rufuswindows.top Open in urlscan Pro
89.208.103.174 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rufuswindows.top/
Submission Tags: @phishunt_io
Submission: On January 25 via api (January 25th 2023, 7:47:14 am UTC) from DE — Scanned from DE

Summary HTTP 129 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 53 IPs in 6 countries across 45 domains to perform 129 HTTP transactions. The main IP is 89.208.103.174, located in Frankfurt am Main, Germany and belongs to AEZA-AS, RU. The main domain is rufuswindows.top.
TLS certificate: Issued by R3 on January 24th 2023. Valid for: 3 months.

This is the only time rufuswindows.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	89.208.103.174 89.208.103.174	210644 (AEZA-AS) (AEZA-AS)
4	13.227.219.52 13.227.219.52	16509 (AMAZON-02) (AMAZON-02)
29	3.124.119.57 3.124.119.57	16509 (AMAZON-02) (AMAZON-02)
1	52.222.139.97 52.222.139.97	16509 (AMAZON-02) (AMAZON-02)
3	18.66.15.88 18.66.15.88	16509 (AMAZON-02) (AMAZON-02)
1	23.199.214.41 23.199.214.41	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6812:116b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.199.4.33 152.199.4.33	15133 (EDGECAST) (EDGECAST)
1	23.203.125.44 23.203.125.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:230... 2600:9000:2304:5600:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:21c... 2600:9000:21c7:e000:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
1	18.203.36.235 18.203.36.235	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b150:45ed:3b73:d151:5773	14618 (AMAZON-AES) (AMAZON-AES)
1	18.207.63.238 18.207.63.238	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
2	2a04:4e42:41::84 2a04:4e42:41::84	54113 (FASTLY) (FASTLY)
4	2.23.97.99 2.23.97.99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	162.159.152.17 162.159.152.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.203.125.62 23.203.125.62	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.227.222.181 13.227.222.181	16509 (AMAZON-02) (AMAZON-02)
1	104.16.89.50 104.16.89.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	52.222.139.45 52.222.139.45	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21c... 2600:9000:21c7:9e00:a:b27c:d040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	65.9.86.252 65.9.86.252	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
1	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	3.220.15.152 3.220.15.152	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
2	66.225.223.127 66.225.223.127	3949 (NTTA-3946) (NTTA-3946)
3	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2 5	3.229.71.248 3.229.71.248	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:206... 2600:9000:206f:1200:0:cc59:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
5	23.62.220.203 23.62.220.203	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 3	35.212.133.238 35.212.133.238	15169 (GOOGLE) (GOOGLE)
1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
2 2	34.254.165.240 34.254.165.240	16509 (AMAZON-02) (AMAZON-02)
2 3	23.203.125.189 23.203.125.189	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	64.202.112.31 64.202.112.31	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2600:1f18:ed:... 2600:1f18:ed:550a:9dcf:c5fe:8372:efac	14618 (AMAZON-AES) (AMAZON-AES)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
129	53

1 89.208.103.174 (Frankfurt am Main, Germany)

ASN210644 (AEZA-AS, RU)
PTR: even-scissors.aeza.network

rufuswindows.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.227.219.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-52.ams54.r.cloudfront.net

ca-times.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 3.124.119.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com

activate.platform.californiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-97.ams50.r.cloudfront.net

ssor.platform.californiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.15.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-88.vie50.r.cloudfront.net

libs.platform.californiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.199.214.41 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-214-41.deploy.static.akamaitechnologies.com

micro.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:116b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:af (United States)

ASN13335 (CLOUDFLARENET, US)

68547f8f-2fd8-4ff3-9b63-51e86e2edee8.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.4.33 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.125.44 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-44.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:5600:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21c7:e000:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.36.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-36-235.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b150:45ed:3b73:d151:5773 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.207.63.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-63-238.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:41::84 (Vienna, Austria)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.23.97.99 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-97-99.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.125.62 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-62.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.222.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-222-181.ams54.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.89.50 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.embed.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.139.45 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-45.ams50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21c7:9e00:a:b27c:d040:93a1 (United States)

ASN16509 (AMAZON-02, US)

ext.chtbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.86.252 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-252.ams1.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.15.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-15-152.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.225.223.127 (Sacramento, United States)

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.229.71.248 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-71-248.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:1200:0:cc59:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

web.chtbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.62.220.203 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-220-203.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.212.133.238 (The Dalles, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 238.133.212.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.165.240 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-165-240.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.203.125.189 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-189.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.31 (United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550a:9dcf:c5fe:8372:efac (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	californiatimes.com activate.platform.californiatimes.com — Cisco Umbrella Rank: 37680 ssor.platform.californiatimes.com — Cisco Umbrella Rank: 42807 libs.platform.californiatimes.com — Cisco Umbrella Rank: 42608	162 KB
10	liadm.com 3 redirects b-code.liadm.com — Cisco Umbrella Rank: 2563 rp.liadm.com — Cisco Umbrella Rank: 1491 rp4.liadm.com — Cisco Umbrella Rank: 7053 i.liadm.com — Cisco Umbrella Rank: 584 i6.liadm.com — Cisco Umbrella Rank: 1784	20 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 779	3 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 791	103 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	263 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	160 KB
4	brightspotcdn.com ca-times.brightspotcdn.com — Cisco Umbrella Rank: 24214	354 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 352	12 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 276	2 KB
3	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 984	1 KB
3	chtbl.com ext.chtbl.com — Cisco Umbrella Rank: 16485 web.chtbl.com — Cisco Umbrella Rank: 15870	5 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 158	774 B
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1412 insight.adsrvr.org — Cisco Umbrella Rank: 622 match.adsrvr.org — Cisco Umbrella Rank: 301	3 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2544 tr.outbrain.com — Cisco Umbrella Rank: 2393	7 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 22 region1.google-analytics.com — Cisco Umbrella Rank: 2439	22 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 515	1 KB
2	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 1357	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 201	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	216 B
2	taboola.com trc.taboola.com — Cisco Umbrella Rank: 641	452 B
2	quora.com a.quora.com — Cisco Umbrella Rank: 7223 q.quora.com — Cisco Umbrella Rank: 3138	15 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 153	136 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 715	20 KB
2	google.de ampcid.google.de — Cisco Umbrella Rank: 63868 www.google.de — Cisco Umbrella Rank: 5983	1010 B
2	google.com ampcid.google.com — Cisco Umbrella Rank: 2189 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1365	132 KB
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 516	778 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1028	641 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 453	675 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 618	393 B
1	t.co t.co — Cisco Umbrella Rank: 542	378 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1539	157 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 951	13 KB
1	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 6005	10 KB
1	embed.ly cdn.embed.ly — Cisco Umbrella Rank: 16913	14 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1403	8 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 621	15 KB
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1032	539 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1447	11 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3101	148 KB
1	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 1096	31 KB
1	permutive.app 68547f8f-2fd8-4ff3-9b63-51e86e2edee8.edge.permutive.app — Cisco Umbrella Rank: 46986	107 KB
1	rubiconproject.com micro.rubiconproject.com — Cisco Umbrella Rank: 2808	104 KB
1	rufuswindows.top rufuswindows.top	41 KB
0	latimes.com Failed edge.platform.latimes.com Failed
129	45

	Domain	Requested by
29	activate.platform.californiatimes.com	rufuswindows.top activate.platform.californiatimes.com
5	ct.pinterest.com	activate.platform.californiatimes.com
5	i.liadm.com	2 redirects activate.platform.californiatimes.com i.liadm.com
4	analytics.tiktok.com	activate.platform.californiatimes.com
4	www.googletagmanager.com	activate.platform.californiatimes.com
4	ca-times.brightspotcdn.com	rufuswindows.top ca-times.brightspotcdn.com
3	bat.bing.com	activate.platform.californiatimes.com
3	x.bidswitch.net	3 redirects
3	tr.snapchat.com	activate.platform.californiatimes.com
3	sb.scorecardresearch.com	1 redirects
3	securepubads.g.doubleclick.net	rufuswindows.top securepubads.g.doubleclick.net
3	libs.platform.californiatimes.com	rufuswindows.top
2	b1sync.zemanta.com	2 redirects
2	x.dlx.addthis.com	1 redirects i.liadm.com
2	dpm.demdex.net	2 redirects
2	www.facebook.com
2	web.chtbl.com	activate.platform.californiatimes.com
2	tr.outbrain.com	activate.platform.californiatimes.com
2	trc.taboola.com	i.liadm.com
2	connect.facebook.net	activate.platform.californiatimes.com
2	s.pinimg.com	activate.platform.californiatimes.com
2	www.google-analytics.com	activate.platform.californiatimes.com
2	b-code.liadm.com	activate.platform.californiatimes.com
2	cdn.confiant-integrations.net	rufuswindows.top cdn.confiant-integrations.net
1	i6.liadm.com	i.liadm.com
1	stags.bluekai.com	1 redirects
1	odr.mookie1.com	i.liadm.com
1	match.adsrvr.org	i.liadm.com
1	sync.mathtag.com	1 redirects
1	www.google.de
1	www.google.com
1	googleads.g.doubleclick.net	activate.platform.californiatimes.com
1	q.quora.com
1	analytics.twitter.com
1	t.co
1	insight.adsrvr.org	activate.platform.californiatimes.com
1	alb.reddit.com
1	sc-static.net	activate.platform.californiatimes.com
1	assets.revcontent.com	activate.platform.californiatimes.com
1	ext.chtbl.com	activate.platform.californiatimes.com
1	cdn.embed.ly
1	js.adsrvr.org	activate.platform.californiatimes.com
1	amplify.outbrain.com	activate.platform.californiatimes.com
1	a.quora.com	activate.platform.californiatimes.com
1	www.redditstatic.com	activate.platform.californiatimes.com
1	static.ads-twitter.com	activate.platform.californiatimes.com
1	ampcid.google.de	activate.platform.californiatimes.com
1	ampcid.google.com	activate.platform.californiatimes.com
1	region1.google-analytics.com	activate.platform.californiatimes.com
1	rp4.liadm.com	rufuswindows.top
1	rp.liadm.com	1 redirects
1	jadserve.postrelease.com	activate.platform.californiatimes.com
1	static.chartbeat.com	activate.platform.californiatimes.com
1	s.ntv.io	activate.platform.californiatimes.com
1	ajax.aspnetcdn.com	activate.platform.californiatimes.com
1	68547f8f-2fd8-4ff3-9b63-51e86e2edee8.edge.permutive.app	rufuswindows.top
1	micro.rubiconproject.com	rufuswindows.top
1	ssor.platform.californiatimes.com	rufuswindows.top
1	rufuswindows.top
0	edge.platform.latimes.com Failed	libs.platform.californiatimes.com activate.platform.californiatimes.com
129	60

This site contains links to these domains. Also see Links.

Domain
membership.latimes.com
enewspaper.latimes.com
nantmedia.wd5.myworkdayjobs.com
store.latimes.com
apps.apple.com
play.google.com
placeanad.latimes.com
classifieds.latimes.com
peopleonthemove.latimes.com
jobs.latimes.com
marketplace.latimes.com
mediakit.latimes.com
www.linkedin.com
articles.latimes.com
www.google.com
latimesblogs.latimes.com
www.instagram.com
www.youtube.com
www.latimeswine.com

Subject Issuer	Validity	Valid
rufuswindows.top R3	`2023-01-24` - `2023-04-24`	3 months	crt.sh
cdn.ca-times.psdops.com Amazon	`2022-08-18` - `2023-09-16`	a year	crt.sh
activate.platform.californiatimes.com Go Daddy Secure Certificate Authority - G2	`2022-07-28` - `2023-08-29`	a year	crt.sh
ssor.platform.californiatimes.com Amazon	`2022-03-18` - `2023-04-16`	a year	crt.sh
*.platform.californiatimes.com Amazon	`2022-04-18` - `2023-05-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.confiant-integrations.net E1	`2022-11-24` - `2023-02-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2023-01-11` - `2023-04-10`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-24` - `2023-10-26`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.liadm.com Amazon	`2023-01-01` - `2024-01-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.postrelease.com Amazon	`2023-01-18` - `2024-02-16`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2022-12-15` - `2024-01-15`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-15`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-03` - `2023-02-01`	3 months	crt.sh
quora.com R3	`2022-11-13` - `2023-02-11`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.embed.ly Sectigo RSA Domain Validation Secure Server CA	`2022-12-06` - `2023-12-06`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
ext.chtbl.com Amazon	`2022-11-24` - `2023-12-22`	a year	crt.sh
assets.revcontent.com R3	`2023-01-12` - `2023-04-12`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-14`	6 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.quora.com R3	`2023-01-15` - `2023-04-15`	3 months	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
web.chtbl.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh

This page contains 5 frames:

Primary Page: https://rufuswindows.top/
Frame ID: 157FE55C14BB815CA52ACE6C20C7605B
Requests: 117 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=uakr1sk&ref=https%3A%2F%2Frufuswindows.top%2F&upid=swei7dz&upv=1.1.0
Frame ID: 58F68E281814B55BFCFD1961D98AC0DC
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=dbe625aa-7ced-4e1d-8918-88782123af97&u_scsid=08f2987b-bc25-4829-9245-e1546984823b&u_sclid=acf4ccdb-6b65-4f55-9413-39a495a3d83b
Frame ID: D0A1692DBA8C9A5673C532F971F3182F
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-06u7?s=&cim=&ps=true&ls=true&duid=6d08b1d759e3--01gqkya3g30tpv3hkp8dm9ksdf&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1YNY&
Frame ID: A00CEA24BB25C84C8805BCEC045D3A4B
Requests: 8 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 84BABEF36EC28407E1AFDAEFE96A0470
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Review: Rufus Wainwright at the Orpheum - Los Angeles Times

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

129
Requests

83 %
HTTPS

42 %
IPv6

45
Domains

60
Subdomains

53
IPs

6
Countries

1922 kB
Transfer

5783 kB
Size

53
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://membership.latimes.com/newsletters/?_ga=2.251099398.1896328230.1613286933-114874840.1613286932
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://enewspaper.latimes.com/desktop/latimes/default.aspx?pubid=50435180-e58e-48b5-8e0c-236bf740270e
Title: eNewspaper

Search URL Search Domain Scan URL

URL: https://nantmedia.wd5.myworkdayjobs.com/LATimesCareers
Title: L.A. Times Careers

Search URL Search Domain Scan URL

URL: https://store.latimes.com/?utm_source=latimes&utm_medium=homepage&utm_campaign=homepage_subnav
Title: L.A. Times Store

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/la-times/id373238146
Title: News App: Apple IOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.apptivateme.next.la&hl=en_US
Title: News App: Google Play

Search URL Search Domain Scan URL

URL: https://placeanad.latimes.com/
Title: Advertising

Search URL Search Domain Scan URL

URL: https://classifieds.latimes.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://peopleonthemove.latimes.com/
Title: People on the Move

Search URL Search Domain Scan URL

URL: https://jobs.latimes.com/
Title: Find/Post Jobs

Search URL Search Domain Scan URL

URL: https://marketplace.latimes.com/
Title: Local Ads Marketplace

Search URL Search Domain Scan URL

URL: https://mediakit.latimes.com/
Title: Media Kit: Why the L.A. Times?

