urlscan.io logo urlscan.io
SecurityTrails logo

www.ntd.com Open in urlscan Pro
2606:4700::6812:181e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Effective URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Submission: On November 23 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 70 IPs in 9 countries across 70 domains to perform 279 HTTP transactions. The main IP is 2606:4700::6812:181e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ntd.com. The Cisco Umbrella rank of the primary domain is 825587.
TLS certificate: Issued by E1 on October 8th 2023. Valid for: 3 months.
This is the only time www.ntd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 39 2606:4700::68... 13335 (CLOUDFLAR...)
15 23.12.144.101 20940 (AKAMAI-ASN1)
1 34.107.251.162 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
12 136.243.66.182 24940 (HETZNER-AS)
3 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
4 52.85.107.191 16509 (AMAZON-02)
2 34.120.97.157 396982 (GOOGLE-CL...)
5 34.110.129.224 396982 (GOOGLE-CL...)
1 52.218.205.56 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 18.160.10.17 16509 (AMAZON-02)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 3.161.212.32 16509 (AMAZON-02)
1 185.89.208.11 29990 (ASN-APPNEX)
2 3.213.126.75 14618 (AMAZON-AES)
2 2602:803:c002... 26667 (RUBICONPR...)
4 19 51.222.39.186 16276 (OVH)
6 15 68.67.179.155 29990 (ASN-APPNEX)
4 19 172.64.151.101 13335 (CLOUDFLAR...)
1 2600:9000:215... 16509 (AMAZON-02)
2 23 52.46.143.56 16509 (AMAZON-02)
6 6 2606:ae80:145... 25751 (VALUECLICK)
3 185.162.95.70 41722 (MIRAN-AS ...)
2 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 3.215.46.21 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 4 35.211.178.172 19527 (GOOGLE-2)
2 2 50.16.62.247 14618 (AMAZON-AES)
3 3 52.87.69.135 14618 (AMAZON-AES)
1 1 2600:9000:215... 16509 (AMAZON-02)
1 1 35.236.220.17 396982 (GOOGLE-CL...)
1 1 35.208.249.213 19527 (GOOGLE-2)
1 1 69.166.1.34 27630 (AS-XFERNET)
1 4 35.244.159.8 15169 (GOOGLE)
6 34.225.212.107 14618 (AMAZON-AES)
6 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 52.1.31.170 14618 (AMAZON-AES)
4 104.72.158.153 16625 (AKAMAI-AS)
4 6 3.225.218.10 14618 (AMAZON-AES)
1 3 2600:1f18:4e9... 14618 (AMAZON-AES)
14 14 52.223.40.198 16509 (AMAZON-02)
10 16 142.251.16.156 15169 (GOOGLE)
4 104.18.38.76 13335 (CLOUDFLAR...)
2 151.101.129.108 54113 (FASTLY)
21 38 8.43.72.98 26667 (RUBICONPR...)
2 8 63.251.86.51 32475 (SINGLEHOP...)
2 4 34.111.113.62 396982 (GOOGLE-CL...)
9 10 199.127.204.142 26120 (RHYTHMONE)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
2 2 69.173.151.100 26667 (RUBICONPR...)
2 18.213.154.57 14618 (AMAZON-AES)
2 2 74.121.140.211 30419 (MEDIAMATH...)
1 3 213.19.162.80 3356 (LEVEL3)
2 2 63.251.28.133 13789 (INTERNAP-...)
2 23.83.76.85 395954 (LEASEWEB-...)
2 8.28.7.82 62713 (AS-PUBMATIC)
1 2 34.228.100.56 14618 (AMAZON-AES)
1 1 34.231.99.255 14618 (AMAZON-AES)
2 2 3.214.253.15 14618 (AMAZON-AES)
1 2 74.119.119.150 19750 (AS-CRITEO)
1 1 199.38.167.130 54312 (ROCKETFUEL)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
4 4 185.167.164.43 198622 (ADFORM)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 54.84.191.206 14618 (AMAZON-AES)
1 52.95.122.74 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 2600:9000:201... 16509 (AMAZON-02)
1 1 2600:9000:215... 16509 (AMAZON-02)
1 52.85.132.15 16509 (AMAZON-02)
1 147.28.129.140 54825 (PACKET)
1 1 54.159.72.222 14618 (AMAZON-AES)
1 104.97.85.51 20940 (AKAMAI-ASN1)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
1 34.149.50.64 15169 (GOOGLE)
1 1 192.132.33.69 18568 (BIDTELLECT)
1 1 52.86.174.189 14618 (AMAZON-AES)
1 1 35.244.154.8 15169 (GOOGLE)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 54.85.125.66 14618 (AMAZON-AES)
1 34.107.140.113 396982 (GOOGLE-CL...)
1 44.214.40.113 14618 (AMAZON-AES)
1 2 54.71.111.90 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
279 70
39    2606:4700::6812:181e (United States)

