a2a9880d99a3cf6cbe

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:59 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 09:15:30 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sun, 18 Apr 2021 23:27:57 GMT
/
track.adform.net/adfserve/ Frame D330 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=45400975;rtbwp=1A488D41E9486B98;rtbdata=2E4JqRQohZ5RaqvzozAVLuTdeVQEHTXpTGknqpGiDY586U_00E69yy4j62PcqWS5RsCCrUjuQD-03bwbTNOIZ_Ks-r4puR2FoX5Diha3tcKbtVvQKZ2Q3-k7jtXaq12LtlrAHqDDuhVk_tpatNV338vwBLNWd9RyGj40wkkl_CcDbHSz_Z7EEBY4KeS6TMfoE04IF2y1KdkuchpDWd4iYxeNTW3CT3lVMzRFhiGcpsbvxFtkuZewNxvRUiGDyMyMOSsb6aAya6wlEvc-o29QLlmjEhqprHbjZDtGVeU-5YmYjs4JCzg7WDl8sXJlprlSBxzx6Ci1CCuMHQgXWCZrVvx4bTZ5yyjqhF_UWZFSk42qOF1bi2p4wo0wBkxBd19oobTTJ3BdwHV9Nk_BUc6CQC8OiDPjmUJeZJii1XUC4TuCCJt53P-QlSdn-XUlo3uFt3frtksErWL-la3dKld06Nyng_nT6UVxD4oxJd3DCrthdwc-UbzrF4tHjV2MCY-sxcDUaoFNRdKHGM5farb1jg3V0_hKkg1eUi2-_wdzSrlB4SKZKGrNxw2;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2fce6e2e5c-39fe-48d5-9c92-21d79a1b1756%2f;js=1;adfxid=1x;1938;set=en-US|en-US|1600X1200|0|950|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.latimes.com
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
725d3cf3ccf8cd7932e3b8e6b7f60bec862e305e156cc22fa6100a95e6720442
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:59 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2901
expires
-1
1.gif
activate.platform.californiatimes.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activate.platform.californiatimes.com/privacy/v1/b/1.gif?n=7&c=2715&i=8thlsj&p=latimes&s=10008&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNDU1IiwiY2xpZW50SWQiOjI3MTUsInB1Ymxpc2hQYXRoIjoibGF0aW1lcyIsImluc3RhbmNlSWQiOiI4dGhsc2oiLCJwYWNrZXQiOjcsIm1vZGUiOiJlbmZvcmNlWgDyJ29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLMA8hFodHRwczovL2Myc2hiLnNzcC55YWhvby5jb20vYmlkUjoA8hw_ZGNuPThhOTY5MDJkMDE3Nzc3YTc0NTViYWJlNzU4YWUwMTI5JnBvcz1MyQD9SF9iYW5uZXJfZHluXzYmY21kPWJpZCZzZWN1cmU9MSZ1c19wcml2YWN5PTFZTlkiLCJ0eXBlIjoieGhyIiwic3RhcnQiOjE2MTg2ODk5NTcwNjYsImVuZBQAUHNvdXJjOQCyWEhSX01BTkFHRVJBANF0dXMiOiJhbGxvd2VkBAFAYXNvbgMB1F0sImRhdGFQYXR0ZXISAMtsaXN0IjpbXSwiaWRmAC99LDUBuT83LCI1AWuBaWIuYWRueHNjArB1dC92My9wcmViaaUBDwYCDB45BgI_MTA10QBRLzk2BgIHD9EAJwG9ABpl1wI_MTA20QBQPzEwNdEAB8JiaWRkZXIuY3JpdGUKBP8pY2RiP3B0dj0xMDYmcHJvZmlsZUlkPTE4NSZhdj0zMyZ3dj00LjI5LjAmY2I9NDkyMTQyMDU2MDbZAw4wMTI5tAQJcwMBFAAPpAJOPzEyOQIBcy4zMAIBABQADwIBTy8zMAIBGpZzbS9ldmVudHPWAaJzZW5kQmVhY29udQUKtgU9MzAz2wA3MzA03wKvU0VOREJFQUNPTr0FQj8zMDPiAAc4M3Bk4wLxBnVzZXItc3luYy9waXhlbHM_Y2NwYZ4G9gAmY291bnRyeWNvZGU9Q0j-AA-tBgQuMzDUAjczMTD3AA-tBkUvMzDUAggP8ABHANwAC8YEPzMxMfAAUR8xwgII8QdhYXgtZXUuYW1hem9uLWFkc3lzdGVtdgb2LnMvaXUzP2NtM3BwZD0xJmQ9ZHRiLXB1YiZjc2lmPXQmZGw9Z2dfbi1pbmRleF9yYmRfbi12bWdfM2xpZnQAAlBpZnJhbWAJGnOwCE40MzkxAwI3NjMzEwGgYXBwZW5kQ2hpbPgGMnN0YbAIMGxvYRAAL3JlrQggAXcAD_ACBw8QAWoeNgoEChABMW11dJMKkk9ic2VydmVyQVEEDxYBMh82BgQI8QVwYWdlYWQyLmdvb2dsZXN5bmRpY4kAASkC8BFnZXRjb25maWcvc29kYXI_c3Y9MjAwJnRpZD1ncHQmdA8A9gAyMTA0MTMwMSZzdD1lbnYfAg8fBAQuNzIMASg3MhYFDx8ERS83MgkBfB00HwYPCQFVHzQoAwc_dHBjDgIEAQQCAgoCODIuagcHQGNyaXAZBAsJBF41Nzc1MuQAHzgJBEwBdwAP4QBWD84CAAnhAA_aA0YA5wAP0QIJ8gtpbmcuY2hhcnRiZWF0Lm5ldC9waW5nP2g9bKQOAOID8CcmcD0lMkZvcGluaW9uJTJGc3RvcnklMkYyMDIwLTEyLTA2JTJGZG9uYWxkLXRydW1wLWVsZWM8D_keLWZyYXVkLWxpZXMtcHN5Y2hvbG9neSZ1PUR1R0JhbkJDT2RMcEQ2RzU1ZSZkcwCjZz0zOTA4JmcwPXgAcCZnMT1BYXKBAPALMEMuJTIwS2F5JTIwYW5kJTIwTWFyayUyMEoYAKFMYW5kYXUmZzQ9qADwGyZuPTEmZj0wMDAwMSZjPTAmeD0wJm09MCZ5PTc2NzYmbz0xNjAwJnc9MbUE8CVqPTQ1JlI9MSZXPTAmST0wJkU9MCZlPTAmcj0mYj0xODcwOCZfcz0lN0IlMjJsJTIyJTNBBgDAMjIlMkMlMjJ1dWlkEAABFgASThsAABgAJWdhFgC0MjAyOTE5MzEwMS68DyA0NB4A8B43RCZ0PUJfaThOY0JLNW9Tc2JxZDNkQ21pMkdMQjJwc2JyJlY9MTI2Jmk9V2j8AIBzbyUyMG1hbgwA8AJwZW9wbGUlMjB3YW50JTIwdBwAYGJlbGlldhYAIHRoBgAElwEBJwDwDHMlMjBzdG9sZW4mdHo9LTEyMCZfYWNjdD0mczMB8BFzdj02VlpjRkJBczNrM2hDRzg2N0M0a1JCODA3QjImcxQI1mltPTA2N2IwZWYzJl_UBTJpbWeZBgrqCi44OQYDARQABcUL8QJpbWdfRE9NQXR0ck1vZGlmaZUQBfgHD6gQLi84OQsDCABnACdpYw0DAN4RNWpzLx4Db192aWRlb9QEFS0zONQEKDg5hw-zaW5zZXJ0QmVmb3IfCQ_IBy9fNTc3MzjVBAcP4wA8HjTACQrjAA_WBEkfNMYLCA-eBhNwLzIyMi9ydYMTVy5odG1swQIPtAoETjU3NzeJDhA5wg0FxAIPtApAAXcAD9YBBw_uAEkO4gEK7gAP4gFJHzfiAQgRcA0T8AItYS5ydWJpY29ucHJvamVjdK4GAoAPBs0BD2IKAz04MDTKAQIUAAXKAQ9iCkQAZgAPzQEHD9kARQ9qDlAP2QAMD2oI__9cDTUNKTg0LxQPuARILzg5OA0ID0oPCwIeAMEvZ2VuXzIwND9pZD1ODeAyJnY9MjIyJnQ9MiZsaVUPNV8yMFIP8P_____2ams9MjIwNzYzOTU5MzgwOTI2MiZiZz0haG9XbGhjSE5BQVpVdUlsd1ZMZzdBQ2tBZHZnOFdpM05MZEFEY1FSbi1wRExzZVhXN2JCb3BTNmF4bEgwQVBqemRpLTh0MHpZZ3N5NHJBSUFBQUtLVWdBQUFDRm9BUWNLQVVpaVR5TDcteFZFdzdHY1pEUG9peHJQVnRGZ2s0RjhOS25oLVV0WmdCdXJWSkF4eXNTUXlyRndtLUdDTThqRUozMnB4TUZfLU1GYU9haWVCdjZicDRMeHVmYjhSS3dNWUVicEJnOHc4a19XT0lUR1hpS05YYkZZZ29tY0pEQk45TFlFbkNGMTkySzJ6bGJMSXBtWmlnOC1ENS1YV1lhOFBVb1NlV0lrMjltekZTenlFc0pVQlpRNDZPWm9sVng5ODFGeUt1aHlWdmpJaE1xa3QxSG4xQjhjVzRqeEVaZjRsNUJBaEFnUFJMV1phZW8tSklwTTYwN2RIb25rWUpaYkhjQktxY3QzZkNWakltMEVTNGxpQkVoamNnUFBSUks4VGpsclpkaXpFbzVVNGNtM3ZxelcyeDBBOE10alYzazdpdkEtbVV4UElmSHJ5d0NZOWdGdVM2RTBIYlJ0SkRlTkRIOG9iMkE3Z0hDSE1Rdm81MHgtYjRCYUxGNzc5VHVhSG9oeXJaU1VuUlo3NmI2RERSYmNLcTI4TWdKM05GOE96T2NsNjNULU5rYzMxOS1DQU9IRmJrM3ltUUlhVGJXeVd4eDBhaVBWU2NqbnBPbm02WXhmWFgxVG0zbk4yXzI5bWZtVkh5T251b09NbkIyckg5cjQ1YkVHcmstWS1PUDZocUg1SGxPaDF2X1Y4XzQ3T3F5QlI3aTlOUVk4bkxVLWp2bExncFNmMFAyd0RHRW5wQ0hIZUFENWxGUmkyOF8xMGlOXzc1Tlp0ZXRobVZpTjJhVlVsR19IRWpVQ2s4bGlRYjNnXzJMczl6MWJkbjlnZWNaQVdsNWxXRmJGX3U1SHFMelZaSlZjYXlTby0wQUlEV3pvZXRGTFdFRXV2VlRCVmF6RU9Xd25TQjhJaUpVcjNxZExBTFRwbVVqZ1doUXJqcTRSbGdzTjBXdTdDOTZRRDJzXzFkd2VyQ3VvSWV2UlEtbFh2QXo2MlhjOUtwZl9DTm1lNlRQYkJKZkpobFN6VGxsbnpMelpTRDVrblpOdkdrX1pKRmhFX1N2RHZHalN5ZHRLaHEwQlFuTTFkcldCN3dZcVBPMUh1ZmkxYVRqRE5xeGptSmhxTnN0a0VYYXpGV19BQ2YyVEl1azl2YW11clNyY0Y3VjFJalRoQm81X2o3eVFqYUV1bnlLOXloTVhxUXJNbmNyZG1mTS0yNjNUaDBqUmZCd0NwU010ZFJuOENkV3dWOExjR1YzNHl3NWRtd2t0ZjlCVHdmSjVDd210a3d0ZzFQbTRFaWoyZ1NpQkd2bzhlUTdrZkQzdnY1cjY4YzlPYkUyZnhXblRPcGxOQW10Y2tHa0FmdW4tLWVUV2FQRGlPeDYwcmVUbmdkTEtucjhMcUt2aTk1Q2tJYkExOFBJLWp2RUhPdldxdzRjOWdyTFNaY0VZd25hUjZ5VEVNR0xHOVZJMlJjU211OGdGcmthMzR2QUpCRFI3Ui1jaGxaVUtrUDdxcDNndjhEb25jeGw1YXNMMmY2LUR6dXlKc1BWeEFFYXE2BhUDFB0Peg4DLzg27AkAKDY0EwkPeg5MAIIAD_QJCA9fFQoPFQb______0wNdhggODhqIQUBEA8lDApAZXJyb4clD4YcHsA2ODk5NTg2NDJ9XX0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:59 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sat, 17 Apr 2021 20:05:58 GMT
/
track.adform.net/jsmetrics/ Frame D330 		43 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/jsmetrics/?adfserve=75&asset=222&sid=756&rid=10188&cid=1737
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/e/dtb/admi?b=IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0&rnd=3198343944861618689958034&pp=22vwg0&p=myjchs&crid=2676:45400975&ep=%7B%22ce%22%3A%221%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:59 GMT
last-modified
Fri, 07 Feb 2020 08:03:00 GMT
server
nginx
etag
"5e3d19b4-2b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
43
usync.html
eus.rubiconproject.com/ Frame BF67 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/e/dtb/admi?b=IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0&rnd=3198343944861618689958034&pp=22vwg0&p=myjchs&crid=2676:45400975&ep=%7B%22ce%22%3A%221%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KNM67GHD-4-5T2; rsid=1|CdSsIlYD4v+QRC+j1tw5NiKxi4lKFKabvD5nIonwVQ9yrIP5NGrhQaqTCqCJieGkTxzCtT3GWjvGRBKXWiDhFgX3ng06hUEE9RUpasHbexgjvGivYKlBOKmTT8+Kbwv/ANSf; ses57=267796^1; vis57=267796^1; audit=1|0o8zzNO5o4bdA/m1w9tg9dHV7oIR0oy7KQ/gb+Jo8EIO1lLpAHOmYLyqHRbSYyv9krVAsT5szDDgcRgjl6EitQZNGwwNLqQn3OlDu/ORdD8=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 17 Apr 2021 20:05:59 GMT
Connection
keep-alive
Vary
Accept-Encoding
%7B%22_type%22%3A%22iframeRender%22%2C%22c%22%3A%22dtb%22%2C%22pid%22%3A%22lV3D5nvVkOdVK%22%2C%22crt%22%3A814%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%223886%22%2C%22lv%22%3A%227.63.00%22%7D
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_type%22%3A%22iframeRender%22%2C%22c%22%3A%22dtb%22%2C%22pid%22%3A%22lV3D5nvVkOdVK%22%2C%22crt%22%3A814%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%223886%22%2C%22lv%22%3A%227.63.00%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:59 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Standard
s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame D330 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0537669aaa954e27dbb5ed8201e1369547377a96106027ed3bb356048665f672