Search URL Search Domain Scan URL

URL: https://marketplace.latimes.com/places/types:23
Title: Hot Property Sections

Search URL Search Domain Scan URL

URL: https://placeanad.latimes.com/open-house
Title: Place an Open House

Search URL Search Domain Scan URL

URL: https://marketplace.latimes.com/places/categories:43
Title: Sotheby’s International Realty

Search URL Search Domain Scan URL

URL: https://store.latimes.com/?utm_source=latimes&utm_medium=homepage&utm_campaign=homepage_nav
Title: L.A. Times Store

Search URL Search Domain Scan URL

URL: https://membership.latimes.com/
Title: Manage Subscription

Search URL Search Domain Scan URL

URL: https://membership.latimes.com/billing-info
Title: EZPAY

Search URL Search Domain Scan URL

URL: https://membership.latimes.com/subscription-info
Title: Delivery Issue

Search URL Search Domain Scan URL

URL: https://enewspaper.latimes.com/
Title: eNewspaper

Search URL Search Domain Scan URL

URL: https://membership.latimes.com/privacy-settings
Title: Do Not Sell or Share My Personal Information

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fwww.latimes.com%2Farchives%2Fblogs%2Fpop-hiss%2Fstory%2F2012-05-14%2Freview-rufus-wainwright-at-the-orpheum&mini=true&title=Review%3A%20Rufus%20Wainwright%20at%20the%20Orpheum&summary=This%20article%20was%20originally%20on%20a%20blog%20post%20platform%20and%20may%20be%20missing%20photos%2C%20graphics%20or%20links.%20&source=Los%20Angeles%20Times
Title: LinkedIn

Search URL Search Domain Scan URL

URL: http://articles.latimes.com/2010/jul/11/entertainment/la-ca-rufus-wainwright-20100711
Title: Opera is Rufus Wainwright’s ‘main squeeze’

Search URL Search Domain Scan URL

URL: http://www.google.com/url?sa=t&rct=j&q=la%20times%20rufus%20wainwright&source=web&cd=1&ved=0CFoQFjAA&url=http%3A%2F%2Flatimesblogs.latimes.com%2Fmusic_blog%2F2012%2F05%2Falbum-review-rufus-wainwrights-out-of-the-game.html&ei=6bOwT8TaEMGmiQKU0PHiAw&usg=AFQjCNHtQPJo61A3idFMbCFbnRjsBlPuxA&cad=rja
Title: Album review: Rufus Wainwright’s ‘Out of the Game’

Search URL Search Domain Scan URL

URL: http://latimesblogs.latimes.com/music_blog/2012/05/live-nick-waterhouse-at-center-for-the-arts-eagle-rock.html
Title: Live: Nick Waterhouse at Center for the Arts Eagle Rock

Search URL Search Domain Scan URL

URL: https://www.instagram.com/latimes_entertainment/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.instagram.com/latimes/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/losangelestimes
Title: YouTube

Search URL Search Domain Scan URL

URL: https://store.latimes.com/
Title: L.A. Times Store

Search URL Search Domain Scan URL

URL: https://www.latimeswine.com/club
Title: Wine Club

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://rp.liadm.com/j?dtstmp=1674632826494&aid=a-06u7&se=e30&duid=6d08b1d759e3--01gqkya3g30tpv3hkp8dm9ksdf&tna=v2.6.0&pu=https%3A%2F%2Frufuswindows.top%2F&us_privacy=1YNY&wpn=lc-bundle&c=PHRpdGxlPlJldmlldzogUnVmdXMgV2FpbndyaWdodCBhdCB0aGUgT3JwaGV1bSAtIExvcyBBbmdlbGVzIFRpbWVzPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVGhpcyBhcnRpY2xlIHdhcyBvcmlnaW5hbGx5IG9uIGEgYmxvZyBwb3N0IHBsYXRmb3JtIGFuZCBtYXkgYmUgbWlzc2luZyBwaG90b3MsIGdyYXBoaWNzIG9yIGxpbmtzLiI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LmxhdGltZXMuY29tL2FyY2hpdmVzL2Jsb2dzL3BvcC1oaXNzL3N0b3J5LzIwMTItMDUtMTQvcmV2aWV3LXJ1ZnVzLXdhaW53cmlnaHQtYXQtdGhlLW9ycGhldW0iPjxoMSBjbGFzcz0iaGVhZGxpbmUiPiBSZXZpZXc6IFJ1ZnVzIFdhaW53cmlnaHQgYXQgdGhlIE9ycGhldW0gPC9oMT4 HTTP 302
https://rp4.liadm.com/j?dtstmp=1674632826494&aid=a-06u7&se=e30&duid=6d08b1d759e3--01gqkya3g30tpv3hkp8dm9ksdf&tna=v2.6.0&pu=https%3A%2F%2Frufuswindows.top%2F&us_privacy=1YNY&wpn=lc-bundle&c=PHRpdGxlPlJldmlldzogUnVmdXMgV2FpbndyaWdodCBhdCB0aGUgT3JwaGV1bSAtIExvcyBBbmdlbGVzIFRpbWVzPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVGhpcyBhcnRpY2xlIHdhcyBvcmlnaW5hbGx5IG9uIGEgYmxvZyBwb3N0IHBsYXRmb3JtIGFuZCBtYXkgYmUgbWlzc2luZyBwaG90b3MsIGdyYXBoaWNzIG9yIGxpbmtzLiI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LmxhdGltZXMuY29tL2FyY2hpdmVzL2Jsb2dzL3BvcC1oaXNzL3N0b3J5LzIwMTItMDUtMTQvcmV2aWV3LXJ1ZnVzLXdhaW53cmlnaHQtYXQtdGhlLW9ycGhldW0iPjxoMSBjbGFzcz0iaGVhZGxpbmUiPiBSZXZpZXc6IFJ1ZnVzIFdhaW53cmlnaHQgYXQgdGhlIE9ycGhldW0gPC9oMT4&i6=MmEwMTo0YTA6MTMzODo5Mjo6Ng%3D%3D&n3pc=true

Request Chain 82

https://sb.scorecardresearch.com/c2/6036462/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 112

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https://i.liadm.com/s/e/a-06u7/0/7725e628c94c49c58e25abfd796aabe2?mpid%3D7156%26muid%3D%5BMM_UUID%5D&e920046c-1783-4b49-9204-c22dcc6d63db&us_privacy=1YNY HTTP 302
https://i.liadm.com/s/e/a-06u7/0/7725e628c94c49c58e25abfd796aabe2?mpid=7156&muid=26d863d0-de7c-4300-9c7f-5e193f1c5c05

Request Chain 114

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=e920046c-1783-4b49-9204-c22dcc6d63db&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1YNY HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=e920046c-1783-4b49-9204-c22dcc6d63db&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1YNY HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=b7540a16-0123-4255-a040-42ad95c37ea6 HTTP 303
https://x.bidswitch.net/sync?ssp=liveintent&user_id=e920046c-1783-4b49-9204-c22dcc6d63db HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=b7540a16-0123-4255-a040-42ad95c37ea6&ssp=liveintent&gdpr=&gdpr_consent=

Request Chain 115

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=e920046c-1783-4b49-9204-c22dcc6d63db&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-06u7%2F0%2F7725e628c94c49c58e25abfd796aabe2%3Fmpid=82775&muid=$%7BDD_UUID%7D?us_privacy=1YNY HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=e920046c-1783-4b49-9204-c22dcc6d63db&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-06u7%2F0%2F7725e628c94c49c58e25abfd796aabe2%3Fmpid=82775&muid=$%7BDD_UUID%7D HTTP 302
https://i.liadm.com/s/e/a-06u7/0/7725e628c94c49c58e25abfd796aabe2?mpid=82775

Request Chain 116

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=e920046c-1783-4b49-9204-c22dcc6d63db&us_privacy=1YNY HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=e920046c-1783-4b49-9204-c22dcc6d63db&us_privacy=1YNY&rd=Y

Request Chain 118

https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__&us_privacy=1YNY HTTP 302
https://stags.bluekai.com/site/23178?id=1fwLaiuB8pL8okh8Frw6&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DF4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBSGU2CMYTJMRSGK4S7OV2WSZB5GFTHOTDBNF2UEODQJQ4G623IHBDHE5ZWEZSXQY3IMFXGOZJ5NRUXMZLJNZ2GK3TUEZ2XGX3QOJUXMYLDPE6TCWKOLE&us_privacy=1YNY HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=F4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBSGU2CMYTJMRSGK4S7OV2WSZB5GFTHOTDBNF2UEODQJQ4G623IHBDHE5ZWEZSXQY3IMFXGOZJ5NRUXMZLJNZ2GK3TUEZ2XGX3QOJUXMYLDPE6TCWKOLE HTTP 302
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=1fwLaiuB8pL8okh8Frw6&us_privacy=1YNY HTTP 303
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=1fwLaiuB8pL8okh8Frw6&us_privacy=1YNY&us_privacy=1YNY

129 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rufuswindows.top/ 175 KB
41 KB 285ms
79ms Document
text/html 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rufuswindows.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

57e91fbfd505ebb6d87e966ae361a966d0bd4373511af8a30ddb8520bb00f74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 41769
content-type: text/html; charset=UTF-8
date: Wed, 25 Jan 2023 07:47:05 GMT
server: nginx
strict-transport-security: max-age=15768000;
vary: Accept-Encoding

GET
H2 200 styles-creative.min.88ab2d6e69b97714b03428f6057cc383.css
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/ 161 KB
162 KB 199ms
56ms Stylesheet
text/css 13.227.219.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/styles-creative.min.88ab2d6e69b97714b03428f6057cc383.css
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-52.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48b1ab2218918913e92bb76ce38614fdc7b8a0e2ce7c3810332f7acd6ae6e4f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:11:09 GMT
x-amz-version-id: ftlaXxJjvFNPOXQJwsI2txb0y_6x8092
via: 1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 959756
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 164998
last-modified: Wed, 11 Jan 2023 21:03:45 GMT
server: AmazonS3
etag: "63e885c6b0038206967b3a5a28da6c19"
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ZjP9Qdeh5l8Hv_TgiakrujBNytWD1_9kahagAGXOVkhm94zRaMfIkw==

GET
H2 200 Bootstrap.js Show response
activate.platform.californiatimes.com/caltimes/latimes/ 347 KB
75 KB 341ms
83ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 35f36c1f3089028b9138168895550d14c0e81c360f9bd8ee0dfa13d7c76f127a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:05 GMT
x-amz-version-id: SvImVQxpZex5O4_s9h2r9EuQqH4Toa8X
content-encoding: br
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 19175
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 25 Jan 2023 02:27:03 GMT
server: nginx
etag: W/"a30ce0ebfed014dccea160eaf81a7dd6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: SiYD9-NVM3VTBgmEVlrar_mbCa8SMc_8szxnXIjFqH9MraM27X-h3g==

GET
H2 200 Core.min.bb086e55a7d55bc787901445a855b450.js Show response
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/ 186 KB
187 KB 287ms
145ms Script
text/javascript 13.227.219.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/Core.min.bb086e55a7d55bc787901445a855b450.js
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-52.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62879c942f0c1228880805420363bd4c3907b9a7494a9bba7a03bf358ca0017c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 20:23:43 GMT
x-amz-version-id: lr7ANd3HLn8ayPNP27ayM5msGq.vVWr3
via: 1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 1250602
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 190686
last-modified: Mon, 09 Jan 2023 20:49:22 GMT
server: AmazonS3
etag: "972acdf4d838dd5c8bdeac41339c28f1"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: lQXmbDki-Ak_yhBvaB8jFpB3TJoB-CoG0d7A5sJL4VlJcrRgBEh4aw==

GET
H2 200 latspot.min.js Show response
ssor.platform.californiatimes.com/reg/tribune/ 27 KB
12 KB 155ms
61ms Script
text/javascript 52.222.139.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ssor.platform.californiatimes.com/reg/tribune/latspot.min.js

Requested by

Host: rufuswindows.top
URL: https://rufuswindows.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-97.ams50.r.cloudfront.net

Software

nginx/1.18.0 + Phusion Passenger(R) 6.0.16 / Phusion Passenger(R) 6.0.16

Resource Hash

18bba2466b5c1992644aaa326fddb95bf0ebedc2ac35acd297cbd6000892fc76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 26102629399121e9a9caaf60dcb59d4e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: AMS50-C1
age: 668
x-powered-by: Phusion Passenger(R) 6.0.16
x-cache: Hit from cloudfront
status: 200 OK
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 65c04bb2-393c-4665-b5c3-418a67b8910e
x-runtime: 0.003042
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 09 Nov 2022 19:07:06 GMT
server: nginx/1.18.0 + Phusion Passenger(R) 6.0.16
x-host-info: ip-10-22-143-135; development
x-amzn-trace-id: Root=1-63cf7d1f-7f407e274a52a7fc7011b58c
x-download-options: noopen
x-frame-options: SAMEORIGIN
etag: 15913530126433628734
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=900, public, must-revalidate
x-amz-cf-id: Yy4hKDxSqT6k98FeAMRVKfG29g16hva94gtACou3NIf_X7SrPUrLvQ==

GET
H2 200 latspot.js Show response
libs.platform.californiatimes.com/meteringjs/ 187 KB
36 KB 180ms
52ms Script
application/javascript 18.66.15.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.platform.californiatimes.com/meteringjs/latspot.js
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-88.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4c4d6e2eb0bb133f62c1bdd9f5192717d9c6d4fad559132f1b5e55d06daca9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:32:37 GMT
content-encoding: br
via: 1.1 0455d1ec539ef7b27f0e90c40cf5cc10.cloudfront.net (CloudFront)
last-modified: Fri, 20 Jan 2023 23:45:06 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 874
x-amz-server-side-encryption: AES256
etag: W/"9d57d73ca194904307e8a983f5fbb1de"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: DYWvLSe8odo5bbTtJcu8eIoLurvVWMmRIlwql_M2NYo7S8izIKldtA==

GET
H2 200 20520.js Show response
micro.rubiconproject.com/prebid/dynamic/ 329 KB
104 KB 217ms
52ms Script
text/javascript 23.199.214.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://micro.rubiconproject.com/prebid/dynamic/20520.js
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.214.41 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-214-41.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e4b8f6571081392afd877aa87818670441131e241acb3d0b3b23615110e865f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:05 GMT
content-encoding: gzip
last-modified: Thu, 19 Jan 2023 21:39:37 GMT
server: Apache
vary: Accept-Encoding
edge-cache-tag: prod-prebid-20520_CatchAllWrapper.js
content-type: text/javascript
access-control-expose-headers: x-trp-pba
cache-control: public, must-revalidate, max-age=0
content-length: 105921
x-trp-pba: {"ruleId":"1","rulePos":0,"ruleName":"Catch All Rule","wrapperName":"20520_CatchAllWrapper","isPrimary":true,"randomProb":79,"account":20520,"device":"desktop","country":"DE","host":"rufuswindows.top","isMobile":false,"isTablet":false,"reqHost":"micro.rubiconproject.com","referrer":["https://rufuswindows.top/"],"xForwardedFor":"","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36","query":"","ranAt":"2023-01-25T07:47:05.620Z","runId":"1674632825620-9626","wrapperPath":"/prebid/20520_CatchAllWrapper.js","redirectUrl":"/prebid/get-wrapper/Catch%20All%20Rule/20520_CatchAllWrapper.js"}
expires: Wed, 25 Jan 2023 21:25:39 GMT