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:59 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 09:15:30 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sun, 18 Apr 2021 22:55:04 GMT
usync.js
eus.rubiconproject.com/ Frame BF67 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aab475e61325aa8b10d5fc1127dc89c6562731d9a0dbd32db36b85a5e792ced5

Request headers

Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:05:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Apr 2021 20:37:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18114
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9236
Expires
Sun, 18 Apr 2021 01:07:53 GMT
/
track.adform.net/csimpr/ Frame D330 		35 B
476 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=45400975&csi=Qc7V0YZ7rkmKfGKebRJAs6luO4NGdotB9el8XQo2h5zrygPkIxxfk2mfEIEfOq-mAP9N5707B8UlqociwScyUmQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:59 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://aax-eu.amazon-adsystem.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
view
securepubads.g.doubleclick.net/pcs/ Frame 755F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSDrzvuLV_bs5_PfJ6J-yKOVnr6WM5uT8I4mb0e3iwA3rf2N2ZOIdFJQQ-Jzg2KHY0MIp_OjPtYCZ-_Tz4K4S9lg31fM4ox7cHnjZqbDWX__9HExTvrwNtDPQgK9n5aQcmUn44uzhB6hrOcI18MY-LWMLswuFa4d3Tlo4F4iI2avnc91LtgaJpEkAAvcP4NFj_b_XgLrXx3BPN_MKimACTKKeYJEV7wMVBBgShtulp6v1WFUz84lx-Q8Xwsgmi6iwumXSUIreioj66mi3ncmowOiE5FV7IScOfvYkVLNZSee2F6AP_Q0km8pk6SV_Vrw&sig=Cg0ArKJSzFx22Qdxr3PBEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 20:05:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 17 Apr 2021 20:05:59 GMT
9542029.js
s1.adform.net/Banners/Elements/Files/2070608/9542029/ Frame 21DA 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2070608/9542029/9542029.js?ADFassetID=9542029&bv=257
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
49605dfc53b07f87b6a38d8fca28668f107d02cac8e1c9bbf5423dfbe0661cbc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:59 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 16:25:49 GMT
server
nginx
etag
W/"6078690d-47ef"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
%7B%22v%22:%7B%22p%22:0,%22t%22:0,%22def%22:%22amzn%22%7D,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:970,%22ttv%22:1.09,%22ts%22:1618689959465,%22bn%22:false,%22pixelId%22:%22ie48ll06ysn%22,%22ve...
aax-eu.amazon-adsystem.com/x/px/IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0/v/ Frame D330 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/x/px/IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0/v/%7B%22v%22:%7B%22p%22:0,%22t%22:0,%22def%22:%22amzn%22%7D,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:970,%22ttv%22:1.09,%22ts%22:1618689959465,%22bn%22:false,%22pixelId%22:%22ie48ll06ysn%22,%22ver%22:%22r-1.27%22%7D?cb=4868558
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://aax-eu.amazon-adsystem.com/e/dtb/admi?b=IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0&rnd=3198343944861618689958034&pp=22vwg0&p=myjchs&crid=2676:45400975&ep=%7B%22ce%22%3A%221%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:59 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
%7B%22atf%22:true,%22f%22:1,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:970,%22ts%22:1618689959465,%22bn%22:false,%22pixelId%22:%22ie48ll06ysn%22,%22ver%22:%22r-1.27%22%7D
aax-eu.amazon-adsystem.com/x/px/IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0/atf/ Frame D330 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/x/px/IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0/atf/%7B%22atf%22:true,%22f%22:1,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:970,%22ts%22:1618689959465,%22bn%22:false,%22pixelId%22:%22ie48ll06ysn%22,%22ver%22:%22r-1.27%22%7D?cb=3942910
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://aax-eu.amazon-adsystem.com/e/dtb/admi?b=IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0&rnd=3198343944861618689958034&pp=22vwg0&p=myjchs&crid=2676:45400975&ep=%7B%22ce%22%3A%221%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:05:59 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 21DA 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=622
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d3759299ce00e3bac2782faf02d6f1962e5c88b04e9682224f5852d0c86b6480

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:59 GMT
content-encoding
gzip
last-modified
Mon, 12 Oct 2020 12:12:05 GMT
server
nginx
etag
W/"5f844815-78ab"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
styles.css
s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/ Frame 21DA 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/styles.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
96ce0dd8cf4404f3862134d3df5cb45a8a247cf9e26649b467da3f79caebe08d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:59 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 16:25:47 GMT
server
nginx
etag
W/"6078690b-1b4e"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
text/css
logo_default.png
s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/ Frame 21DA 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/logo_default.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
244ea43b9ca8771927bf05a2d967dda6b34d8352d371bd74349debdbf7263ce7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:59 GMT
last-modified
Thu, 15 Apr 2021 16:25:47 GMT
server
nginx
etag
"6078690b-2b3e"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
11070
revive.png
s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/ Frame 21DA 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/revive.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
627ef64d085bfff7b6d1bd7bbbbd33920f99ce7ba785676c7722c42632ca3295
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:59 GMT
last-modified
Thu, 15 Apr 2021 16:25:49 GMT
server
nginx
etag
"6078690d-2ec3"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
11971
home_v2.jpg
s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/ Frame 21DA 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/home_v2.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4fec22991698cdc21cfb1dd9edcea1d62830321cb4c0a75f0f30f9e1f9182b3f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:59 GMT
last-modified
Thu, 15 Apr 2021 16:25:49 GMT
server
nginx
etag
"6078690d-6b00"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
27392
logo_newyou.png
s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/ Frame 21DA 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/logo_newyou.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9a486c5b0eccd4cec8efef076b029f2730d1994158d55c320a9505c451aef405
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:59 GMT
last-modified
Thu, 15 Apr 2021 16:25:49 GMT
server
nginx
etag
"6078690d-1dc2"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
7618
overlay_01_v2.jpg
s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/ Frame 21DA 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/overlay_01_v2.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e44a3299ba58c9814bb00756670a0f4225cd5d901760c2493544b466e76d16e2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:59 GMT
last-modified
Thu, 15 Apr 2021 16:25:47 GMT
server
nginx
etag
"6078690b-7438"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
29752
overlay_02_v2.jpg
s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/ Frame 21DA 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/overlay_02_v2.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
eff6028887250d632c1904a04376408914d02f595fbbb13794016b7222097e58
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:59 GMT
last-modified
Thu, 15 Apr 2021 16:25:47 GMT
server
nginx
etag
"6078690b-1f378"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
127864
tm.js
io.fusedeck.net/d/ Frame 21DA 		167 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.fusedeck.net/d/tm.js?p=g4BmDvup9S&l=fdData&h=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fe%2Fdtb%2Fadmi%3Fb%3DIkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0%26rnd%3D3198343944861618689958034%26pp%3D22vwg0%26p%3Dmyjchs%26crid%3D2676%3A45400975%26ep%3D%257B%2522ce%2522%253A%25221%2522%257D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/e/dtb/admi?b=IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0&rnd=3198343944861618689958034&pp=22vwg0&p=myjchs&crid=2676:45400975&ep=%7B%22ce%22%3A%221%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.253.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2d3cb8f669b21810198c94f19e3de346f316ad15ffff945478c90e2a97927ca1

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:05:59 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
iframe_api
www.youtube.com/ Frame 21DA 		1005 B
979 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/e/dtb/admi?b=IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0&rnd=3198343944861618689958034&pp=22vwg0&p=myjchs&crid=2676:45400975&ep=%7B%22ce%22%3A%221%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9597860d23d61f092be7543c5714d0e1dbf18eae058a76c76da64285392b8eb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:05:59 GMT
icon_arrow_left.svg
s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/ Frame 21DA 		289 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/icon_arrow_left.svg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/styles.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7c55c01e80617b48b3b68d47aadd066fb3ca414268ca1cbaaf4073848a3c3600
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:59 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 16:25:47 GMT
server
nginx
etag
W/"6078690b-121"
x-cache-status
HIT
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
strict-transport-security
max-age=0
content-type
image/svg+xml
CeraPRO-Medium.woff
s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/ Frame 21DA 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/CeraPRO-Medium.woff
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/styles.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
42be1fca44c3cc4dc0d6d446f7ea798b50de25be64dcd7b925487255a3b87389

Request headers

Origin
https://aax-eu.amazon-adsystem.com
Referer
https://s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:59 GMT
last-modified
Thu, 15 Apr 2021 16:25:49 GMT
server
nginx
etag
"6078690d-130c8"
x-cache-status
HIT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
78024
Cera-PRO-Bold.woff
s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/ Frame 21DA 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/Cera-PRO-Bold.woff
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/styles.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f094bc5d6439748693f62562750c1b28628511866d4896efc7ab060530909f7a