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/GfBGK_P3Adzw1hvTTkQjebew6Z4/gpt_and_prebid/ 321 KB
65 KB 155ms
55ms Script
text/javascript 2606:4700::6812:116b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/GfBGK_P3Adzw1hvTTkQjebew6Z4/gpt_and_prebid/config.js
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27d31aeec6cb6f445b47a3b08ff16aa6d7b521100b56adb244d9d53d37fd8a94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 Jan 2023 06:59:10 GMT
server: cloudflare
x-amz-request-id: A0TNWYPESS6DZYHM
age: 702
etag: W/"1b205748873994c8ee453b341df783da"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 78ef6617b9ea9211-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: j+HaoubPwtKh4y5/NexVrPx7CjD95Lc1/jelRCTt5qjPa46qUH1IZq0MfQirlHKt1xNQwDbuRWw=

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 159ms
55ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: rufuswindows.top
URL: https://rufuswindows.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59fd6c10818b043145b003808c28ebc4b8cdd0b06f9f2718e78817c2a1f5eef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27644
x-xss-protection: 0
server: sffe
etag: "1462 / 449 of 1000 / last-modified: 1674601734"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 07:47:05 GMT

GET
H2 200 68547f8f-2fd8-4ff3-9b63-51e86e2edee8-web.js Show response
68547f8f-2fd8-4ff3-9b63-51e86e2edee8.edge.permutive.app/ 371 KB
107 KB 160ms
61ms Script
application/javascript 2606:4700::6812:af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://68547f8f-2fd8-4ff3-9b63-51e86e2edee8.edge.permutive.app/68547f8f-2fd8-4ff3-9b63-51e86e2edee8-web.js
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0feb5d51eaf2c4ebb556b31e61cd7afa81a5dbf54e6132fb02a1d8946e7c631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:05 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 68547f8f-2fd8-4ff3-9b63-51e86e2edee8
age: 2731
x-guploader-uploadid: ADPycdsJpD9AjxrAQlNacb9bstjZoHeMnUbpU9Wcu_I8NAdcwVu3cSkwMaZc9zy5SHu8Gn11zMdwOQQVNsY7KjSesMfc6U_Rtjxo
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Mon, 23 Jan 2023 20:02:26 GMT
server: cloudflare
etag: W/"bc742516c44c8f7631e9c1b666a8fc34"
vary: Accept-Encoding
x-goog-generation: 1674504146036114
content-type: application/javascript
x-goog-hash: crc32c=AghLcg==, md5=vHQlFsRMj3Yx6cG2Zqj8NA==
cache-control: public, max-age=900
x-goog-stored-content-length: 112851
timing-allow-origin: *
cf-ray: 78ef6617bfad2c46-FRA
expires: Wed, 25 Jan 2023 08:02:05 GMT

GET
H2 200 latest.js Show response
libs.platform.californiatimes.com/modalityjs/ 12 KB
4 KB 179ms
52ms Script
application/javascript 18.66.15.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.platform.californiatimes.com/modalityjs/latest.js
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-88.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9971c9d985027d9c86b08ee4b5821e00e9530195f9efd9dd60df0fd983912499

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:36:32 GMT
content-encoding: br
via: 1.1 0455d1ec539ef7b27f0e90c40cf5cc10.cloudfront.net (CloudFront)
last-modified: Mon, 12 Sep 2022 16:35:53 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 640
x-amz-server-side-encryption: AES256
etag: W/"be0facef1cd34cfbac862447963e8da6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xtcQlb6EYYfX763-TQItjkn2wUQN7kN0USrwSMwIZDUlzZVF1ulTlw==

GET
H2 200 latest.js Show response
libs.platform.californiatimes.com/newsletter-campaign-manager/ 28 KB
8 KB 219ms
92ms Script
application/javascript 18.66.15.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.platform.californiatimes.com/newsletter-campaign-manager/latest.js
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-88.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa782f590a4f24c6e67e882211c49e9ea5320514dfd0986ebf48c8b1d4455fca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:41:56 GMT
content-encoding: br
via: 1.1 0455d1ec539ef7b27f0e90c40cf5cc10.cloudfront.net (CloudFront)
last-modified: Wed, 30 Nov 2022 22:04:29 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 312
x-amz-server-side-encryption: AES256
etag: W/"d4cc3f655d56bf229fdf590d457feece"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: x3lBwP_0p0GuHT1i69ruWxKtAWV76a2lXk7_k8WwaiedPwLPwGZuhA==

GET
H2 200 /
ca-times.brightspotcdn.com/dims4/default/6c1e134/2147483647/strip/true/crop/1152x1152+448+0/resize/100x100!/quality/80/ 2 KB
3 KB 165ms
165ms Image
image/jpeg 13.227.219.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-times.brightspotcdn.com/dims4/default/6c1e134/2147483647/strip/true/crop/1152x1152+448+0/resize/100x100!/quality/80/?url=https%3A%2F%2Fcalifornia-times-brightspot.s3.amazonaws.com%2F4d%2F59%2Fd62388697b1f18e3d9397aee354f%2Fimg-57db03c4-turbine-la-bio-august-brown
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-52.ams54.r.cloudfront.net
Software: Apache /
Resource Hash: 2da180fc671e2cf178fa18883e4f1f1da6f33eb1a78591e0eeea1d6050db9256

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:41:10 GMT
via: 1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: AMS54-C1
age: 363955
etag: 50c0eddc8beda939ae62c4a4589c45e0
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
alt-svc: h3=":443"; ma=86400
content-length: 2324
x-amz-cf-id: V-uuBw6K4XVNwYN1XHh-VwptSYq-bjRkeIcvmZtVdYasNN_ke6D9eQ==
expires: Sun, 21 Jan 2024 02:41:10 GMT

GET
H2 200 pubads_impl_2023012301.js Show response
securepubads.g.doubleclick.net/gpt/ 385 KB
130 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071816

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79e66558ee620ce57bc0a6be17a96c32074065e763b49f0be5551799623943a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133281
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 09:36:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 Jan 2024 22:03:31 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 38 B
63 B 155ms
74ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=rufuswindows.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bc446075ff76a8796ee2d5fd2713895732438158e76f3d6267e9097eb02f8f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39
x-xss-protection: 0
expires: Wed, 25 Jan 2023 07:47:05 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202212211045/ 216 KB
68 KB 53ms
52ms Script
application/javascript 2606:4700::6812:116b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/GfBGK_P3Adzw1hvTTkQjebew6Z4/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Dec 2022 15:47:15 GMT
server: cloudflare
x-amz-request-id: 2MRA9N6NXTHYB266
age: 2986805
etag: W/"fa407ba001f2ac06196124f41d523471"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 78ef66187acf9211-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: cB1ab4DnUkDZGmtvBe9R/PgOxG41ZYhVouRRA0ed8IExf6IWMjyrBWdCCwiYBzg6/apLlUu5Gok=

GET personalize
edge.platform.latimes.com/v1/ 0
0

GET
BLOB 200
OK 95017bd8-c86c-4cf7-bf8a-06463477a242
https://rufuswindows.top/ 123 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://rufuswindows.top/95017bd8-c86c-4cf7-bf8a-06463477a242
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b5cddfbbacc3608485b29cfc8ee8b4087c24d184db0bc6dde21f9d774a79728

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 126151
Content-Type

GET a649dec0e34796e15c5b3ab6aaa47f80.0af2a448f6d58f8dd85f039eba38b50f.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ 0
0

GET 04ea457b4ef54eb866e0c9b7b2c00d47.0173e1397f3e876c231fe162dd06864a.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ 0
0

GET 0b4bf778d33c6da2d0edf444eca73203.6f505bd99ff1b58341f6ac7abe7fc12a.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ 0
0

GET 6605bf21842727d7d172618bae189cf7.296bb6689af9a44513ffcc30e4f20962.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ 0
0

GET
H2 200 f72651f16a977d9b8debd2dcfdd737b3.10c8cc713f8c1307d4af35a1361dbf60.svg
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ 2 KB
3 KB 39ms
38ms Image
image/svg+xml 13.227.219.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/f72651f16a977d9b8debd2dcfdd737b3.10c8cc713f8c1307d4af35a1361dbf60.svg
Requested by: Host: ca-times.brightspotcdn.com
URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/styles-creative.min.88ab2d6e69b97714b03428f6057cc383.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-52.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c4f8404b2bf35e9a5ad44252d596bca4e2338cf2b5291ad95fb83ab355957633

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/styles-creative.min.88ab2d6e69b97714b03428f6057cc383.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 10:02:11 GMT
x-amz-version-id: zafoSFaqdVrnWh3.uCePTeGGcc3QwUr2
via: 1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4311895
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 2260
last-modified: Tue, 06 Apr 2021 23:01:39 GMT
server: AmazonS3
etag: "cabd7d16e41def650df8737fc638fdb0"
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: uctZrpIFIehyP4ACFjQ0zrQHfi_Vg3tJdjhkLOj25fDoOrHkQ8o-DA==

GET f362a84427d749c5b801ac76a2f9f296.0c532721f81fc3dc5537f4f33e2023d8.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ 0
0

GET
H2 200 jquery-3.6.0.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 87 KB
31 KB 467ms
115ms Script
application/javascript 152.199.4.33
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.6.0.min.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.4.33 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/1C6D) /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11774410
x-cache: HIT
content-length: 30982
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Mar 2021 22:36:53 GMT
server: ECAcc (nya/1C6D)
etag: "803056b57d10d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 204 r.rnc
activate.platform.californiatimes.com/privacy/v1/b/ 0
106 B 42ms
41ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/privacy/v1/b/r.rnc?n=0&c=2715&i=8aru7h&p=latimes&s=327&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjAyIiwiY2xpZW50SWQiOjI3MTUsInB1Ymxpc2hQYXRoIjoibGF0aW1lcyIsImluc3RhbmNlSWQiOiI4YXJ1N2giLCJwYWNrZXQiOjAsIm1vZGUiOiJlbmZvcmNlWgDyJ29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLMA8BkiLCJ0eXBlIjoiYmlsbGluZyIsInN0YXJ0IjoxNjc0NjMyODI1ODk0WgDAZCI6LTEsInNvdXJjMgACKwBhdHVzIjoiZgBAYXNvbmUA1F0sImRhdGFQYXR0ZXISAMJsaXN0IjpbXSwiaWRdAMA2MzI4MjU4OTR9XX0
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:05 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 25 Jan 2023 07:47:04 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 536 KB
148 KB 221ms
61ms Script
application/x-javascript 23.203.125.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-44.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c6a2acafca2240ed410b27b91023f58e3a9196bad947f6b0ddd2aebde99cb5c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 25 Jan 2023 07:47:06 GMT
Content-Encoding: gzip
x-amz-request-id: TGMV6RV3HRT83XW9
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: u3Cq4e309D0GalSf0oJW8OERLUa2d72fhTV1Ykai2Ecnij0lavAifYFM1YI8VcHxLlfLF7l6Gm8=
Last-Modified: Fri, 13 Jan 2023 18:33:34 GMT
Server: AmazonS3
ETag: "7dba2af09ac73f5bb0d756e3d509d2dd"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 serverComponent.php Show response
activate.platform.californiatimes.com/caltimes/latimes/ 951 B
822 B 54ms
53ms Script
text/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://activate.platform.californiatimes.com/caltimes/latimes/serverComponent.php?namespace=CalTimes&staticJsPath=activate.platform.californiatimes.com/caltimes/latimes/code/&publishedOn=Wed%20Jan%2025%2002:27:01%20GMT%202023&ClientID=2715&PageID=https%3A%2F%2Frufuswindows.top%2F
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 723dc395f4dec1199087c9aa0128e01190464f4d01f5d90e03ad3fc16a48ccfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:05 GMT
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-P7
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
x-amz-cf-id: QzAhS9Linye9Ne7EfZo2PS8dr3UTa4nsO8tC41Amw-U-JIb6yxcHhw==
expires: Wed, 25 Jan 2023 07:47:04 GMT

GET
H2 200 faa6e1efb612d1962a7531c3f52b0375.js Show response
activate.platform.californiatimes.com/caltimes/latimes/code/ 178 KB
20 KB 46ms
46ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://activate.platform.californiatimes.com/caltimes/latimes/code/faa6e1efb612d1962a7531c3f52b0375.js?conditionId0=4849544
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: afef269d37ac9cde8e07092dc1247b980d19dcd1292ce5069561a4702867c2b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:05 GMT
x-amz-version-id: b2WbBlnGaN4ANozpPokyrmAYPReuXzIB
content-encoding: br
via: 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 19183
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 25 Jan 2023 02:27:03 GMT
server: nginx
etag: W/"7aa075462feb7149d796ac782c12438f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: gCdXJNWm63_FTbThaY-Re157kr8QDUl0fBWU4DKOCOk5jGQxRozbhg==

GET
H2 200 subscriptions.js Show response
static.chartbeat.com/js/ 32 KB
11 KB 162ms
48ms Script
application/x-javascript 2600:9000:2304:5600:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/subscriptions.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:5600:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a1c9a21ede44774a26110c312c2c5398e074132f6e243011c15b4bfd660702ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:38:11 GMT
content-encoding: gzip
via: 1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
last-modified: Thu, 02 Jun 2022 02:15:58 GMT
server: nginx
x-amz-cf-pop: VIE50-P1
age: 18535
etag: W/"62981d5e-81f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: n4NoWbaKDlU0oOlK66qA4b5Dv3kKMkpd5XhCnNLBj0BJdgfm94ueUA==
expires: Thu, 26 Jan 2023 02:38:11 GMT

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
235 B 47ms
47ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Invalid%20data%20definition%20used%3A%2059327&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: 8HmmoWWqW_di4uVYajpjtbPq3UcblyHarbDdPmWgPI6uO-xW1rg-FA==

GET
H2 200 a-06u7.min.js Show response
b-code.liadm.com/ 34 KB
12 KB 319ms
43ms Script
application/javascript 2600:9000:21c7:e000:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-06u7.min.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:e000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0643960c81921ff9b32a23ed7a72aabc32afe1ae203d1adb373f904884dcd443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:20:08 GMT
content-encoding: gzip
via: 1.1 f9d671af272d3b5b3c683203ae8f4cc8.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 19617
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: C7ySfI1dah-dAUwhVjgTbJl13cuCQdSzTaRmCIg-bYpOWjW6rt6oxA==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
236 B 52ms
49ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.parent_cms_id.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: Wq5uY5tpjMhdF3q93xaqlFooj7NkiTBMnY3L2paYu9-SS8awjRQ1-Q==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
237 B 52ms
49ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.cms_slug.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: 3PgBKHBYLYALLFnoHd9A3NS8Owuj4aUcbqc56D1RH7xNUVqhZ_D0HQ==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
236 B 50ms
47ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.headline.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: k7UgeBCi-SJnPHhRjx2A6brZbfXF1XimvSNvfAnwoCUpEOZeZKnsug==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
236 B 53ms
50ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.byline.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: Prs62bkMJ2LlDyza4QD0C22H1HyapX_5YYP_7KEwmV84NfTmfyQs4Q==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
235 B 54ms
51ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.publish_date.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: Mizn6PcUhsmuEMgPIsICK_3fwmfAAcZiCGP-rNQhT-OT0JJeNYjRqg==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
236 B 51ms
48ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.content_topic.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: Tc8TRM8ZUL7PYGAhDClEX6Lfe3D7xKa_uQSoh2F87noVEIJvIUorNA==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
237 B 52ms
49ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.nav_type.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: rxLhXHL--Me5TpwfL2dqBPv5J6CLPlDjjEEXAKaLHPPSIoF3pPAn7g==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
237 B 52ms
50ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.nav_link_oft.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: KZkWx2zMjv0c2sWDYjYELyUUKKG_hRoXukvIocO8a8JRSjgF-ESG8Q==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
238 B 53ms
51ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.accessible_for_free.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: AWEHOxi4wDiqF0uKP-cPd5xWBQdLlZZw3X_yO7y6S3vGDhWKNLcKIQ==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
236 B 73ms
70ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.page_count.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 93efd892a8e99dc59164afbee331cd56.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: zR8dDSI3kCiqa1D62JklWS9L7K-ZMKjng4G8ZTfuBolJ11sinKhOBA==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
235 B 73ms
71ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.page_number.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: eTfytBl97nTMRp6gMDmxpYpo9tgfs8_ZebFo3Mo6QsWJPXf22SXiYg==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
236 B 71ms
69ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.child_content_type.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: LufXwFxeqw_uqa-Dw7Iq3v9m64lfR8DhwXXy68xlu1kpj1W750HYCg==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
236 B 71ms
69ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.revised_date.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: Pdiuis3xCRG4vBGbc554YSLX-fuwC3xUx5lBy1KHrhY2bgNDza-qSg==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
236 B 70ms
68ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.content_source.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: V28LisylWXU7wpyGDighAXqMmYe3WwDE8mWVxVc-wW08g0AHuz91jg==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
235 B 72ms
70ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.child_cms_id.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: D10cHNfMpnvdYrAkePAPPW5TRMsbSm73O8_DLGE0T2c7-3Ui6hV19A==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
236 B 73ms
71ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.photo_cms_id.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: aKvHF3YxTQbcavOFodrEVBSS61WdVdca7VDyXhE1_cSlkoxIv3aPDg==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
237 B 73ms
72ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.photo_credit.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: 4osknkCFkRmXrKtVZQfN1DXKzYr_9KFksNRz3z3z2wCszB4x8WRqdg==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
235 B 73ms
72ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.print_id.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: 4VxVLxUF5hwb-4eSl8z0dgEUJMTaod91WPDYn1Xy0RfU23pXDjqI8Q==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
236 B 74ms
72ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.child_slug.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: Co9884Xetqr4WLLGjZGt8L5lsCfBH7LdGRdvm7hDVKzBoPoh6WsyDA==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
236 B 74ms
73ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Error%20resolving%20data%20definition%3A%20Manage.Pulse%20Page%20Load.child_title.%20%20Does%20not%20exist%20on%20the%20page.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: E5NccSFBErPAZl18Y4T9TPZEfiTmkFa4Y5TYUM5oIw06sl5s0YhDeA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 218ms
79ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-40841508-1&l=adsData

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eeaee37caa31e2e5b892c4636cdfa39cebf07c4b45db1dee46cfa8af1980329a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44057
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 Jan 2023 07:47:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
76 KB 287ms
149ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FB5D97VJNM&l=adsData

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe08ffaa1969ea9be580555c0a07736bcd0b1f1338e03f063e8f176f289c68e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77697
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Jan 2023 07:47:06 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 115 B
539 B 194ms
58ms Script
text/javascript 18.203.36.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Frufuswindows.top%2F&ntv_mvi&us_privacy=1YNY
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.36.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-36-235.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Jan 2023 07:47:06 GMT
content-encoding: gzip
server: nginx/1.12.2
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 122
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
3 KB 39ms
38ms Script
application/javascript 2600:9000:21c7:e000:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:e000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 01:07:19 GMT
x-amz-version-id: WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
content-encoding: gzip
last-modified: Tue, 10 May 2022 11:48:07 GMT
server: AmazonS3
via: 1.1 f9d671af272d3b5b3c683203ae8f4cc8.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
etag: W/"ae5e94de938b0387eda6df8f20da811a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=2592000
age: 1406388
x-amz-cf-id: XpxL6fXblpEhgroRSZgrEgv-ggCJ6CbJT2UCOAabrh6n1eL8n52kgA==

GET ed1ec5a818c15dbd32316b517a3f67f9.2f018e574646e3161e892c7ec2e54e6a.woff
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ 0
0

GET c3954ff923c42062320b2dec4759b738.d6139d3cb0273e8325a2c8353e93daa3.woff
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ 0
0

GET 0b108af3bffa5b36f1b43ed7786f06ff.54c613d10c247445c7515f29cb89feee.woff
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ 0
0

GET dbbba3c707902adde2d3f9346d53c79f.509f59ddb35a4959a6bf4880fc8d917e.woff
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ 0
0

GET a554777027e6a2531362bdb482bc4015.0793a910a84e62f91b0b4e296bd3f958.woff
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Jan 2023 06:07:30 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5976
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20085
expires: Wed, 25 Jan 2023 08:07:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
76 KB 81ms
81ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FB5D97VJNM&l=adsData&cx=c

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

778fe5d94d9e6ae7aeb496cc91d4174160702082005d7e76eb339412faf8ba30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77753
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Jan 2023 07:47:06 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1674632826494&aid=a-06u7&se=e30&duid=6d08b1d759e3--01gqkya3g30tpv3hkp8dm9ksdf&tna=v2.6.0&pu=https%3A%2F%2Frufuswindows.top%2F&us_privacy=1YNY&wpn=lc-bundle&c=PHRpdGxlP...
https://rp4.liadm.com/j?dtstmp=1674632826494&aid=a-06u7&se=e30&duid=6d08b1d759e3--01gqkya3g30tpv3hkp8dm9ksdf&tna=v2.6.0&pu=https%3A%2F%2Frufuswindows.top%2F&us_privacy=1YNY&wpn=lc-bundle&c=PHRpdGxl...

13 B
553 B

440ms
147ms

XHR
application/json

18.207.63.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1674632826494&aid=a-06u7&se=e30&duid=6d08b1d759e3--01gqkya3g30tpv3hkp8dm9ksdf&tna=v2.6.0&pu=https%3A%2F%2Frufuswindows.top%2F&us_privacy=1YNY&wpn=lc-bundle&c=PHRpdGxlPlJldmlldzogUnVmdXMgV2FpbndyaWdodCBhdCB0aGUgT3JwaGV1bSAtIExvcyBBbmdlbGVzIFRpbWVzPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVGhpcyBhcnRpY2xlIHdhcyBvcmlnaW5hbGx5IG9uIGEgYmxvZyBwb3N0IHBsYXRmb3JtIGFuZCBtYXkgYmUgbWlzc2luZyBwaG90b3MsIGdyYXBoaWNzIG9yIGxpbmtzLiI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LmxhdGltZXMuY29tL2FyY2hpdmVzL2Jsb2dzL3BvcC1oaXNzL3N0b3J5LzIwMTItMDUtMTQvcmV2aWV3LXJ1ZnVzLXdhaW53cmlnaHQtYXQtdGhlLW9ycGhldW0iPjxoMSBjbGFzcz0iaGVhZGxpbmUiPiBSZXZpZXc6IFJ1ZnVzIFdhaW53cmlnaHQgYXQgdGhlIE9ycGhldW0gPC9oMT4&i6=MmEwMTo0YTA6MTMzODo5Mjo6Ng%3D%3D&n3pc=true

Requested by

Host: rufuswindows.top
URL: https://rufuswindows.top/

Protocol

Server

18.207.63.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-207-63-238.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:07 GMT
x-pixel-event-id: 25fd85c9-d5a0-4c71-a248-c7f1da7746d1
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 28
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 31732bbba7cbb584
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Wed, 25 Jan 2023 07:47:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1674632826494&aid=a-06u7&se=e30&duid=6d08b1d759e3--01gqkya3g30tpv3hkp8dm9ksdf&tna=v2.6.0&pu=https%3A%2F%2Frufuswindows.top%2F&us_privacy=1YNY&wpn=lc-bundle&c=PHRpdGxlPlJldmlldzogUnVmdXMgV2FpbndyaWdodCBhdCB0aGUgT3JwaGV1bSAtIExvcyBBbmdlbGVzIFRpbWVzPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVGhpcyBhcnRpY2xlIHdhcyBvcmlnaW5hbGx5IG9uIGEgYmxvZyBwb3N0IHBsYXRmb3JtIGFuZCBtYXkgYmUgbWlzc2luZyBwaG90b3MsIGdyYXBoaWNzIG9yIGxpbmtzLiI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LmxhdGltZXMuY29tL2FyY2hpdmVzL2Jsb2dzL3BvcC1oaXNzL3N0b3J5LzIwMTItMDUtMTQvcmV2aWV3LXJ1ZnVzLXdhaW53cmlnaHQtYXQtdGhlLW9ycGhldW0iPjxoMSBjbGFzcz0iaGVhZGxpbmUiPiBSZXZpZXc6IFJ1ZnVzIFdhaW53cmlnaHQgYXQgdGhlIE9ycGhldW0gPC9oMT4&i6=MmEwMTo0YTA6MTMzODo5Mjo6Ng%3D%3D&n3pc=true
access-control-allow-origin: https://rufuswindows.top
request-time: 0
access-control-allow-credentials: true
trace-id: ab572dfc1b119919
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.google-analytics.com/g/ 0
348 B 135ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FB5D97VJNM&gtm=2oe1n0&_p=1143632400&gdid=dNjIxNT&cid=1747098397.1674632827&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674632826&sct=1&seg=0&dl=https%3A%2F%2Frufuswindows.top%2F&dt=Review%3A%20Rufus%20Wainwright%20at%20the%20Orpheum%20-%20Los%20Angeles%20Times
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rufuswindows.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 25 Jan 2023 07:47:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rufuswindows.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
236 B 46ms
46ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Invalid%20data%20definition%20used%3A%2059482&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: bUgK6_uEAGoi2p-Xlr4XEvu-yfb_mOYqRXcsmwS21_23yAFmXQfynA==

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
236 B 53ms
53ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=Invalid%20data%20definition%20used%3A%2059331&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=latimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: rufuswindows.top
URL: https://rufuswindows.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 22897
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: FKnpvmdMh9U-2DA8HdB6U5DMTxkv9JpIS-aG5ovMMQNw3tioq3kokQ==

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 25 Jan 2023 08:04:27 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
533 B 149ms
47ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rufuswindows.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://rufuswindows.top
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94
x-xss-protection: 0

GET personalize
edge.platform.latimes.com/v1/ 0
0

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
462 B 232ms
72ms XHR
application/json 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rufuswindows.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 25 Jan 2023 07:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://rufuswindows.top
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 140ms
39ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:07 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230058-FRA

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 557ms
45ms Script
application/javascript 2a04:4e42:41::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:41::84 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aacfea800a59766fdd3672fad8e5eba13abae2dab105014fc9214cb0c1409925

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:07 GMT
x-cdn: fastly
etag: "91c4ea42bc7f1df938d8cd8de8d598db"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
fastly-restarts: 1
content-length: 1146

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 311ms
159ms Script
application/javascript 2.23.97.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7NH7T2RFP3FEK3DN8BG&lib=ttq
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.99 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c2bed617e481fdfc2605cc523da09e38450b5d2ec98cba16e4977bb2371fd61c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-akamai-request-id: 613ee8.1d5ad644
date: Wed, 25 Jan 2023 07:47:07 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-95.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 104,2.23.97.95
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=7, inner; dur=3
content-length: 1151
pragma: no-cache
server: nginx
x-tt-logid: 20230125074707AC33F0B2A1D31F708903
x-cache-remote: TCP_MISS from a23-32-17-153.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.32.17.153
x-tt-trace-host: 018d063700e1cf17c08548c9ad121f23aa401b09866a1a9e9259ee99a4a3cce02b72f76c1c53a056544f71de413760fc10218257a54f0ee58ecbe887e4ec30e809f798d28d2b3bc8ff819f9b7e5a2b5958d69a5856143b2914f2069641785422e82d12c05df48e6448da055040b4612dc9
expires: Wed, 25 Jan 2023 07:47:07 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 136ms
40ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:07 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7356

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 83ms
83ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1009384521&l=adsData

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b99cd4a319c48669c778f51eb674ffbf240e726a3b62f6e26704c05946fb7aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69103
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 Jan 2023 07:47:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 123ms
40ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 25 Jan 2023 07:47:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27859
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: /fhBlDsYLeQ9GEBGy0ZsRV3aCyYjhn8nxdgURRtmZj1M66JBDyuYPVoi3FD8SY+kuNDvwujarXhQCK33mR/kqg==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 qevents.js Show response
a.quora.com/ 40 KB
14 KB 142ms
48ms Script
text/plain 162.159.152.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a15bef5551f730c8269a1cba57c370099d559defd996193c80a477c411081ca2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:07 GMT
x-amz-version-id: vyBstMTGyA6m5sV66zq8xsypUg.tAOk.
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: ABWFWAK2P6Z86ST7
age: 15046020
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Lo6V6sS9dollZm991E+r9QS5ilIWlcul705lMiga2oQnz8bnT95jaa4X7qyu2MPUU2YNcD20ek4=
last-modified: Fri, 18 Mar 2022 00:16:52 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1647562609/ctime:1647562609/gid:150037/gname:ezhang/md5:47078e63380c6b0cbbfb6d8508b25ee7/mode:33204/mtime:1647562609/uid:150037/uname:ezhang
etag: W/"47078e63380c6b0cbbfb6d8508b25ee7"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 78ef66221dc19a39-FRA
expires: Wed, 25 Jan 2023 11:47:07 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 17 KB
6 KB 176ms
52ms Script
application/x-javascript 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: daf842fc24f3934560a1f8338e8e4efcbc7ec7e4393a3360cad7c0bdd43e2aad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 25 Jan 2023 07:47:07 GMT
Content-Encoding: gzip
Last-Modified: Sun, 22 Jan 2023 12:08:14 GMT
Server: AkamaiNetStorage
ETag: "9f0b052ec22f789c3cc95c26dd0da7f4:1674389451.57807"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5884
Expires: Wed, 25 Jan 2023 08:07:07 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 138ms
38ms Script
application/x-javascript 13.227.222.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.222.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-222-181.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 25 Jan 2023 06:03:07 GMT
Content-Encoding: gzip
Via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS54-C1
Age: 6241
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: abYOD-t2ThpAXJWlgjKD3Y138WVuYGToYuScqwAIatDrx4VGmJDg7Q==

GET
H2 200 player-0.1.0.min.js
cdn.embed.ly/ 14 KB
14 KB 170ms
52ms Image
application/javascript 104.16.89.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.embed.ly/player-0.1.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:07 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2017 18:33:09 GMT
server: cloudflare
x-amz-request-id: 52FYT71QVRRBEG1W
age: 217
etag: W/"19b624e7fe7a86b4c7851ed61e250626"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 78ef66224d9b9be9-FRA
x-amz-id-2: QbOnF9tX7+bgzar7LsRMgqRhtd8AU84h6XgL0yaVQLiBU08qSAGccT9/ihuH2/Hn4nmfjA1zt34=
expires: Wed, 25 Jan 2023 11:47:07 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
191 B 167ms
53ms Image
text/plain 52.222.139.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6036462&ns__t=Wed%20Jan%2025%202023%2007:47:07%20GMT+0000%20(GMT)&ns_c=UTF-8&c8=Review%3A%20Rufus%20Wainwright%20at%20the%20Orpheum%20-%20Los%20Angeles%20Times&c7=https%3A%2F%2Frufuswindows.top%2F&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-45.ams50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:07 GMT
via: 1.1 26102629399121e9a9caaf60dcb59d4e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: Gm4moAgbQkNVi-jXsXbrbRgxDH1P7v5YKQckETNL1WJeGlQVLZpKaw==
x-cache: Miss from cloudfront