Request headers

Origin
https://aax-eu.amazon-adsystem.com
Referer
https://s1.adform.net/Banners/Elements/Files/2070608/9542029/bvpath_257/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:05:59 GMT
last-modified
Thu, 15 Apr 2021 16:25:49 GMT
server
nginx
etag
"6078690d-1344c"
x-cache-status
HIT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
78924
www-widgetapi.js
www.youtube.com/s/player/e0d06a61/www-widgetapi.vflset/ Frame 21DA 		109 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e0d06a61/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
688787521ed7834cc36e290802e240d5003d419188c265ad7b50e4e2e9128bd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 12:42:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 00:18:36 GMT
server
sffe
age
26609
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39492
x-xss-protection
0
expires
Sun, 17 Apr 2022 12:42:30 GMT
ibvnrHls2GU
www.youtube.com/embed/ Frame 5EE5 		51 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
790202af828a494884d4335d474b85ccf0f34c16ac656d54289ce832b1a69aa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aax-eu.amazon-adsystem.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
YSC=TklIRLLBcs4; VISITOR_INFO1_LIVE=kieEPs9AKfo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 17 Apr 2021 20:05:59 GMT
strict-transport-security
max-age=31536000
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+606; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
www-player-webp.css
www.youtube.com/s/player/e0d06a61/ Frame 5EE5 		355 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e0d06a61/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af519e8dc403523c3eae4761e1266ccde896aca39668ca1e1e8b2486e4d70072
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 14:46:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 00:18:36 GMT
server
sffe
age
191974
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53712
x-xss-protection
0
expires
Fri, 15 Apr 2022 14:46:25 GMT
www-embed-player.js
www.youtube.com/s/player/e0d06a61/www-embed-player.vflset/ Frame 5EE5 		184 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e0d06a61/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2cf5e546a2d6c8aeeba1c9e5e12d7d2ead31a0f403fb095b0415e153704a229
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 14:46:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 00:18:36 GMT
server
sffe
age
191974
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66775
x-xss-protection
0
expires
Fri, 15 Apr 2022 14:46:25 GMT
base.js
www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/ Frame 5EE5 		2 MB
517 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af336d8d11cf599464400feea639b946743f4289c440c2aa9b95553a311e7db4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 14:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 00:18:36 GMT
server
sffe
age
191927
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
528848
x-xss-protection
0
expires
Fri, 15 Apr 2022 14:47:12 GMT
fetch-polyfill.js
www.youtube.com/s/player/e0d06a61/fetch-polyfill.vflset/ Frame 5EE5 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e0d06a61/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 14:46:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 00:18:36 GMT
server
sffe
age
191974
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Fri, 15 Apr 2022 14:46:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5EE5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
554541
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 5EE5 		113 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
feff002b4629c956b4b0c7660893af3c651e75a850e8c33415e80ec431f80fe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:06:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 5EE5 		29 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:56:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
596
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:11:04 GMT
remote.js
www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/ Frame 5EE5 		97 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
604d02a10c9e776c28d7a9631a306927de98251b72736b5bd8b2284df63c63aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 14:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 00:18:36 GMT
server
sffe
age
191793
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32747
x-xss-protection
0
expires
Fri, 15 Apr 2022 14:49:27 GMT
t_BD1Swsl8UI6dUNuZtKFwRjDqhsSaRPMywGeYRNcRg.js
www.google.com/js/th/ Frame 5EE5 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/t_BD1Swsl8UI6dUNuZtKFwRjDqhsSaRPMywGeYRNcRg.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7f043d52c2c97c508e9d50db99b4a1704630ea86c49a44f332c0679844d7118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 13:38:17 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:00:00 GMT
server
sffe
age
196063
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12763
x-xss-protection
0
expires
Fri, 15 Apr 2022 13:38:17 GMT
embed.js
www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/ Frame 5EE5 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb842642e425e5e5f6dc2081cb23fd9b0358b7486a37c0bd42b64bb9734dc9e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 14:49:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 00:18:36 GMT
server
sffe
age
191783
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7769
x-xss-protection
0
expires
Fri, 15 Apr 2022 14:49:37 GMT
truncated
/ Frame 5EE5 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnhaeCcnrG1uHLSA1uINNoDTalgBvsVDP9zosayseg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 5EE5 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwnhaeCcnrG1uHLSA1uINNoDTalgBvsVDP9zosayseg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bef73ca5e4d62343d99500ef1afde77965ea36179554c58c84fda1919652695f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 16:54:47 GMT
x-content-type-options
nosniff
age
11473
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3488
x-xss-protection
0
server
fife
etag
"v213"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 13 Apr 2021 15:44:56 GMT
sddefault.webp
i.ytimg.com/vi_webp/ibvnrHls2GU/ Frame 5EE5 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/ibvnrHls2GU/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7b9d2e0bf9b34b7385654845e96d03e7f4f405797265b09dadef996cd44deef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:51:12 GMT
x-content-type-options
nosniff
server
sffe
age
888
etag
"0"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18034
x-xss-protection
0
expires
Sat, 17 Apr 2021 21:51:12 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 5EE5 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:06:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:06:00 GMT
generate_204
www.youtube.com/ Frame 5EE5 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?M1VvOw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:06:00 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
csi_204
www.youtube.com/ Frame 5EE5 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/csi_204?v=2&s=youtube&action=embed&yt_sts=n&is_nav=1&csn=MC41MDI1OTg1NjU5OTAwODgy&yt_vis=1&yt_lt=cold&rc=&st=43&cpn=kE66-k1Lw0DUzatL&rt=pe.304,srt.71,nreqs.4,nress.71,nrese.72,wffs.87,wffe.94,rsf_pc.83,rse_pc.106,fs.389,ol.765,aft.765,ps.765
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:06:00 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 755F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthfPcKnyqFOXT9bVb_8oBU0cDHiL-JQRAPvUpmcxxhz8j5PouuzKhNCwwxWzsDwhHZDanhPeAkGSkZncUhDuDYyI4JEpZ4kT8XZbuGcF8&sig=Cg0ArKJSzGSSG7UHDpUlEAE&id=lidar2&mcvt=1014&p=87,315,337,1285&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20210414&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=516304235&rs=4&met=ce&la=1&cr=0&osd=1&vs=4&rst=1618689958036&dlt=0&rpt=162&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:06:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
%7B%22v%22:%7B%22p%22:50,%22t%22:1,%22def%22:%22iab%22%7D,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:970,%22ttv%22:2.11,%22ts%22:1618689960478,%22bn%22:false,%22pixelId%22:%22ie48ll06ysn%22,%22ve...