GET
H2 200 trackable.js Show response
ext.chtbl.com/ 4 KB
4 KB 182ms
39ms Script
application/javascript 2600:9000:21c7:9e00:a:b27c:d040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ext.chtbl.com/trackable.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:9e00:a:b27c:d040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:35:40 GMT
via: 1.1 de31699a6e25448909328bb7c6028f6a.cloudfront.net (CloudFront)
last-modified: Fri, 12 Feb 2021 20:28:32 GMT
server: AmazonS3
x-amz-cf-pop: AMS54-C1
age: 706
etag: "4a494dbb82444463b6fd8bff0e5593d6"
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
cache-control: max-age=3600
accept-ranges: bytes
content-length: 4092
x-amz-cf-id: o4QD6eaibTY72s2XnapUbem2AAWNCV4eC3dLqye7sbentqttKH9ekg==

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6036462/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
359 B

39ms
39ms

Script
application/javascript

52.222.139.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 52.222.139.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-45.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:29:22 GMT
via: 1.1 26102629399121e9a9caaf60dcb59d4e.cloudfront.net (CloudFront)
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1066
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: len7H_YTIWgbwhaYgh8QfUW8jUQmxjg2GqmvHWNl21TXqvkxGNatjw==

Redirect headers

location: /internal-c2/default/cs.js
date: Wed, 25 Jan 2023 07:47:07 GMT
via: 1.1 26102629399121e9a9caaf60dcb59d4e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
content-length: 0
x-amz-cf-id: pYedcgLtXbLfvwVzKO1tm7x3145SHzyeYNj9xqf2RSUBbZ6HBNGU_g==
x-cache: Miss from cloudfront

GET
H2 200 rev.js Show response
assets.revcontent.com/master/ 26 KB
10 KB 176ms
44ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/rev.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 894694eee28fc463a83875d519e70afaf5f40ac7c042d6114c4ee86d156b4067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:07 GMT
content-encoding: gzip
x-sp-metadata: HS256.CIvZw54GEocBCiQxZWI1NDRlYi05YWQ2LTRiYzktYTFlOS0xNGZiNTJmNjkwZGYQsMe3nffA/AIaBgj7vMOeBiIMODAuMjU1LjcuMTA4KKy1AzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkMWU0NDdjYjMtMGNmMi00ZmZkLWI2OGQtYzQxODE0YzcwMzIzGJFLIhgIAhIUY2RzMjYyLmZyOC5od2Nkbi5uZXQ=.E8DT9MPk+uGC6ePdtxpM6FI62+kXbMcwXrjXz4lobjs=
last-modified: Wed, 09 Oct 2019 15:23:49 GMT
server: AmazonS3
x-amz-request-id: CDVA7K848BH8CRZZ
etag: "46482d4733f3f6c1f93601a6274bc264"
x-hw: 1674632827.cds221.fr8.hn,1674632827.cds262.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 9617
x-amz-id-2: OnIOpWpq13PpiMzcLcnARSJ70dhEc/SRiVMJj2G3cXHuGsff4edGbzlJ+ZgsaoKSIbpkpYhpDhA=

GET
H2 200 scevent.min.js Show response
sc-static.net/ 30 KB
13 KB 163ms
66ms Script
application/javascript 65.9.86.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-252.ams1.r.cloudfront.net
Software: CloudFront /
Resource Hash: fa42d02480f27fd0a8768e025d5033abf291c0df6391f25074faf80fa58c422c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:07 GMT
content-encoding: gzip
via: 1.1 ed3a324a0ea0d1dfe339969855915050.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 13270
x-amz-cf-id: Y3D441GqJX6CXFRDb5-zRHgF4zW8FxxR6_xgBd6InhJWOKETTwHDDQ==

GET
H2 204 unip
trc.taboola.com/1335255/log/3/ 0
331 B 151ms
49ms Image
image/gif 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1335255/log/3/unip?en=page_view(https://rufuswindows.top//trc.taboola.com/1335255/log/3/unip?en=page_view)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 25 Jan 2023 07:47:07 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220079-HHN
server: nginx
x-timer: S1674632827.374424,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 216ms
134ms Image
image/gif 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1674632827244&id=t2_5wzfk9al&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=6f734d7a-c0e3-476a-8931-3ef34e24129c&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:07 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 58F6 0
182 B 177ms
57ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=uakr1sk&ref=https%3A%2F%2Frufuswindows.top%2F&upid=swei7dz&upv=1.1.0
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rufuswindows.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Wed, 25 Jan 2023 07:47:07 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 adsct
t.co/i/ 43 B
378 B 240ms
145ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=3baf39a9-03ff-4446-a195-c42bce5764b6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=256793e1-e299-40bf-90be-6fdf09c52920&tw_document_href=https%3A%2F%2Frufuswindows.top%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuumm&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-response-time: 106
date: Wed, 25 Jan 2023 07:47:06 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 31f96842c646a282
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: ccba2846554be4e6db89fbb181085dbb1dbfab805e4cc6adc740f6e1d2b480fb
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 279ms
151ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=3baf39a9-03ff-4446-a195-c42bce5764b6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=256793e1-e299-40bf-90be-6fdf09c52920&tw_document_href=https%3A%2F%2Frufuswindows.top%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuumm&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-response-time: 111
date: Wed, 25 Jan 2023 07:47:07 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5ef52ee24cb09e15
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: eb0f3a2b7d2656c5ea6a8daeb6bd7b9608ceb9665c081c5379158daea0543298
content-length: 43

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/ca8cb1bde9414b2583b370368e30f53e/ 43 B
420 B 563ms
118ms Image
image/gif 3.220.15.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/ca8cb1bde9414b2583b370368e30f53e/pixel?j=1&u=https%3A%2F%2Frufuswindows.top%2F&tag=ViewContent&ts=1674632827261

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.15.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-220-15-152.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 25 Jan 2023 07:47:07 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,553e61009533ad6237d188974fa48148,10.0.0.238,62372,80.255.7.108,,96881699979,1,1674632827.787,0.001,,.,0,0,0.000,0.000,-,0,0,197,120,60,10,34729,,,,,,-,
Content-Type: image/gif

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1009384521/ 2 KB
2 KB 320ms
115ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1009384521/?random=1674632827271&cv=11&fst=1674632827271&bg=ffffff&guid=ON&async=1&gtm=2oa1n0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frufuswindows.top%2F&tiba=Review%3A%20Rufus%20Wainwright%20at%20the%20Orpheum%20-%20Los%20Angeles%20Times&did=dNjIxNT&gdid=dNjIxNT&us_privacy=1YNY&auid=234807164.1674632827&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccdf5c82d2bfbd49155fb4391e5d586ae9c72c9178ba35873ec4a1eda45c63d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Jan 2023 07:47:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 908
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 632456800236234 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 221ms
221ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/632456800236234?v=2.9.94&r=stable

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2451dcfbd8c35bf3d1459fc3095b1cc2fc5464139cb3185a4582703ee2198fe6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 25 Jan 2023 07:47:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ET2666QnOEQUcCau+w4U6CMzDL5YUxgFTcqmbtuO2BYd94ZGTJPDywGEGL7jTWnlHUtOcx83fObhpsD4teb48g==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 924ms
189ms Script
application/javascript 66.225.223.127
NTTA-3946

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=undefined
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.225.223.127 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS: sa.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 25 Jan 2023 07:47:08 GMT
X-TraceId: 2440439dac633adc190115eb707ddc28
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 923ms
189ms Image
image/gif 66.225.223.127
NTTA-3946

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00d9d340b52282c19bd79c17bede8ae26c&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Frufuswindows.top%2F&cht=ccpa&optOut=false&bust=0933591514085242&referrer=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.225.223.127 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS: sa.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 25 Jan 2023 07:47:08 GMT
Cache-Control: no-cache
X-TraceId: 16f927c40e01efc1f48f1b41ef17e79d
Content-Length: 53
Content-Type: image/gif;

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame D0A1 0
294 B 235ms
49ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=dbe625aa-7ced-4e1d-8918-88782123af97&u_scsid=08f2987b-bc25-4829-9245-e1546984823b&u_sclid=acf4ccdb-6b65-4f55-9413-39a495a3d83b

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://rufuswindows.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 25 Jan 2023 07:47:07 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 dbe625aa-7ced-4e1d-8918-88782123af97.js Show response
tr.snapchat.com/config/top/ 149 B
541 B 234ms
48ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/top/dbe625aa-7ced-4e1d-8918-88782123af97.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

f77ca6b70a43a4b6d5f95245fae73e7e7209bb347e68165c0942cc09fd5a1464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://rufuswindows.top/
Origin: https://rufuswindows.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://rufuswindows.top
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 p
tr.snapchat.com/ 68 B
344 B 237ms
53ms Ping
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://rufuswindows.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 25 Jan 2023 07:47:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://rufuswindows.top
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 5
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H/1.1 200
OK a-06u7 Show response
i.liadm.com/s/c/ Frame A00C 1 KB
1 KB 420ms
166ms Document
text/html 3.229.71.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-06u7?s=&cim=&ps=true&ls=true&duid=6d08b1d759e3--01gqkya3g30tpv3hkp8dm9ksdf&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1YNY&

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.71.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-71-248.compute-1.amazonaws.com

Software

Resource Hash

810e3d95494b6c3f643113670c5f4e9db5d8fcf3d8cfcf18b1657bf84ad942a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rufuswindows.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 699
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 Jan 2023 07:47:07 GMT
ETag: 1.61803398874
Request-Time: 49
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H2 200 main.MWE2YWY2YTgzMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 253 KB
69 KB 55ms
54ms Script
application/javascript 2.23.97.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMQ.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.99 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f08f0e4c32e27814144956e0ce5ada45ccee6e26474ffbe8b8b3193e89df517d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-akamai-request-id: 1d5ad745
date: Wed, 25 Jan 2023 07:47:07 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230112175917106B886EDB44B16C6053
vary: Accept-Encoding
x-cache: TCP_HIT from a2-23-97-95.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 015fe8e0ddcb0d3fc58167896743f42b6bd74e1eb88f54b5809e8cf0aafe3dba65f0d4b942a5123ceaeb0f1e666397ee02baeaeaa05c84d8ddfd66c475796482793bd4e4b004c8a9e47468caada5bd4f753c6fb40915fc78a45917899c8578a94b
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 70329

POST
H2 200 track Show response
web.chtbl.com/ 49 B
379 B 224ms
223ms XHR
application/json 2600:9000:206f:1200:0:cc59:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.chtbl.com/track
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1200:0:cc59:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: uvicorn /
Resource Hash: bb30148d9df7671c14f2cd5be91e6b7a1488932efb740a80b66f39052744c168

Request headers

Referer: https://rufuswindows.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: application/json;charset=UTF-8

Response headers

date: Wed, 25 Jan 2023 07:47:07 GMT
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
server: uvicorn
x-amz-cf-pop: FRA56-C1
vary: Origin
access-control-allow-methods: OPTIONS,POST
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-headers: *
content-length: 49
x-amz-cf-id: cBAyLPNgo5b-RASNBypgJW6MYJsWKjHuiRKjaACpNxq1qs3xA47hqA==

OPTIONS
H2 200 track
web.chtbl.com/ Frame 0
0 395ms
221ms Preflight
application/json 2600:9000:206f:1200:0:cc59:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.chtbl.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1200:0:cc59:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rufuswindows.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 49
content-type: application/json
date: Wed, 25 Jan 2023 07:47:07 GMT
server: uvicorn
vary: Origin
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
x-amz-cf-id: HyZqlT5YqnFM2F9mObVdn8Y3eSBLu8cY_mpN4HaFsU26s5lRNG202g==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront

GET
H2 200 identify_c4832.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 54ms
54ms Script
application/javascript 2.23.97.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.99 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-akamai-request-id: 1d5ad812
date: Wed, 25 Jan 2023 07:47:07 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023011217590096DDF63A2F931D7E7495
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-23-97-95.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0186198271b8ec37ba585afa03d16197c747bb55d9c7af7d3ebe3bbc372dff33729f39a51fa42b6a0a1927d533fb5fb0267d8c246c2c3cc20dfcc06f159eb30369e4af6a8eae45add4fdff81c664e9ca68e61bfc31f79a2e26ebefc1638836dcf1
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30763

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
689 B 174ms
174ms Ping
text/plain 2.23.97.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.99 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rufuswindows.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 568ab32a.1d5ad858
date: Wed, 25 Jan 2023 07:47:07 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-95.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 116,2.23.97.95
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=20, inner; dur=16
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230125074707EC22DB2AD65240181972
x-cache-remote: TCP_MISS from a23-220-107-72.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.220.107.72
x-tt-trace-host: 018d063700e1cf17c08548c9ad121f23aaca8b9c81cec5d524c084b5c13e6e6f30938e64a4ca79901e2d3cf651a987b39fb403f77b145fdcc5a470026d208a5281514f16a874af08e798ffe9a380157dc3e19c9f149ce7e8df4d6a4901c2dc63004710e03a2ed067627ffedfb7ea2ec6ee
expires: Wed, 25 Jan 2023 07:47:07 GMT

GET personalize
edge.platform.latimes.com/v1/ 0
0

GET
H2 200 main.f6304d83.js Show response
s.pinimg.com/ct/lib/ 55 KB
19 KB 50ms
49ms Script
application/javascript 2a04:4e42:41::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.f6304d83.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:41::84 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7baf4ac1cb2adf82ed9e88c9fa1b22f8ea22e14cf2aa24e9936c6578515e70ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:07 GMT
content-encoding: gzip
x-cdn: fastly
etag: "fe9b810e040cd8cd5323a13c712440ca"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
fastly-restarts: 1
content-length: 19456

GET
H2 200 / Show response
ct.pinterest.com/user/ 539 B
858 B 341ms
82ms XHR
application/json 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613340406388&cb=1674632827725&dep=2%2CPAGE_LOAD

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.5d17655f.1674632828.541eddd7
x-envoy-upstream-service-time: 1
content-length: 375
x-pinterest-rid: 3543104675318266
pin-unauth: dWlkPU1UUmxNV015TWpVdE9UVmpaUzAwTlRkaUxXRmlZVE10T1dFNU9XUmxZemt3WXpjeA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rufuswindows.top
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 539 B
859 B 343ms
85ms XHR
application/json 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22page_title%22%3A%22Review%20Rufus%20Wainwright%20at%20the%20Orpheum%20%20Los%20Angeles%20Times%22%7D&tid=2613340406388&cb=1674632827726&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.5d17655f.1674632828.541eddd8
x-envoy-upstream-service-time: 1
content-length: 375
x-pinterest-rid: 3595981395609000
pin-unauth: dWlkPVlqUTBNR1UyTURRdFl6WXdNeTAwTUdVekxUa3dPV0l0WXpkaE1EQTVNVEkzTVRWaQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rufuswindows.top
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 344ms
86ms Image
image/gif 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613340406388&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Frufuswindows.top%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1674632827727

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Jan 2023 07:47:08 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.5d17655f.1674632828.541eddd9
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1972725457979902
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1009384521/ 42 B
548 B 252ms
126ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1009384521/?random=1674632827271&cv=11&fst=1674630000000&bg=ffffff&guid=ON&async=1&gtm=2oa1n0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Frufuswindows.top%2F&tiba=Review%3A%20Rufus%20Wainwright%20at%20the%20Orpheum%20-%20Los%20Angeles%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2449708729&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Jan 2023 07:47:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1009384521/ 42 B
548 B 141ms
53ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1009384521/?random=1674632827271&cv=11&fst=1674630000000&bg=ffffff&guid=ON&async=1&gtm=2oa1n0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Frufuswindows.top%2F&tiba=Review%3A%20Rufus%20Wainwright%20at%20the%20Orpheum%20-%20Los%20Angeles%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2449708729&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Jan 2023 07:47:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 206ms
41ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=632456800236234&ev=PageView&dl=https%3A%2F%2Frufuswindows.top%2F&rl=&if=false&ts=1674632827836&sw=1600&sh=1200&v=2.9.94&r=stable&ec=0&o=30&fbp=fb.1.1674632827836.251838582&it=1674632827290&coo=false&dpo=&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 25 Jan 2023 07:47:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

7725e628c94c49c58e25abfd796aabe2
i.liadm.com/s/e/a-06u7/0/ Frame A00C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https://i.liadm.com/s/e/a-06u7/0/7725e628c94c49c58e25abfd796aabe2?mpid%3D7156%26muid%3D%5BMM_UUID%5D&e920046c-1783-4b49-9204-c22dcc6d63db&us_priva...
https://i.liadm.com/s/e/a-06u7/0/7725e628c94c49c58e25abfd796aabe2?mpid=7156&muid=26d863d0-de7c-4300-9c7f-5e193f1c5c05

43 B
274 B

118ms
118ms

Image
image/gif

3.229.71.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-06u7/0/7725e628c94c49c58e25abfd796aabe2?mpid=7156&muid=26d863d0-de7c-4300-9c7f-5e193f1c5c05

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06u7?s=&cim=&ps=true&ls=true&duid=6d08b1d759e3--01gqkya3g30tpv3hkp8dm9ksdf&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1YNY&

Protocol

HTTP/1.1

Server

3.229.71.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-71-248.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 25 Jan 2023 07:47:08 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

Date: Wed, 25 Jan 2023 07:47:08 GMT
Server: MT3 357 2feb0b5 master cdg-pixel-x31 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://i.liadm.com/s/e/a-06u7/0/7725e628c94c49c58e25abfd796aabe2?mpid=7156&muid=26d863d0-de7c-4300-9c7f-5e193f1c5c05
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 25 Jan 2023 07:47:07 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A00C 70 B
264 B 157ms
129ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1YNY
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06u7?s=&cim=&ps=true&ls=true&duid=6d08b1d759e3--01gqkya3g30tpv3hkp8dm9ksdf&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1YNY&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 25 Jan 2023 07:47:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame A00C
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=e920046c-1783-4b49-9204-c22dcc6d63db&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1YNY
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=e920046c-1783-4b49-9204-c22dcc6d63db&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1YNY
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=b7540a16-0123-4255-a040-42ad95c37ea6
https://x.bidswitch.net/sync?ssp=liveintent&user_id=e920046c-1783-4b49-9204-c22dcc6d63db
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=b7540a16-0123-4255-a040-42ad95c37ea6&ssp=liveintent&gdpr=&gdpr_consent=

43 B
641 B

264ms
139ms

Image
image/gif

35.190.90.30
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=b7540a16-0123-4255-a040-42ad95c37ea6&ssp=liveintent&gdpr=&gdpr_consent=
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06u7?s=&cim=&ps=true&ls=true&duid=6d08b1d759e3--01gqkya3g30tpv3hkp8dm9ksdf&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1YNY&
Protocol: H2
Server: 35.190.90.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.90.190.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Jan 2023 07:47:09 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=b7540a16-0123-4255-a040-42ad95c37ea6&ssp=liveintent&gdpr=&gdpr_consent=
Date: Wed, 25 Jan 2023 07:47:09 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

7725e628c94c49c58e25abfd796aabe2
i.liadm.com/s/e/a-06u7/0/ Frame A00C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=e920046c-1783-4b49-9204-c22dcc6d63db&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-06u7%2F0%2F7725e628c94c49c58e25abfd796aabe2%3Fmpid=82775&muid=$%7BDD_UUI...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=e920046c-1783-4b49-9204-c22dcc6d63db&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-06u7%2F0%2F7725e628c94c49c58e25abfd796aabe2%3Fmpid...
https://i.liadm.com/s/e/a-06u7/0/7725e628c94c49c58e25abfd796aabe2?mpid=82775

43 B
274 B

117ms
116ms

Image
image/gif

3.229.71.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-06u7/0/7725e628c94c49c58e25abfd796aabe2?mpid=82775

Requested by

Protocol

HTTP/1.1

Server

3.229.71.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-71-248.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 25 Jan 2023 07:47:08 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

DCS: dcs-prod-irl1-1-v045-0e6039550.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: wBq6I2fOScM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://i.liadm.com/s/e/a-06u7/0/7725e628c94c49c58e25abfd796aabe2?mpid=82775
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame A00C
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=e920046c-1783-4b49-9204-c22dcc6d63db&us_privacy=1YNY
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=e920046c-1783-4b49-9204-c22dcc6d63db&us_privacy=1YNY&rd=Y

43 B
602 B

203ms
202ms

Image
image/gif

23.203.125.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=e920046c-1783-4b49-9204-c22dcc6d63db&us_privacy=1YNY&rd=Y

Requested by

Protocol

Server

23.203.125.189 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-125-189.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Wed, 25 Jan 2023 07:47:08 GMT
pragma: no-cache
date: Wed, 25 Jan 2023 07:47:08 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=e920046c-1783-4b49-9204-c22dcc6d63db&us_privacy=1YNY&rd=Y
pragma: no-cache
date: Wed, 25 Jan 2023 07:47:08 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Wed, 25 Jan 2023 07:47:08 GMT

GET
H2 200 /
trc.taboola.com/sg/liveintent/1/cm/ Frame A00C 43 B
121 B 120ms
120ms Image
image/gif 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/liveintent/1/cm/?us_privacy=1YNY
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06u7?s=&cim=&ps=true&ls=true&duid=6d08b1d759e3--01gqkya3g30tpv3hkp8dm9ksdf&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1YNY&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 25 Jan 2023 07:47:07 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220079-HHN
server: nginx
x-timer: S1674632828.884831,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

35004
i6.liadm.com/s/ Frame A00C
Redirect Chain

https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__&us_privacy=1YNY
https://stags.bluekai.com/site/23178?id=1fwLaiuB8pL8okh8Frw6&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DF4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBS...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=F4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBSGU2CMYTJMRSGK4S7OV2WSZB5GFTHOTDBNF2UEODQJQ4G623IHBDHE5ZWEZSXQY3IMFXGOZJ5NRUXMZLJNZ2GK...
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=1fwLaiuB8pL8okh8Frw6&us_privacy=1YNY
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=1fwLaiuB8pL8okh8Frw6&us_privacy=1YNY&us_privacy=1YNY

43 B
436 B

373ms
118ms

Image
image/gif

2600:1f18:ed:550a:9dcf:c5fe:8372:efac
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=1fwLaiuB8pL8okh8Frw6&us_privacy=1YNY&us_privacy=1YNY

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:ed:550a:9dcf:c5fe:8372:efac Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 25 Jan 2023 07:47:09 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=1fwLaiuB8pL8okh8Frw6&us_privacy=1YNY&us_privacy=1YNY
Date: Wed, 25 Jan 2023 07:47:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 84BA 565 B
591 B 87ms
87ms Document
text/html 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://rufuswindows.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.5d17655f.1674632828.541edece
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Wed, 25 Jan 2023 07:47:08 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 3720219606691324

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
579 B 86ms
85ms Image
image/gif 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22page_title%22%3A%22Review%20Rufus%20Wainwright%20at%20the%20Orpheum%20%20Los%20Angeles%20Times%22%7D&tid=2613340406388&cb=1674632828076&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22pin_unauth%22%3A%22dWlkPU1UUmxNV015TWpVdE9UVmpaUzAwTlRkaUxXRmlZVE10T1dFNU9XUmxZemt3WXpjeA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Frufuswindows.top%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Jan 2023 07:47:08 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.5d17655f.1674632828.541ededb
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 5652149659913339
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET 92425c623934facef057b0cfe2e13f95.804b74156485fa32921225a2f519c09c.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 40ms
40ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=632456800236234&ev=Microdata&dl=https%3A%2F%2Frufuswindows.top%2F&rl=&if=false&ts=1674632828339&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Review%3A%20Rufus%20Wainwright%20at%20the%20Orpheum%20-%20Los%20Angeles%20Times%22%2C%22meta%3Adescription%22%3A%22This%20article%20was%20originally%20on%20a%20blog%20post%20platform%20and%20may%20be%20missing%20photos%2C%20graphics%20or%20links.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Review%3A%20Rufus%20Wainwright%20at%20the%20Orpheum%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fjpeg%22%2C%22og%3Aimage%3Aalt%22%3A%22LA%20Times%20logo%22%2C%22og%3Adescription%22%3A%22This%20article%20was%20originally%20on%20a%20blog%20post%20platform%20and%20may%20be%20missing%20photos%2C%20graphics%20or%20links.%20%22%2C%22og%3Asite_name%22%3A%22Los%20Angeles%20Times%22%2C%22og%3Atype%22%3A%22article%22%2C%22article%3Acontent_tier%22%3A%22metered%22%2C%22article%3Apublished_time%22%3A%222012-05-14T17%3A22%3A53%22%2C%22article%3Aopinion%22%3A%22false%22%2C%22article%3Asection%22%3A%22Pop%20%26%20Hiss%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.94&r=stable&ec=1&o=30&fbp=fb.1.1674632827836.251838582&it=1674632827290&coo=false&dpo=&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 25 Jan 2023 07:47:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 204 r.rnc
activate.platform.californiatimes.com/privacy/v1/b/ 0
106 B 41ms
40ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/privacy/v1/b/r.rnc?n=1&c=2715&i=8aru7h&p=latimes&s=14478&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjAyIiwiY2xpZW50SWQiOjI3MTUsInB1Ymxpc2hQYXRoIjoibGF0aW1lcyIsImluc3RhbmNlSWQiOiI4YXJ1N2giLCJwYWNrZXQiOjEsIm1vZGUiOiJlbmZvcmNlWgDyJ29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLMA8BlodHRwczovL3N0YXRpYy5jaGFydGJlYXQuY29tL2pzL3N1YnNjcmlwLwDicy5qcyIsInR5cGUiOiIXAHAiLCJzdGFymwCgNjc0NjMyODI2MOAAZWVuZCI6MRQAoDE4MSwic291cmM8ALBpbnNlcnRCZWZvcqAAAH0AIHVzBwExb2FksABAYXNvbq8A1F0sImRhdGFQYXR0ZXISALJsaXN0IjpbXSwiaWQAzzU0NDMyMjg0OTN9LOEAUiAyMmoBAn0AA_UACuEAIG11UAHCb25PYnNlcnZlckNMKQEfdOcAMD81MDDnAAiBLm50di5pby94AF8vbG9hZLYBE001ODk41QA3MzAwtgEP1QBCrzQ4NTU3NTMyNzTVAAfBYi1jb2RlLmxpYWRtmQKvYS0wNnU3Lm1pbt0AE042MDQz3QAnNzPdAA-TAjyvNjUxNTUyMTI1MtcASx801wAMD7QBQgXdAA9wAwjiYWpheC5hc3BuZXRjZG62AdBqYXgvalF1ZXJ5L2pxBwBvLTMuNi4wyAEXPjU4OXoDNzM3OcgBoGFwcGVuZENoaWxKBA9aBC2fNDY1ODU1MDA0xwEID-oARQ_bAQEI6gAP2wFCBfEAD48DGe9zeW5jLWNvbnRhaW5lcpMDFC4zN8sBPzQxNssBR584NDE3MDgwODaSAxgP2gAkDm0ECtoAD7sBQwThAB834QAH0WFtcGNpZC5nb29nbGWVAzN2MS-LCHNlcjpnZXRDqAj2HT9rZXk9QUl6YVN5QTY1bEVIVUVpeklzTnRsYk5vLWwySzE4ZFQ2ODBuc2FNFQgyeGhy6QYKEgguNjASAQEUAAUSCLJYSFJfTUFOQUdFUkEAAioHYGFsbG93ZcoDL3JlFAgbnzQwNDczODQ2MLoDCQ8OAfozd3d3GQKhLWFuYWx5dGljcyMCBg4ADwAKEz00NTWWBjc2MDXaAw9tBzxgNTkyODEypwUP-gIHD94AOB823gAMD94DQgXkAB815AAg_wFwbHVnaW5zL3VhL2xpbmtpFAoUTjY2MDHsAABLCQW4Aw_KATyfNDEzOTI5MjYwWggID8oBBg_mACcOawcZNuYAD9IBQgXsAA-RBggKsAU_ZGUvrwVSLjc1EQEBFAAF9wEPrwU-rzY1ODI2MTM4NDHfAgcPDQH6AAYDYHJlZGRpdOQKALsPz29tL2Fkcy9waXhlbIQJEz03MTCECT83MjSqBUl_MjQyMTM3NMMOCQ_aADQcN7oEC9oAD9QDQhQ14AAPpgUI8AJqcy5hZHNydnIub3JnL3VwX6UPUGVyLjEuQBIPYwcSPTcxMIUGTzcyNDhjB0efMjY3NDcwNjUyXQoID9kAMw-4AQEI2QAPuAFCBd8AHzh_BAcDaANwYWRzLXR3aZESAR4JP3V3dG4DFh4wlAIYNfIMD04HPGAzMDE4MDX1DA_WAEoPsgEACdYAD7IBQgXcAA-RAghxYS5xdW9yYacBb3FldmVudMMUFCA3Ma8KCsMUPzcyNsMUSY85NzY2MzA4NtwTCA_PACkPpAEACc8AD6QBQhQ11QAPhA0I_w5jb25uZWN0LmZhY2Vib29rLm5ldC9lbl9VUy9mYrQBHA1lDj83Mjm0AUifMjc1ODc1Mzg17QUID98AOQ_EAQAJ3wAPxAFCBeUAHzlEBAfyAGFtcGxpZnkub3V0YnJhae4Tf2NwL29idHAcBRYNNA4_NzI5ighJjzU2NzU2OTY4nAIID9gAMg-2AQEI2AAPtgFCFDXeAA_HEwjxBXNiLnNjb3JlY2FyZHJlc2VhcmNoKwXPYzIvNjAzNjQ2Mi9jMQUWHjHcBigzM30DD-gAQmAyNTMyMTTIAQ-eAgeTdHIuc25hcGNo1hrwTGNtL2k_cGlkPWRiZTYyNWFhLTdjZWQtNGUxZC04OTE4LTg4NzgyMTIzYWY5NyZ1X3Njc2lkPTA4ZjI5ODdiLWJjMjUtNDgyOS05MjQ1LWUxNTQ2OTg0ODIzYiYtAPYZbGlkPWFjZjRjY2RiLTZiNjUtNGY1NS05NDEzLTM5YTQ5NWEzZDgzYjUTU2lmcmFtCBsJOBNNNzQxOTIIARQABYkN_whIVE1MSUZSQU1FX1NFVEFUVFJJQlVURUQTM581NDI0Njg5NTb8AwgMXgEWcNgAonNlbmRCZWFjb26PAAvcAB4yGgMQNBQABdwAr1NFTkRCRUFDT04bFD1_NTIzMDUyMWwHCDNzYy3wCQCQBiFzY4oGD6kYFz03MTE6ET83NDLICk6fNDU4NzMwNDYyyAoIBs8TYXRpa3Rva_QDQmkxOG47DhEv6wAA-AP3FD9zZGtpZD1DN05IN1QyUkZQM0ZFSzNETjhCRyZsaWI9dHRx7QEBJh4P6QEBHjFFEk83NDM3rAxHjzU4MzQ4MDY34AEJDwUBXw_uAgAJBQEPIAVCBQsBD2QSCJF3ZWIuY2h0YmwJAlZ0cmFja9cBD9EXAz83NDOZBAAAFAAFvQMPIhI-jzQ0ODY0MzYxixsJD8sAuDxleHSWAU9hYmxlTwkVD48HAAG0AQWgAQ9vAkKfMjczOTQ2MjY0lQ0JkHNzZXRzLnJldjIcImVuayKvbWFzdGVyL3JlduIAFg9hBQAfNHEITp82NjUwNzY0MTVhBR1iYXBpL3YyYwUGXwMPIwcLLTYziBURNxQABcYBDyMHRZ8yNDg4NjY1NDTbDAgPQwUNAkAHIC9tEQzvTVdFMllXWTJZVGd6TVHjARQBJQYLhQ8K_wAPxQJDjzU0Mzc0NDM1hBgID_wAFO9pZGVudGlmeV9jNDgzMvcAFC01OIkjRzc2NjIwBw_kIDsQMqkiPzQwNSodCgURHA80CAMD7AEP8AAiLjYzOwwK8AAP5wFEfzUyMTQwNTQjDQlxLnBpbmltZxoHMGN0Ly8ND8YBFA_2CAEvNjZyJEifNTM0MTI4NDczQhkIH3PQACkOwQgK0AAPpgFCBdYAD1IGCAyDDL9jb25maWcvdG9wL-MNEQ_RARQuNDJzFwoBAQ--FT2PMjQ3MjM1NDmiEAgP-wBVD5IEAQjMAg_8AUIUMwEBD6IDCA0BAQ_dD5gfMvgEAQjiJQ_oBTsEzg8fN_cOCA9PAaoPpQIBCE8BD6UCQgVWAQ8RCgggY3R4BVJ0ZXJlc-4KoHVzZXIvP3RpZD31HtUzNDA0MDYzODgmY2I9My32Bzc3MjUmZGVwPTIlMkNQQUdFX0xPQUQ7Cg-aDQQuNzJJFQEUAAU0Cg-aDT6fNjEwOTEzODMzWQIIDwMB_wgBbxHwBT1wYWdldmlzaXQmZWQ9JTdCJTIyEwDwH190aXRsZSUyMiUzQSUyMlJldmlldyUyMFJ1ZnVzJTIwV2FpbndyaWdodCUyMGEFAPAGdGhlJTIwT3JwaGV1bSUyMCUyMExvKwBgQW5nZWxlCgAQVGswAFQAPzdEJoQCDhE2hAL_BjUlMkNFVkVOVF9UQUdTX0FCU0VOVIwCEA4zBxk34xMPjAI_fzU3MTkwNDV4LQkPjAIED4kByg69CQ-JAVUPRg0IDI8KMmxpYi8Oj2Y2MzA0ZDgzmwkUAYcJCykOCt8AD_sFQp80MzM3NTc3MTGcCggPABwCg3NpZ25hbHMvqQrwDjYzMjQ1NjgwMDIzNjIzND92PTIuOS45NCZyPXN09REGaQMPdTMGAuocCwQBHzhhFE-fNjE1NDg5NDY5BAEJDP8GdmN0Lmh0bWzXAA8CGQY9ODA35xE4ODE2SBcPJQk7nzM1NTgzOTgxN_kQCA1ABA_QABoNpR4L0AAPqwJCBdcAD6cBCCt0csEd8RBhY2hlZENsaWNrSWQ_bWFya2V0ZXJJZD11bmRlZmluly0PDTYNPTcyOcQSODgzM_UiD8EBO582NTQzMTYxNDeQCQgP6gBFDXoJC-oAD9sBQtA2NTQzMTYxNDc5fV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:08 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 25 Jan 2023 07:47:07 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 481ms
79ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 25 Jan 2023 07:47:09 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AD7C5496A69F48CA81C44AB23BBB2866 Ref B: PRG01EDGE0718 Ref C: 2023-01-25T07:47:10Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2 204 138002424.js Show response
bat.bing.com/p/action/ 0
117 B 210ms
210ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/138002424.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/latimes/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 25 Jan 2023 07:47:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8A2F7F0EF82F4C3D853C1716C3E9AD02 Ref B: PRG01EDGE0718 Ref C: 2023-01-25T07:47:10Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
360 B 290ms
290ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=138002424&Ver=2&mid=d96d50e7-d6fc-4743-8b47-d3ee05a225b0&sid=7978d4809c8411eda3248bb444b3333c&vid=7978fae09c8411ed9f5d1d235bfa033b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Review%3A%20Rufus%20Wainwright%20at%20the%20Orpheum%20-%20Los%20Angeles%20Times&p=https%3A%2F%2Frufuswindows.top%2F&r=&lt=1987&evt=pageLoad&sv=1&rn=485088