aax-eu.amazon-adsystem.com/x/px/IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0/v/ Frame D330 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/x/px/IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0/v/%7B%22v%22:%7B%22p%22:50,%22t%22:1,%22def%22:%22iab%22%7D,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:970,%22ttv%22:2.11,%22ts%22:1618689960478,%22bn%22:false,%22pixelId%22:%22ie48ll06ysn%22,%22ver%22:%22r-1.27%22%7D?cb=260917
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://aax-eu.amazon-adsystem.com/e/dtb/admi?b=IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0&rnd=3198343944861618689958034&pp=22vwg0&p=myjchs&crid=2676:45400975&ep=%7B%22ce%22%3A%221%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:06:00 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
%7B%22v%22:%7B%22p%22:100,%22t%22:1,%22def%22:%22groupm%22%7D,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:970,%22ttv%22:2.11,%22ts%22:1618689960479,%22bn%22:false,%22pixelId%22:%22ie48ll06ysn%22,%...
aax-eu.amazon-adsystem.com/x/px/IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0/v/ Frame D330 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/x/px/IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0/v/%7B%22v%22:%7B%22p%22:100,%22t%22:1,%22def%22:%22groupm%22%7D,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:970,%22ttv%22:2.11,%22ts%22:1618689960479,%22bn%22:false,%22pixelId%22:%22ie48ll06ysn%22,%22ver%22:%22r-1.27%22%7D?cb=4221620
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://aax-eu.amazon-adsystem.com/e/dtb/admi?b=IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0&rnd=3198343944861618689958034&pp=22vwg0&p=myjchs&crid=2676:45400975&ep=%7B%22ce%22%3A%221%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:06:00 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
/
track.adform.net/serving/unload/ Frame D330 		35 B
476 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=3671665564637116370@@45400975,1459937993581101503,100|1045|0|0|0|0|0|0|0||132|1|31|2ea200ff9beb497e07aa88477cd5910e23febb71_1|||1|0|0|7mBLEBvTbvhX7EYoWZQhUXkWkkslK78I7-XJA3L-5ifxD3OxKFBSNckllzAqADQrA7z_uuw_WOM1||1|11|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:06:01 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://aax-eu.amazon-adsystem.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame D330 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=45400975&event=178&time=2&baid=44564185&name=Viewable%20impressions&imprid=1459937993581101503&icid=3671665564637116370&eData=Qc7V0YZ7rkkGJI1-gDPOEkLefXOBh2p24fn4X_ACi5hi4URXpLYIQ14yhXxijGDYPhvCsx5eR-Uau94oJsHc8Q2&rtbdata=2E4JqRQohZ5RaqvzozAVLuTdeVQEHTXpTGknqpGiDY586U_00E69yy4j62PcqWS5RsCCrUjuQD-03bwbTNOIZ_Ks-r4puR2FoX5Diha3tcKbtVvQKZ2Q3-k7jtXaq12LtlrAHqDDuhVk_tpatNV338vwBLNWd9RyGj40wkkl_CcDbHSz_Z7EEBY4KeS6TMfoE04IF2y1KdkuchpDWd4iYxeNTW3CT3lVMzRFhiGcpsbvxFtkuZewNxvRUiGDyMyMOSsb6aAya6wlEvc-o29QLlmjEhqprHbjZDtGVeU-5YmYjs4JCzg7WDl8sXJlprlSBxzx6Ci1CCuMHQgXWCZrVvx4bTZ5yyjqhF_UWZFSk42qOF1bi2p4wo0wBkxBd19oobTTJ3BdwHV9Nk_BUc6CQC8OiDPjmUJeZJii1XUC4TuCCJt53P-QlSdn-XUlo3uFt3frtksErWL-la3dKld06Nyng_nT6UVxD4oxJd3DCrthdwc-UbzrF4tHjV2MCY-sxcDUaoFNRdKHGM5farb1jg3V0_hKkg1eUi2-_wdzSrlB4SKZKGrNxw2&rtbwp=1A488D41E9486B98&rnd=125696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:06:01 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
1.gif
activate.platform.californiatimes.com/privacy/v1/b/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activate.platform.californiatimes.com/privacy/v1/b/1.gif?n=8&c=2715&i=8thlsj&p=latimes&s=1007&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNDU1IiwiY2xpZW50SWQiOjI3MTUsInB1Ymxpc2hQYXRoIjoibGF0aW1lcyIsImluc3RhbmNlSWQiOiI4dGhsc2oiLCJwYWNrZXQiOjgsIm1vZGUiOiJlbmZvcmNlWgDyJ29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLMA9EZodHRwczovL2FheC5hbWF6b24tYWRzeXN0ZW0uY29tL3gvcHgvcC9QSC8lN0IlMjJfdHlwZSUyMiUzQSUyMmlmcmFtZVJlbmRlciUyMiUyQyUyMmMlHwAwZHRiKwAQMhYAMHBpZAwAATcA0GxWM0Q1bnZWa09kVksWAAEiADBjcnQMAFIzQTgxNEoAMl90bBIAoCUyMmFwcy10YWcQAAEuACZzcmgARTM4ODYZACBsdgsAAWgAcDcuNjMuMDAQAFA3RCIsIrwA8A4iOiJpbWciLCJzdGFydCI6MTYxODY4OTk1OTI5NUABHWQUAGJzb3VyY2U5APIBX0RPTUF0dHJNb2RpZmllZEkAsXR1cyI6ImFsbG93EwBgcmVhc29ucAHUXSwiZGF0YVBhdHRlchIAvGxpc3QiOltdLCJpbgAvfSyiAf8LHTaiAVUzNzIsIqIBMW11dNoCmE9ic2VydmVyQaABMGxvYbABD50BHsA2ODk5NTkyOTZ9XX0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.latimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:06:01 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sat, 17 Apr 2021 20:06:00 GMT
%7B%22adCsm%22:[%7B%22ns%22:1618689958163,%22st%22:%22650.92%22,%22re%22:%22770.56%22,%22ldTot%22:%22119.63%22%7D,%7B%22lteu%22:%220.10%22,%22ltut%22:%220.02%22,%22ltpq%22:%220.03%22,%22ltvd%22:%22...
aax-eu.amazon-adsystem.com/x/px/IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0/ Frame D330 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/x/px/IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0/%7B%22adCsm%22:[%7B%22ns%22:1618689958163,%22st%22:%22650.92%22,%22re%22:%22770.56%22,%22ldTot%22:%22119.63%22%7D,%7B%22lteu%22:%220.10%22,%22ltut%22:%220.02%22,%22ltpq%22:%220.03%22,%22ltvd%22:%220.20%22,%22csmTot%22:%221.01%22%7D,%7B%22vdr%22:%222008.70%22,%22tdr%22:%222008.70%22%7D],%22pixelId%22:%22ie48ll06ysn%22,%22ts%22:1618689961945,%22ver%22:%22r-1.27%22%7D?cb=720772
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://aax-eu.amazon-adsystem.com/e/dtb/admi?b=IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0&rnd=3198343944861618689958034&pp=22vwg0&p=myjchs&crid=2676:45400975&ep=%7B%22ce%22%3A%221%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:06:01 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
/
track.adform.net/serving/unload/ Frame D330 		35 B
476 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=3671665564637116370@@45400975,1459937993581101503,100|3943|0|0|0|0|0|0|0||498|1|31|2ea200ff9beb497e07aa88477cd5910e23febb71_1|||1|0|0|7mBLEBvTbvhX7EYoWZQhUXkWkkslK78I7-XJA3L-5ifxD3OxKFBSNckllzAqADQrA7z_uuw_WOM1||1|01|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://aax-eu.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 20:06:04 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://aax-eu.amazon-adsystem.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
%7B%22adCsm%22:[%7B%22vdr%22:%224010.32%22,%22tdr%22:%226019.02%22%7D],%22pixelId%22:%22ie48ll06ysn%22,%22ts%22:1618689965980,%22ver%22:%22r-1.27%22%7D
aax-eu.amazon-adsystem.com/x/px/IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0/ Frame D330 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/x/px/IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0/%7B%22adCsm%22:[%7B%22vdr%22:%224010.32%22,%22tdr%22:%226019.02%22%7D],%22pixelId%22:%22ie48ll06ysn%22,%22ts%22:1618689965980,%22ver%22:%22r-1.27%22%7D?cb=1745065
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://aax-eu.amazon-adsystem.com/e/dtb/admi?b=IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0&rnd=3198343944861618689958034&pp=22vwg0&p=myjchs&crid=2676:45400975&ep=%7B%22ce%22%3A%221%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:06:06 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
%7B%22adCsm%22:[%7B%22vdr%22:%228001.20%22,%22tdr%22:%2214020.23%22%7D],%22pixelId%22:%22ie48ll06ysn%22,%22ts%22:1618689969997,%22ver%22:%22r-1.27%22%7D
aax-eu.amazon-adsystem.com/x/px/IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0/ Frame D330 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/x/px/IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0/%7B%22adCsm%22:[%7B%22vdr%22:%228001.20%22,%22tdr%22:%2214020.23%22%7D],%22pixelId%22:%22ie48ll06ysn%22,%22ts%22:1618689969997,%22ver%22:%22r-1.27%22%7D?cb=9686737
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://aax-eu.amazon-adsystem.com/e/dtb/admi?b=IkROmJHi5Ds56STvmk88y64AAAF44XCd-AMAAA8uATIfhQ0&rnd=3198343944861618689958034&pp=22vwg0&p=myjchs&crid=2676:45400975&ep=%7B%22ce%22%3A%221%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Apr 2021 20:06:10 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
log_event
www.youtube.com/youtubei/v1/ Frame 5EE5 		28 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ibvnrHls2GU?rel=0&enablejsapi=1&origin=https%3A%2F%2Faax-eu.amazon-adsystem.com&widgetid=1
X-YouTube-Client-Version
1.20210414.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtraWVFUHM5QUtmbyin_-yDBg%3D%3D
X-YouTube-Ad-Signals
dt=1618689959861&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C444%2C250&vis=1&wgl=true&ca_type=image&bid=ANyPxKqqkQpx5jN7w-qieWdvgw8T8kqMn_dySPrj_Lgfk4SV7XJ-S4SuFsA4ItFHIkSy0pNvkKB3EeD4PmBBvO2IhbxZmo-Pzg