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 25 Jan 2023 07:47:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1BE112FD88DC4729A519817BDF0DF3A8 Ref B: PRG01EDGE0718 Ref C: 2023-01-25T07:47:10Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 r.rnc
activate.platform.californiatimes.com/privacy/v1/b/ 0
106 B 41ms
40ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/privacy/v1/b/r.rnc?n=2&c=2715&i=8aru7h&p=latimes&s=1576&d=8HB7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjAyIiwiY2xpZW50SWQiOjI3MTUsInB1Ymxpc2hQYXRoIjoibGF0aW1lcyIsImluc3RhbmNlSWQiOiI4YXJ1N2giLCJwYWNrZXQiOjIsIm1vZGUiOiJlbmZvcmNlWgDyJ29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLMA8yFodHRwczovL2kubGlhZG0uY29tL3MvYy9hLTA2dTc_cz0mY2ltPSZwcz10cnVlJmwIAPMyZHVpZD02ZDA4YjFkNzU5ZTMtLTAxZ3FreWEzZzMwdHB2M2hrcDhkbTlrc2RmJnBwaWQ9MCZldW5zPTAmY2k9MCY1AfMdPXNjLXYwLjIuMCZub3N5bmM9ZmFsc2UmbW9uaXRvckV4dGVybmFsU3luY3MbAPAQdXNfcHJpdmFjeT0xWU5ZJiIsInR5cGUiOiJpZnJhbfAA8AVzdGFydCI6MTY3NDYzMjgyNzQzMBsBF2QUALA5NTA4LCJzb3VyYzwA8AVhcHBlbmRDaGlsZCIsInN0YXR1c5gBIG9hEABgcmVhc29uQAGgXSwiZGF0YVBhdJoAAxIAsmxpc3QiOltdLCJpYwDPNTgzMTkyNTg4N30scgHlHzFyAQwxbXV0hQKvT2JzZXJ2ZXJDTHkBOR84eQEHgWJhdC5iaW5n7AIADQAmanNEAmJzY3JpcHSKAAhEAlszMDEwNNIAVzMwNTk2RAIP0gBCrzQ0Nzk0NzMxNjbSABRAcC9hY90Dvy8xMzgwMDI0MjQu4QATLDU5swFXMzA4MDPhAA8lAzyfNjExMTgyOTE02gBPHTW7AQraAA-7AULQNTYxMTE4MjkxOH1dfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rufuswindows.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 07:47:10 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 25 Jan 2023 07:47:09 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: edge.platform.latimes.com
URL: https://edge.platform.latimes.com/v1/personalize?meterKey=https%3A%2F%2Frufuswindows.top%2F&productCode=latspot

Domain: ca-times.brightspotcdn.com
URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/a649dec0e34796e15c5b3ab6aaa47f80.0af2a448f6d58f8dd85f039eba38b50f.woff2

Domain: ca-times.brightspotcdn.com
URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/04ea457b4ef54eb866e0c9b7b2c00d47.0173e1397f3e876c231fe162dd06864a.woff2

Domain: ca-times.brightspotcdn.com
URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/0b4bf778d33c6da2d0edf444eca73203.6f505bd99ff1b58341f6ac7abe7fc12a.woff2

Domain: ca-times.brightspotcdn.com
URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/6605bf21842727d7d172618bae189cf7.296bb6689af9a44513ffcc30e4f20962.woff2

Domain: ca-times.brightspotcdn.com
URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/f362a84427d749c5b801ac76a2f9f296.0c532721f81fc3dc5537f4f33e2023d8.woff2

Domain: ca-times.brightspotcdn.com
URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ed1ec5a818c15dbd32316b517a3f67f9.2f018e574646e3161e892c7ec2e54e6a.woff

Domain: ca-times.brightspotcdn.com
URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/c3954ff923c42062320b2dec4759b738.d6139d3cb0273e8325a2c8353e93daa3.woff

Domain: ca-times.brightspotcdn.com
URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/0b108af3bffa5b36f1b43ed7786f06ff.54c613d10c247445c7515f29cb89feee.woff

Domain: ca-times.brightspotcdn.com
URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/dbbba3c707902adde2d3f9346d53c79f.509f59ddb35a4959a6bf4880fc8d917e.woff

Domain: ca-times.brightspotcdn.com
URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/a554777027e6a2531362bdb482bc4015.0793a910a84e62f91b0b4e296bd3f958.woff

Domain: edge.platform.latimes.com
URL: https://edge.platform.latimes.com/v1/personalize?meterKey=https%3A%2F%2Frufuswindows.top%2F&productCode=latspot

Domain: edge.platform.latimes.com
URL: https://edge.platform.latimes.com/v1/personalize?meterKey=https%3A%2F%2Frufuswindows.top%2F&productCode=latspot

Domain: ca-times.brightspotcdn.com
URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/92425c623934facef057b0cfe2e13f95.804b74156485fa32921225a2f519c09c.woff2

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 09:11:59	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
i.liadm.com/s	1970-01-20 09:53:44	Name: _li_ss Value: CjoKBQgKEJoUCgUIeRCaFAoFCAYQmhQKBgiBARCaFAoFCAwQpBQKBQgLEJoUCgYIiwEQmhQKBQh-EJoU
rufuswindows.top/	1969-12-31 23:59:59	Name: ntvSession Value: {}
rufuswindows.top/	1970-01-20 17:56:08	Name: ntv_as_us_privacy Value: 1YNY
.rufuswindows.top/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .rufuswindows.top
.rufuswindows.top/	1970-01-20 18:46:32	Name: _lc2_fpi Value: 6d08b1d759e3--01gqkya3g30tpv3hkp8dm9ksdf
.postrelease.com/	1970-01-20 17:56:08	Name: opt_out Value: 1
.rufuswindows.top/	1970-01-20 18:46:32	Name: _ga_FB5D97VJNM Value: GS1.1.1674632826.1.0.1674632826.0.0.0
.liadm.com/	1970-01-20 18:46:32	Name: lidid Value: e920046c-1783-4b49-9204-c22dcc6d63db
.rufuswindows.top/	1970-01-20 09:10:36	Name: AMP_TOKEN Value: %24NOT_FOUND
.rufuswindows.top/	1970-01-20 18:46:32	Name: _ga Value: GA1.2.1747098397.1674632827
.rufuswindows.top/	1970-01-20 09:11:59	Name: _gid Value: GA1.2.792052712.1674632827
.rufuswindows.top/	1970-01-20 11:20:08	Name: _rdt_uuid Value: 1674632827244.6f734d7a-c0e3-476a-8931-3ef34e24129c
.rufuswindows.top/	1970-01-20 11:20:08	Name: _gcl_au Value: 1.1.234807164.1674632827
.tiktok.com/	1970-01-20 18:32:08	Name: _ttp Value: 2KoF3FXHLdazhoTxFJLK22ANcI0
.rufuswindows.top/	1969-12-31 23:59:59	Name: _schn Value: _5mkdzz
.rufuswindows.top/	1970-01-20 18:40:19	Name: _scid Value: 3dd84080-bad6-4ef0-9ec4-807d0fe65684
rufuswindows.top/	1970-01-20 09:10:32	Name: _liChk Value: 0.018093571522356244
rufuswindows.top/	1970-01-20 17:56:08	Name: _wchtbl_uid Value: c7a73735-fa14-4ee6-9a75-1848aee62ef4
rufuswindows.top/	1969-12-31 23:59:59	Name: _wchtbl_sid Value: 1bb2a9df-a9be-4dfc-8082-4c433cd3d19a
.t.co/	1970-01-20 18:46:32	Name: muc_ads Value: a217f850-2bf8-456f-8802-7b26f7b10eb7
.twitter.com/	1970-01-20 18:46:32	Name: personalization_id Value: "v1_xbvUScEkWtH2c/jhUshFkw=="
.rufuswindows.top/	1970-01-20 18:32:08	Name: _tt_enable_cookie Value: 1
.rufuswindows.top/	1970-01-20 18:32:08	Name: _ttp Value: JwVwL4r09cxKR-1P8SUIE02a8yD
.snapchat.com/	1970-01-20 18:32:08	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIAgDsItIAGHoOTORKzjelprJSgjTtgS8hQst1w/PVet4OmOowPLtNfoBZu7wezIAAAA=
.doubleclick.net/	1970-01-20 09:10:33	Name: test_cookie Value: CheckForPermission
.rufuswindows.top/	1970-01-20 11:20:08	Name: _fbp Value: fb.1.1674632827836.251838582
rufuswindows.top/	1970-01-20 09:10:36	Name: _wchtbl_do_not_process Value: 1
rufuswindows.top/	1970-01-20 09:10:36	Name: _wchtbl_pixel_sync Value: 0
.rufuswindows.top/	1970-01-20 17:56:08	Name: _pin_unauth Value: dWlkPU1UUmxNV015TWpVdE9UVmpaUzAwTlRkaUxXRmlZVE10T1dFNU9XUmxZemt3WXpjeA
.mathtag.com/	1970-01-20 18:36:28	Name: uuid Value: 26d863d0-de7c-4300-9c7f-5e193f1c5c05
.ct.pinterest.com/	1970-01-20 17:56:08	Name: _pinterest_ct_ua Value: "TWc9PSZVcFlPK0hWMWh2MWp0QTRsbDZGZzd2Zk9UbnVjaHJ0Smd3UjljalVyaGtidENTajBVYVlvZUtwYUZTU1FIRWxFa2ZHaGdrQTVJUmFJSmRnODVrdVhhYXQ0Ui9jYW1rZ2hjNmZiRUNucG85az0mcHViMjdMNFgrR1hMWkJjMDZpak9zNkJjWmVnPQ=="
.demdex.net/	1970-01-20 13:29:44	Name: demdex Value: 21170604256811597104287737340492904431
.dpm.demdex.net/	1970-01-20 13:29:44	Name: dpm Value: 21170604256811597104287737340492904431
.addthis.com/	1970-01-20 18:40:47	Name: na_id Value: 2023012507470800011036724114
.addthis.com/	1970-01-20 18:40:47	Name: na_tc Value: Y
.addthis.com/	1970-01-20 18:40:47	Name: uid Value: 63d0de7cebb56162
.addthis.com/	1970-01-20 18:40:47	Name: ouid Value: 63d0de7c000102eef72bdca3653cf9aa3b35fa70ea46cb18b7b0
rufuswindows.top/	1970-01-20 09:10:33	Name: outbrain_cid_fetch Value: true
.zemanta.com/	1970-01-20 17:56:08	Name: zuid Value: 1fwLaiuB8pL8okh8Frw6
.dlx.addthis.com/	1970-01-20 09:53:44	Name: na_sc_x Value: 1
.bidswitch.net/	1970-01-20 17:56:08	Name: tuuid Value: b7540a16-0123-4255-a040-42ad95c37ea6
.bidswitch.net/	1970-01-20 17:56:08	Name: c Value: 1674632828
.bidswitch.net/	1970-01-20 17:56:08	Name: tuuid_lu Value: 1674632828
.bluekai.com/	1970-01-20 13:31:11	Name: bku Value: ikG99cpK6sBcvSAb
.bluekai.com/	1970-01-20 13:31:11	Name: bkpa Value: KJyWy1rrGM9R9mY73DLB4hcjZ1AQdSFx63A+xIkZQLCWTMPzMFWXd4kVRp2NvbeOJFfP7f4Odf5GIMZJU0JIUiXher2G1UE74+CKorANWF3q9On9DpOIcrl0rfLlMbkj+LXf9jpcqCQdM8R97Z8p5tNb9+Qt+2roSSXWAa9XW8oibYGMgYhxPyKSvPZTYQuNsc3q06HpFSARYYSwhMac1bAMSNHiK9AfV5+1cQlwxfBH4bW0wkkp+c+k6bH9vJkv5SjecQW2fJB6p2SIR+TTU5meH1KPp2qaLUEuibpyycB3uIqOzDKN0AG7S8cIRjc5PqAuqeswdN8ed2V67tNxadUw9e2iUV/=
.mookie1.com/	1970-01-20 18:39:20	Name: id Value: 10593873704406731072
.mookie1.com/	1970-01-20 18:39:20	Name: mdata Value: 1\|10593873704406731072\|1674632829437
.mookie1.com/	1970-01-20 18:39:20	Name: ov Value: eb46e8f778ac159ff53b2dabe3a0e848
.rufuswindows.top/	1970-01-20 09:11:59	Name: _uetsid Value: 7978d4809c8411eda3248bb444b3333c
.rufuswindows.top/	1970-01-20 18:32:08	Name: _uetvid Value: 7978fae09c8411ed9f5d1d235bfa033b
.bing.com/	1970-01-20 18:32:08	Name: MUID Value: 0D6D356C5942657600C527C858B36499
.bat.bing.com/	1970-01-20 09:20:37	Name: MR Value: 0