Response headers

date
Sat, 17 Apr 2021 20:06:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sat, 17 Apr 2021 20:06:10 GMT

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| newsletterCampaignSettings number| _lb string| promoLocalization object| grapheneLazyLoadComponents function| fbAsyncInit object| trb object| dfpKV object| apstag object| googletag object| dfpAdSlotsObject object| staticAdSlots object| pbjs number| pbto object| apstagSlots object| ensBootstraps object| CalTimes object| ensClientConfig boolean| ensBrowserSupported object| gateway function| $ function| jQuery object| registration function| pbjsChunk object| _pbjsGlobals object| confiant object| modality object| FB object| usPrivacyPendingCalls function| __uspapi object| ggeac object| google_js_reporting_queue boolean| apstagLOADED function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| Criteo object| _tfa function| fbq function| _fbq object| newsletterC function| trackable function| pintrk function| rdt object| adsData function| gtag function| snaptr object| r string| _linkedin_data_partner_id string| src function| udm_ object| ns_p function| obApi function| chartbeat function| qp string| projectId string| pixelId object| dotq function| twq undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error string| GoogleAnalyticsObject function| ga object| trackObj object| lineItems object| google_tag_manager object| google_tag_data function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels object| YAHOO object| twttr object| __wpcc object| _sf_async_config object| qevents boolean| triedToSendCookieToNative object| WebJSBridge object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal function| rev function| lintrk boolean| _already_called_lintrk object| uetq object| _mather object| _mg2q object| _matherq object| tid object| criteo_pubtag object| criteo_pubtag_prebid_106 object| Criteo_prebid_106 function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| UET object| gaplugins object| gaData function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| teadsscript object| teads object| _cbq number| _sf_endpt object| GoogleGcLKhOms object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| google_image_requests

21 Cookies

Domain/Path Name / Value
.casalemedia.com/ Name: CMRUM3
Value: c4607b3fa3276003030003_607b3fa2c9bcb&69607b3fa305a00&40607b3fa12760no-consent&2d607b3fa02760CAESEKCCzRszu_JZ31FscRe0m7k&bf607b3fa22760368a8bd1-f6ca-ad89-70f2d697&5a607b3fa3276019C2D881768C4EE989A7169C42F153D7
.casalemedia.com/ Name: CMPRO
Value: 1144
.casalemedia.com/ Name: CMDD
Value: AAXw5wE*
.casalemedia.com/ Name: CMID
Value: YHs-oPOTvHbcpWlYCy.98wAA
.casalemedia.com/ Name: CMPS
Value: 3258
.doubleclick.net/ Name: IDE
Value: AHWqTUlgSol5OE_Lxo0MRUGm8y8OLRA_a9vxBIz9h_IJmLXS1gB60qOfcOg4iQVoBhU
.rubiconproject.com/ Name: audit
Value: 1|0o8zzNO5o4bdA/m1w9tg9dHV7oIR0oy7KQ/gb+Jo8EKNVQaDQWhr1Kqmmv7Dq38qPv1CeJBev9Sc1OCVq3lVvyL8FS9dsoxg
.rubiconproject.com/ Name: vis57
Value: 267796^1
.rubiconproject.com/ Name: ses57
Value: 267796^1
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.3lift.com/ Name: tluid
Value: 9201965847606164526
.casalemedia.com/ Name: CMST
Value: YHs-oGB7P6UB
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 55fca26710fe782f
.openx.net/ Name: i
Value: 34a5888d-af00-43f2-b799-cc68bfb0fbd1|1618689953
.adnxs.com/ Name: uuid2
Value: 2081457964583500536
.latimes.com/ Name: _ml_id
Value: cd314fe21932a52f.1618689954.1.1618689954.1618689954
.adnxs.com/ Name: icu
Value: ChgIuZ1eEAoYASABKAEwpf_sgwY4AUABSAEQpf_sgwYYAA..
.amazon-adsystem.com/ Name: ad-id
Value: A_Jf0WYb2EsVjM3xpQgDEZg
.rubiconproject.com/ Name: rsid
Value: 1|CdSsIlYD4v+QRC+j1tw5NiKxi4lKFKabvD5nIonwVQ9yrIP5NGrhQaqTCqCJieGkTxzCtT3GWjvGRBKXWiDhFgX3ng06hUEE9RUpasHbexgjvGivYKlBOKmTT8+Kbwv/ANSf
.rubiconproject.com/ Name: khaos
Value: KNM67GHD-4-5T2
.latimes.com/ Name: _ml_ses
Value: *