28 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://rufuswindows.top/ Message: Access to fetch at 'https://edge.platform.latimes.com/v1/personalize?meterKey=https%3A%2F%2Frufuswindows.top%2F&productCode=latspot' from origin 'https://rufuswindows.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://edge.platform.latimes.com/v1/personalize?meterKey=https%3A%2F%2Frufuswindows.top%2F&productCode=latspot Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rufuswindows.top/ Message: Access to font at 'https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/6605bf21842727d7d172618bae189cf7.296bb6689af9a44513ffcc30e4f20962.woff2' from origin 'https://rufuswindows.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/6605bf21842727d7d172618bae189cf7.296bb6689af9a44513ffcc30e4f20962.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rufuswindows.top/ Message: Access to font at 'https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/0b4bf778d33c6da2d0edf444eca73203.6f505bd99ff1b58341f6ac7abe7fc12a.woff2' from origin 'https://rufuswindows.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/0b4bf778d33c6da2d0edf444eca73203.6f505bd99ff1b58341f6ac7abe7fc12a.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rufuswindows.top/ Message: Access to font at 'https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/04ea457b4ef54eb866e0c9b7b2c00d47.0173e1397f3e876c231fe162dd06864a.woff2' from origin 'https://rufuswindows.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/04ea457b4ef54eb866e0c9b7b2c00d47.0173e1397f3e876c231fe162dd06864a.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rufuswindows.top/ Message: Access to font at 'https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/f362a84427d749c5b801ac76a2f9f296.0c532721f81fc3dc5537f4f33e2023d8.woff2' from origin 'https://rufuswindows.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/f362a84427d749c5b801ac76a2f9f296.0c532721f81fc3dc5537f4f33e2023d8.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rufuswindows.top/ Message: Access to font at 'https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/a649dec0e34796e15c5b3ab6aaa47f80.0af2a448f6d58f8dd85f039eba38b50f.woff2' from origin 'https://rufuswindows.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/a649dec0e34796e15c5b3ab6aaa47f80.0af2a448f6d58f8dd85f039eba38b50f.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rufuswindows.top/ Message: Access to font at 'https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ed1ec5a818c15dbd32316b517a3f67f9.2f018e574646e3161e892c7ec2e54e6a.woff' from origin 'https://rufuswindows.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/ed1ec5a818c15dbd32316b517a3f67f9.2f018e574646e3161e892c7ec2e54e6a.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rufuswindows.top/ Message: Access to font at 'https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/dbbba3c707902adde2d3f9346d53c79f.509f59ddb35a4959a6bf4880fc8d917e.woff' from origin 'https://rufuswindows.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/dbbba3c707902adde2d3f9346d53c79f.509f59ddb35a4959a6bf4880fc8d917e.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rufuswindows.top/ Message: Access to font at 'https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/0b108af3bffa5b36f1b43ed7786f06ff.54c613d10c247445c7515f29cb89feee.woff' from origin 'https://rufuswindows.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/0b108af3bffa5b36f1b43ed7786f06ff.54c613d10c247445c7515f29cb89feee.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rufuswindows.top/ Message: Access to font at 'https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/c3954ff923c42062320b2dec4759b738.d6139d3cb0273e8325a2c8353e93daa3.woff' from origin 'https://rufuswindows.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/c3954ff923c42062320b2dec4759b738.d6139d3cb0273e8325a2c8353e93daa3.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rufuswindows.top/ Message: Access to font at 'https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/a554777027e6a2531362bdb482bc4015.0793a910a84e62f91b0b4e296bd3f958.woff' from origin 'https://rufuswindows.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/a554777027e6a2531362bdb482bc4015.0793a910a84e62f91b0b4e296bd3f958.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rufuswindows.top/ Message: Access to fetch at 'https://edge.platform.latimes.com/v1/personalize?meterKey=https%3A%2F%2Frufuswindows.top%2F&productCode=latspot' from origin 'https://rufuswindows.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://edge.platform.latimes.com/v1/personalize?meterKey=https%3A%2F%2Frufuswindows.top%2F&productCode=latspot Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rufuswindows.top/ Message: Access to fetch at 'https://edge.platform.latimes.com/v1/personalize?meterKey=https%3A%2F%2Frufuswindows.top%2F&productCode=latspot' from origin 'https://rufuswindows.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://edge.platform.latimes.com/v1/personalize?meterKey=https%3A%2F%2Frufuswindows.top%2F&productCode=latspot Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rufuswindows.top/ Message: Access to font at 'https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/92425c623934facef057b0cfe2e13f95.804b74156485fa32921225a2f519c09c.woff2' from origin 'https://rufuswindows.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/92425c623934facef057b0cfe2e13f95.804b74156485fa32921225a2f519c09c.woff2 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

68547f8f-2fd8-4ff3-9b63-51e86e2edee8.edge.permutive.app
a.quora.com
activate.platform.californiatimes.com
ajax.aspnetcdn.com
alb.reddit.com
ampcid.google.com
ampcid.google.de
amplify.outbrain.com
analytics.tiktok.com
analytics.twitter.com
assets.revcontent.com
b-code.liadm.com
b1sync.zemanta.com
bat.bing.com
ca-times.brightspotcdn.com
cdn.confiant-integrations.net
cdn.embed.ly
connect.facebook.net
ct.pinterest.com
dpm.demdex.net
edge.platform.latimes.com
ext.chtbl.com
googleads.g.doubleclick.net
i.liadm.com
i6.liadm.com
insight.adsrvr.org
jadserve.postrelease.com
js.adsrvr.org
libs.platform.californiatimes.com
match.adsrvr.org
micro.rubiconproject.com
odr.mookie1.com
q.quora.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
rufuswindows.top
s.ntv.io
s.pinimg.com
sb.scorecardresearch.com
sc-static.net
securepubads.g.doubleclick.net
ssor.platform.californiatimes.com
stags.bluekai.com
static.ads-twitter.com
static.chartbeat.com
sync.mathtag.com
t.co
tr.outbrain.com
tr.snapchat.com
trc.taboola.com
web.chtbl.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.redditstatic.com
x.bidswitch.net
x.dlx.addthis.com
ca-times.brightspotcdn.com
edge.platform.latimes.com
104.16.89.50
104.244.42.3
104.244.42.69
13.227.219.52
13.227.222.181
146.75.116.157
151.139.128.10
152.199.4.33
162.159.152.17
18.203.36.235
18.207.63.238
18.66.15.88
185.29.134.244
2.23.97.99
2001:4860:4802:32::36
23.199.214.41
23.203.125.189
23.203.125.44
23.203.125.62
23.62.220.203
2600:1f18:730:b150:45ed:3b73:d151:5773
2600:1f18:ed:550a:9dcf:c5fe:8372:efac
2600:9000:206f:1200:0:cc59:3900:93a1
2600:9000:21c7:9e00:a:b27c:d040:93a1
2600:9000:21c7:e000:8:8845:1500:93a1
2600:9000:2304:5600:18:1fcd:351:7bc1
2606:4700::6812:116b
2606:4700::6812:af
2620:1ec:c11::200
2a00:1450:4001:809::200e
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:82b::2003
2a00:1450:400d:806::2008
2a00:1450:400d:80a::2004
2a00:1450:400d:80a::200e
2a00:1450:400d:80d::2002
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::396
2a04:4e42:41::84
2a04:4e42:600::300
2a04:4e42::396
3.124.119.57
3.220.15.152
3.229.71.248
3.33.220.150
34.254.165.240
35.190.43.134
35.190.90.30
35.212.133.238
52.222.139.45
52.222.139.97
64.202.112.31
65.9.86.252
66.225.223.127
89.208.103.174
0643960c81921ff9b32a23ed7a72aabc32afe1ae203d1adb373f904884dcd443
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
18bba2466b5c1992644aaa326fddb95bf0ebedc2ac35acd297cbd6000892fc76
1bc446075ff76a8796ee2d5fd2713895732438158e76f3d6267e9097eb02f8f5
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
2451dcfbd8c35bf3d1459fc3095b1cc2fc5464139cb3185a4582703ee2198fe6
27d31aeec6cb6f445b47a3b08ff16aa6d7b521100b56adb244d9d53d37fd8a94
27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308
2da180fc671e2cf178fa18883e4f1f1da6f33eb1a78591e0eeea1d6050db9256
3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195
35f36c1f3089028b9138168895550d14c0e81c360f9bd8ee0dfa13d7c76f127a
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
48b1ab2218918913e92bb76ce38614fdc7b8a0e2ce7c3810332f7acd6ae6e4f1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57e91fbfd505ebb6d87e966ae361a966d0bd4373511af8a30ddb8520bb00f74b
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59fd6c10818b043145b003808c28ebc4b8cdd0b06f9f2718e78817c2a1f5eef6
5b5cddfbbacc3608485b29cfc8ee8b4087c24d184db0bc6dde21f9d774a79728
62879c942f0c1228880805420363bd4c3907b9a7494a9bba7a03bf358ca0017c
723dc395f4dec1199087c9aa0128e01190464f4d01f5d90e03ad3fc16a48ccfb
730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97
778fe5d94d9e6ae7aeb496cc91d4174160702082005d7e76eb339412faf8ba30
79e66558ee620ce57bc0a6be17a96c32074065e763b49f0be5551799623943a4
7baf4ac1cb2adf82ed9e88c9fa1b22f8ea22e14cf2aa24e9936c6578515e70ae
810e3d95494b6c3f643113670c5f4e9db5d8fcf3d8cfcf18b1657bf84ad942a7
894694eee28fc463a83875d519e70afaf5f40ac7c042d6114c4ee86d156b4067
8b99cd4a319c48669c778f51eb674ffbf240e726a3b62f6e26704c05946fb7aa
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9971c9d985027d9c86b08ee4b5821e00e9530195f9efd9dd60df0fd983912499
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a15bef5551f730c8269a1cba57c370099d559defd996193c80a477c411081ca2
a1c9a21ede44774a26110c312c2c5398e074132f6e243011c15b4bfd660702ab
aacfea800a59766fdd3672fad8e5eba13abae2dab105014fc9214cb0c1409925
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afef269d37ac9cde8e07092dc1247b980d19dcd1292ce5069561a4702867c2b1
b4c4d6e2eb0bb133f62c1bdd9f5192717d9c6d4fad559132f1b5e55d06daca9c
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2
bb30148d9df7671c14f2cd5be91e6b7a1488932efb740a80b66f39052744c168
c0feb5d51eaf2c4ebb556b31e61cd7afa81a5dbf54e6132fb02a1d8946e7c631
c2bed617e481fdfc2605cc523da09e38450b5d2ec98cba16e4977bb2371fd61c
c4f8404b2bf35e9a5ad44252d596bca4e2338cf2b5291ad95fb83ab355957633
c6a2acafca2240ed410b27b91023f58e3a9196bad947f6b0ddd2aebde99cb5c3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ccdf5c82d2bfbd49155fb4391e5d586ae9c72c9178ba35873ec4a1eda45c63d5
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
daf842fc24f3934560a1f8338e8e4efcbc7ec7e4393a3360cad7c0bdd43e2aad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b8f6571081392afd877aa87818670441131e241acb3d0b3b23615110e865f1
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eeaee37caa31e2e5b892c4636cdfa39cebf07c4b45db1dee46cfa8af1980329a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f08f0e4c32e27814144956e0ce5ada45ccee6e26474ffbe8b8b3193e89df517d
f77ca6b70a43a4b6d5f95245fae73e7e7209bb347e68165c0942cc09fd5a1464
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fa42d02480f27fd0a8768e025d5033abf291c0df6391f25074faf80fa58c422c
fa782f590a4f24c6e67e882211c49e9ea5320514dfd0986ebf48c8b1d4455fca
fe08ffaa1969ea9be580555c0a07736bcd0b1f1338e03f063e8f176f289c68e1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

rufuswindows.top Open in urlscan Pro 89.208.103.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

129 Requests

83 %HTTPS

42 %IPv6

45 Domains

60 Subdomains

53 IPs

6 Countries

1922 kBTransfer

5783 kBSize

53 Cookies

30 Outgoing links

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rufuswindows.top Open in urlscan Pro
89.208.103.174 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

83 %
HTTPS

42 %
IPv6

45
Domains

60
Subdomains

53
IPs

6
Countries

1922 kB
Transfer

5783 kB
Size

53
Cookies

129 HTTP transactions
0 data transactions