4 Console Messages

Source Level URL
Text
console-api debug URL: https://info.silobreaker.com/e2t/tc/VWDDKB5FlWwMW4f-ZNF6d9S50W8Ny6Rt4kh_1bN3Z5r9Z2-HwrV1-WJV7CgRynW1hQg-P8st2GdW3yKWnd57MvgJW82GwzS3HYS_fW3nLzw7331CZkW3Q6q8M8GBG8YW69Wwkn1BNj7pW1pQq-T4dX9M9Vc-w-j4-FJ36W7_WX6K22JdDKW7G9bKq4-YQnZW65dTcV3fT71VW7vm0nw7QMbg1W3VcYRG392xVLW6__czk8TqcXWN63z5vPK9cQkW32FrrX2hhDXsW6XnyJ06X32BBW7HbzBS5YXHdMW2PfZwh7rJqLQW2RFvm08lKm0tW6lqtqQ3YgwbNW6-_qmN3TxXYdW6l1hM98L3T4PVrhhgh8_RzHxN75rhfc8xMqjW65_cMn5KtBY_3blt1(Line 13)
Message:
toS
console-api log URL: https://confiant-integrations.global.ssl.fastly.net/native/202104121324/wrap.js(Line 21)
Message:
Found 1 supported native ad slots
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.latimes.com/opinion/story/2020-12-06/donald-trump-election-fraud-lies-psychology?_hsmi=96965274&_hsenc=p2ANqtz-9oeyf42yfltRvsX8eR8FbBNuLqabLLQhqt2qATFWBm7kafufR5HN9L-o2dtT7X6OQTR22Ynj4-4YQH5H7SNOPOM2_gtFBTyGfpeBWjrN94670R7mU
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041301.js(Line 6)
Message:
The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3pd.criteo.com
5a394acdcc8776b6ea38a2d378217487.safeframe.googlesyndication.com
a.quora.com
a.teads.tv
a.tribalfusion.com
a5367c9aa9e7c719bd2a3c05ad59deb2.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
activate.latimes.com
activate.platform.californiatimes.com
ad.360yield.com
ad.turn.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.rubiconproject.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
alb.reddit.com
amplify.outbrain.com
analytics.twitter.com
assets.revcontent.com
b1sync.zemanta.com
bat.bing.com
beacon-ams3.rubiconproject.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
ca-times.brightspotcdn.com
casale-match.dotomi.com
cdn.ampproject.org
cdn.contentspread.net
cdn.taboola.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
creativecdn.com
cs.emxdgt.com
csi.gstatic.com
ct.pinterest.com
d.adroll.com
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
ext.chtbl.com
fastlane.rubiconproject.com
fonts.gstatic.com
googleads.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hal9000.redintelligence.net
hal900028.redintelligence.net
hal90003.redintelligence.net
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
info.silobreaker.com
io.fusedeck.net
jadserve.postrelease.com
js-sec.indexww.com
js.matheranalytics.com
latimes-d.openx.net
libs.platform.californiatimes.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
ntvcld-a.akamaihd.net
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
protected-by.clarium.io
px.ads.linkedin.com
q.quora.com
r.scoota.co
r.turn.com
rtb.gumgum.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.ntv.io
s.pinimg.com
s.tribalfusion.com
s.yimg.com
s1.adform.net
s8t.teads.tv
sb.scorecardresearch.com
sc-static.net
secure.adnxs.com
securepubads.g.doubleclick.net
snap.licdn.com
ssor.platform.californiatimes.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.chartbeat.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
t.co
t.teads.tv
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.outbrain.com
tr.snapchat.com
track.adform.net
u.openx.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
web.chtbl.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
www.latimes.com
www.linkedin.com
www.redditstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
104.108.144.214
104.108.145.107
104.108.145.8
104.108.145.83
104.111.230.142
104.244.42.5
104.244.42.67
104.76.201.56
107.178.250.234
124.146.215.42
13.225.87.41
13.33.139.105
138.201.63.117
138.201.84.252
142.250.186.34
142.250.186.66
142.250.186.98
143.204.245.121
143.204.245.38
143.204.245.52
143.204.245.6
143.204.247.127
143.204.90.71
143.204.90.81
151.101.113.108
151.101.113.140
151.101.113.194
151.101.114.49
151.101.13.2
151.139.128.11
159.253.128.188
169.197.150.7
178.250.0.173
178.250.2.131
18.156.0.31
18.156.195.47
18.157.108.214
18.157.138.23
18.158.182.200
18.195.155.181
184.30.212.16
184.30.24.193
184.31.84.150
185.183.112.148
185.184.8.30
185.29.135.227
185.33.221.89
185.64.190.78
188.42.191.196
192.132.33.46
193.0.160.128
193.122.128.135
198.148.27.139
199.232.136.157
199.232.137.44
199.60.103.254
2.16.107.122
2001:678:cb4:bbbb::11
213.19.147.151
213.19.162.41
23.209.68.8
2600:9000:2021:a400:18:1fcd:34e:d2a1
2600:9000:206f:5600:a:b27c:d040:93a1
2602:803:c003:200::37
2606:4700::6812:d05
2607:f8b0:4008:804::2003
2620:116:800d:21:36a9:ecb:e518:b308
2620:119:50e4:101::6cae:b55
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:800::2002
2a00:1450:4001:800::2016
2a00:1450:4001:801::2002
2a00:1450:4001:801::2008
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::2006
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:400c:c0d::9b
2a00:1450:401b:807::2001
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:1700:494::25ea
2a02:26f0:6c00:181::26e5
2a02:26f0:7100:288::1931
2a02:fa8:8806:13::1400
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.123.239.130
3.124.119.57
3.125.137.77
3.127.51.194
3.220.131.242
3.227.227.165
3.248.28.111
3.64.73.215
34.194.148.31
34.98.64.218
35.156.19.236
35.168.95.93
35.186.226.184
35.186.253.211
35.241.40.233
35.244.174.68
37.157.2.248
37.157.3.29
46.228.164.11
50.16.38.94
51.178.20.139
52.208.253.191
52.214.32.209
52.214.7.146
52.30.135.179
52.48.251.151
52.95.118.60
54.154.158.183
54.173.41.153
54.204.142.198
54.241.108.168
63.251.232.170
64.202.112.127
64.202.112.159
66.155.71.150
69.173.144.165
70.42.32.191
72.21.206.140
88.99.165.19
88.99.70.21
016aae8f0f82dc232da12bca20292f2c731d221a3b9742d6ec0b13842acaa43b
023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780
033371b7ed2088166f1f2593517b3c329bc45b0655994614b56eb6cab5a6127b
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0537669aaa954e27dbb5ed8201e1369547377a96106027ed3bb356048665f672
0546ead9f858c3acea7c676b3243505aff2f34ff00ecaaf69cdcfdcf914e561a
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0857b341314e11f31569a4cbc62e6787d261185d20e8866295d5182bf991eee9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cee18dbc3ba54f229f87eedf2dfdbf1dd73586b8dfec0090a86c13c452ccd49
0e292736d9ffb924f97c250eb4c2afcbfc3a303ebab6ba4f187895c793fde529
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10d9e2b611645895eef11653c3be324da69df0521d33f9295b2a3af497b8fc04
125d19524ca87754fd08394b4abe11d6db2409b11f9c302b787462af80bcad96
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143860b1488db3092351eaac385aef4b6f04261e62c36b1696a5fa4348a17d74
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe
158d7c3c8d931a587c66b7947fdc4a9e9c741dade62fff14a88430482835c4a2
1590e9b4040c082d0c54c7083036b3cb26d77b4015774e9b9237686078cc785f
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616
214290b8d06a4077ba19e14f38ce1a4d10a79185ebab309493964a7c5f49f8f4
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
244ea43b9ca8771927bf05a2d967dda6b34d8352d371bd74349debdbf7263ce7
24d326a63f65ba62a9abd555bb74bc27cba9728587aa54799576b269ae01b0a9
25eac7e83b8d2c9110241c740d45b0d8fd0f173b7af0ee374b1a5e946836bbf2
2616588cd7d480d6031dafcfffbae7a42900f99ee11d9cc5707bb6e7854a2209
27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308
2a7a5a103d7d2d395f95fabbcbce1e975df8fee2226795a2a9880d99a3cf6cbe
2c8ba61c1686f0aa4a9412811963fbf4fbf450a763c1270597f3e4b20a928ee6
2d02b050af817214ae10e6665ac1e5e338c3ea2b6ae3ecdbecf3a51ab8c749dc
2d3cb8f669b21810198c94f19e3de346f316ad15ffff945478c90e2a97927ca1
2d407bdd921e62d279604559aa8047d78e9d3fe4d84b6dbc2b533de82956a923
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f3586a63eb6c67c7ef87bf9cb57329beb0369475d0fc358929a5bce3ec59435
30816e31ffdc210f8c348ea52efe08cc03cc39af753c32a5364cac7811049075
3132301dc592e8da70bf9610f82402f8454566e2d5a7d4692d667d3072e966a7
317fdfb7207748fec01b86d1c8c692761d659e9dcfa1db5ca0a049bd1b87021a
31e420b79e7760a7860ed2fb595c4f11b498559791571fed7eb22be20c7fa5e3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33890fe8908cf63bffe808e7b65109aaa7821440231a1f010136611f3e07e404
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
357ee57c2e9ed9defdcb777b66b63c01e10adbc9bafabea146907c0730164a14
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38c6ddec9970201f800be7da722d9ca288deeec0be9f2c166b354fc8c8fd4e73
38c9e8d2dfaf439f732463b5ae80c7d5da32bd8594172a56041794f080b2a3bc
3992ecf5d1f73edc95c24941555a81c2c180c6f23dfb721133f76a2a6ebc4443
39a718e0eff2189a108e599e5611d137a3a0475257f1570f8b552d01f3c4a2f0
39ee5aef42b49b8a48d418da74bb95f7a4b2dd19557bbb148d2b689477f3cb65
3d2e79c55413aacf15af67146781cfb24e009f2482e0b9c72051456aa6023f7e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f729eb23b2d844faa452fbf5b1707052cbcd5506165f90342ff1357abdd3cc8
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
415e3ca720eababe99d9ce11bf8b3b7b3db36edaa56a3802865bb817d237032f
42be1fca44c3cc4dc0d6d446f7ea798b50de25be64dcd7b925487255a3b87389
42e2b25863e98bef95b3d5568c81bb80b49af5c00d05314da0b98e04a2f16f90
43850c2b40191275529727b03a98e85f11ee0be4ee8c5bf048ff1b978166f452
43a510582ccf92750e1f2c580566c9b96faa380f36d0d666c23b3c9ef66e3fb8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4905a742ec40bb99e91d6877bae12d79284ba3e1e8a42399f7bb2c3781fd3ae6
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49605dfc53b07f87b6a38d8fca28668f107d02cac8e1c9bbf5423dfbe0661cbc
4a559d469044f4ea0ce0402f5dc44dbe192f28f749f9d7a310b26f8316e5d839
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d7a59d0d0e6fd0ec79c8b79b728d93883f5076332cfc18a53439d944cfa6f1f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8469b77e344808b46ef00f98c52374856040f16fdc1a615bb69312f636536f
4fec22991698cdc21cfb1dd9edcea1d62830321cb4c0a75f0f30f9e1f9182b3f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5057f7beaa08450682a5418bdce93e9783bd704527406843fb019ea0a52778d4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d0796560defd4fc826ca97cd679a61b2378eca7227e56f11b693cdc1f20b41
5525e0d6f3cd7ec5a0be64d91501ffda2db89a2ffb52895479a9ae4aebad158c
55fee199fa5c142d545101d62201c4a84550b141582d0bf04d0e626beef9a585
59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34
5bd863d97c53024744cb323584e330e94736888df6de373a747db158c82255a3
5c30690361a587e4d3ac8b409c48cb1a891f750c96a2743b3bfce9df3af3b7cf
5f28d48a62ead10aeecc59f81e935a850563534948efc6b4a1a89220663c8e1f
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5fa0ee43e8468bfee1c149d149658578c07601a99b2711430cf723f945e360d8
603e88a690c49d42ecfd23639743414ef2f4fa059284a1794acbce524d9c21ca
6040a87675b04e68d0cacbeec7f38b65b9a498a9ce42583c2c17c9223638fc9e
604d02a10c9e776c28d7a9631a306927de98251b72736b5bd8b2284df63c63aa
60b5dbc4c5cd2d8d94c2de2f7fe5534af63d0e42bc08ea09325bd535e1b82187
60da6fd4d0f56f671a0e70e5a2d0a854f6eb1de2df29493e6ee6be6d6c3fd049
627ef64d085bfff7b6d1bd7bbbbd33920f99ce7ba785676c7722c42632ca3295
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
651711f6abcfeab5fa45353f8c3821f0803c9bd6dc22d47b8480b07c92c9c24f
65e790504ef6e2cb810cdec8cb4321334a06eaf039e837684fffd2b1abad72ec
66b71e3581a5415642fd118f1811ee1a0f1ccddac17f957ca1f64f21c994040c
66fe80ef794ce93cc18c5cc78c8fe712fa568a76115c685cb35752c6c4cb4a25
672972c4d455956a3c33de51dc55806fc15d62a9f62f0fde4e5aa671e2fa5a60
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
688787521ed7834cc36e290802e240d5003d419188c265ad7b50e4e2e9128bd9
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6fe31c763602d19c9c07432fa049c3749f79c6627886a45b0a280fbd439ba3cf
725d3cf3ccf8cd7932e3b8e6b7f60bec862e305e156cc22fa6100a95e6720442
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
76f654706d1dc39a7476acd7324638364ae13622c52b461597060df2cd38791f
78520fa66920dba260b65c345aa7da01404e4abed0efad8c182b1675e50f681b
790202af828a494884d4335d474b85ccf0f34c16ac656d54289ce832b1a69aa2
7c55c01e80617b48b3b68d47aadd066fb3ca414268ca1cbaaf4073848a3c3600
7d12680bfc77396330439d134956e2f0c67c5ef889ad0b9396e5e22bba81dfdb
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82206394f3ff0aeeaaddb4467236f73f00665ea883df27cc1e0e95ce91a7e738
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850420a74b035447dcf888c73803e7588d07aa16c80c3ee326c7c575186bd001
86f03c3da6ffbfd6bb12fe06875f0316c03e5445422aa9dcde2994c8fd1955f8
894694eee28fc463a83875d519e70afaf5f40ac7c042d6114c4ee86d156b4067
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94c9a3f553bf65b055372b7246bd009485abbdffca4e2e211fe5cbe4d64dc674
951387c2947c11be22e28c446f00d8ee504487a6481aeacd5c50cf8e58521e71
9597860d23d61f092be7543c5714d0e1dbf18eae058a76c76da64285392b8eb8
96ce0dd8cf4404f3862134d3df5cb45a8a247cf9e26649b467da3f79caebe08d
97f2a7de8ee34ba39b204787cb7186545101c11acd513323ab02339b8154a0f9
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a486c5b0eccd4cec8efef076b029f2730d1994158d55c320a9505c451aef405
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9dd68313c038b89e639e474eba420a35e718f7cb459e8285d7cc6bc67b3dc969
9f8d654fb20921c6b840169faa41d5d9ec300d10c458a07118e86204711b089a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2cf5e546a2d6c8aeeba1c9e5e12d7d2ead31a0f403fb095b0415e153704a229
a2d1be88bb13a44fbe5f69ba8829764f1257120aea25adcdd991c952e2a746a7
a33c61f06323e15f6e6b0c6e454c0a7e04f0f3959322f8428324e154107d99d3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e9ac71292371502e5914a46c2bf01717fd4175ccdc65c9a323c47898b10805
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7893b347476acdc54088886b51d4a623d22106078aba68ecbef90d1dce53002
a9f62c3875012662294f9653e4116e7ccb9b612202d6b43248e11cc39ad07893
aab475e61325aa8b10d5fc1127dc89c6562731d9a0dbd32db36b85a5e792ced5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acebc7dceb36716515bdc0518948a6a342a80d9f0bb87b88f757964685df53b8
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
af336d8d11cf599464400feea639b946743f4289c440c2aa9b95553a311e7db4
af519e8dc403523c3eae4761e1266ccde896aca39668ca1e1e8b2486e4d70072
af7376b950b12eeffbfce696af97d41511b634a896a2dd54b9998cc94b8cac30
b0a826fa53a52c446352d13c02654eff897691e910dbf3a3d79b44757fd37fea
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b251e71f1986d056ac51fcdbc492a97fd915695dfaf4ca8a21670829ea9dfe62
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b7f043d52c2c97c508e9d50db99b4a1704630ea86c49a44f332c0679844d7118
ba200cf72b5ade38d1f2946ae19a31a7371a2fe1fa91cb86cc34ff14bb47c41b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb30148d9df7671c14f2cd5be91e6b7a1488932efb740a80b66f39052744c168
bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27
bd87ed324287f359191bfc2bd4d8488b8e590831bdd80982369d8fa17bd2aaab
be002b6bc7cd8b9043f09bcc3ddd290611ffa9f39e1923789414390a89e6c0a7
bee022a4099fdb924d19ba7cdd46c87f30d360ccf955a7fdcb45f8f83ddf4b2b
bef73ca5e4d62343d99500ef1afde77965ea36179554c58c84fda1919652695f
c0253e32147ab36452c5315d63f6d597677dbd705b475e11c910147b966302c5
c1dcb416fb164490c44006b6ebe496378e233ca5dc0e02db0c032db5a79475cb
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4f8404b2bf35e9a5ad44252d596bca4e2338cf2b5291ad95fb83ab355957633
c53ea495e43386054567a488d1e6e03f8b93b0bfb4cd85602212df7bf182a7ea
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c79a2c14a550c57bee69ab8b5368c2ee48e1731fb00e865605915e52d628923b
c7b9d2e0bf9b34b7385654845e96d03e7f4f405797265b09dadef996cd44deef
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
cd8e48c72dc24022cd0886ccfb998f4a2b7aebf8a6722ced5c667e0be677a1a2
cdeae921fcde0c68b7d0a91389bd7fe431306edc7c9e14b7e88b42faefab2294
ce19ac98719e97db5c6aed20ae1cde9aa36d3488791b4741d20857c14d1b0f2e
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d04fe3e6d57be524334f1688f690be20fb65e09d806c549e1f78aa8d3f7dbae7
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d216b8da34933ed1ba140eccb7345ec388e9200b635dec8dd917e21834f35c4b
d3759299ce00e3bac2782faf02d6f1962e5c88b04e9682224f5852d0c86b6480
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
ded94c8116574205c09c29b6cfe362eb00915e99edefab4394ccc31ab5a16645
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfabc341977d7f52ed12313da059cf08360d1c8849bc171dd0bdb8ba03621ce9
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a
e1d414ea56b919d1d5a25b1ad89ee022d612143b109336c5e3fde32552c4106a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44a3299ba58c9814bb00756670a0f4225cd5d901760c2493544b466e76d16e2
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6121b59aee99bb40de63990b431eb550a31974eaf5fa7273018fe2625a70e2d
e6462d923a5debc7d62c87102ceee55a4614dbdf691c6cea386d787c1ad89b9e
ea08f114219e1ad0e9a72a61a539af7550d48c378d2da24a366d6dc4e15ff06f
ea1cfd571a8a54e0496800e9c5d805a7ee9c78228193caf41ab67968b6c0c5f0
ea238d0b573c623abee111eacb67e78bbf4dd5b8adba0ddbf78f4ff8bae18695
ecba785818813feb349899c96f7e0374a8c3ae0d6645212be693cc5038882b69
edd2f93755783a08973e2e75c95b4117e74da10b0fc4f703b15bf9d3d0b24ec3
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee2038ee4b5d1b0ad0d699a90b605cbc7aebc8b18f62a12b6596a067241ad42b
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eee957c5d825eda11589f1a9997e1667014d36024ce13bce5e459b4b7bf363ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
ef82780db9c1504ff3b0cc407b6ba0121b39a2bd91bc6141e9ce7dc4949b9731
eff6028887250d632c1904a04376408914d02f595fbbb13794016b7222097e58
f094bc5d6439748693f62562750c1b28628511866d4896efc7ab060530909f7a
f249249d612d4781c1d8ced6e0f2dc2ac499397b0251faf14dbad9c1e13bab7c
f4212a3a9c2f84a1679a9af422d53a6b1309ff0f7a8334e928c61ea227329015
f478c7f49abdb8d02192ac091b7115617cc34a3d706b37efb783d569f88167f7
f51085abacdfe30b17a99a5808be67e7b00136ab4fc9b325d8507006fee640ba
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f7de41505f538a780e622b29b7b8a837d9fd168b430a629b33fc90c87961f89e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8710f3e085163a30204fec0d0f2ef7e0c662bdc6fd0e6493ad540190e5b57c5
f996a7ca050f86c363c12a5f8cb5844ce5f273a2e36ab2c7273ef89b7742476d
f99a6ffd2dcf6455fe550f5a7d289fe6d8bb31822a91941b051754283db0cb85
faac2de7e1650bdd305063be534554ad6fe7061872597b7e100e7436ff172f1b
faf9d8a0aaad67f389822224a487c77856849cbb97d4d5b37527f72fb676cf0e
fb842642e425e5e5f6dc2081cb23fd9b0358b7486a37c0bd42b64bb9734dc9e4
fe9b3c40f08efa611a6393dd42f8cf68a2c0814e5e1c56b3ba204624e6bd2a7f
feff002b4629c956b4b0c7660893af3c651e75a850e8c33415e80ec431f80fe6