ASN13335 (CLOUDFLARENET, US)
ntd.com
www.ntd.com
15    23.12.144.101 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-12-144-101.deploy.static.akamaitechnologies.com
i.ntd.com
1    34.107.251.162 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 162.251.107.34.bc.googleusercontent.com
subs.epochbase.com
2    2607:f8b0:4004:c1d::5d (Washington, United States)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2607:f8b0:4004:c0b::6a (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google.com
12    136.243.66.182 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mixi.media
mixi.media
static.mixi.media
stat.mixi.media
static6.mixi.media
static3.mixi.media
static8.mixi.media
3    2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2607:f8b0:4004:c17::9d (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
securepubads.g.doubleclick.net
4    52.85.107.191 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-107-191.yul62.r.cloudfront.net
c.amazon-adsystem.com
2    34.120.97.157 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 157.97.120.34.bc.googleusercontent.com
sc.youmaker.com
5    34.110.129.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.129.110.34.bc.googleusercontent.com
pwe.epochbase.com
1    52.218.205.56 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
2    2607:f8b0:4004:c06::8b (Washington, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    18.160.10.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-17.iad12.r.cloudfront.net
config.aps.amazon-adsystem.com
4    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    3.161.212.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-212-32.yul62.r.cloudfront.net
aax.amazon-adsystem.com
1    185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net
prebid.adnxs.com
2    3.213.126.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-126-75.compute-1.amazonaws.com
exchange.postrelease.com
2    2602:803:c002:200::41 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
19    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
15    68.67.179.155 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
19    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    2600:9000:215f:3a00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
23    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
6    2606:ae80:1451:11::2010 (United States)

ASN25751 (VALUECLICK, US)
prebid-match.dotomi.com
stx-match.dotomi.com
casale-match.dotomi.com
3    185.162.95.70 (St Petersburg, Russian Federation)

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: sm-server1-1.smir12.imcmdb.net
stat.media
2    2606:4700:e6::ac40:ca07 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.epoch.cloud
1    2600:1f18:730:b120:c62f:9488:7811:a2e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    3.215.46.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-46-21.compute-1.amazonaws.com
rp4.liadm.com
1    2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)
2ff71852cc4cef8a8b53f22056c9474a.safeframe.googlesyndication.com
2    2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    50.16.62.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-62-247.compute-1.amazonaws.com
ad.360yield.com
3    52.87.69.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-69-135.compute-1.amazonaws.com
match.prod.bidr.io
1    2600:9000:215f:0:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
6    34.225.212.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-212-107.compute-1.amazonaws.com
match.sharethrough.com
6    2607:f8b0:4004:c17::9b (Washington, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
www.googletagservices.com
5    2607:f8b0:4004:c1d::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    52.1.31.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-31-170.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
4    104.72.158.153 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-72-158-153.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
3    2600:1f18:4e9:5a05:37a8:24af:759b:4c92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
14    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
16    142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
cm.g.doubleclick.net
4    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
38    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
8    63.251.86.51 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
ce.lijit.com
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
10    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    18.213.154.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-154-57.compute-1.amazonaws.com
ads.yieldmo.com
2    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    213.19.162.80 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
2    63.251.28.133 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
2    23.83.76.85 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
ssbsync-global.smartadserver.com
2    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    34.228.100.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-100-56.compute-1.amazonaws.com
dpm.demdex.net
1    34.231.99.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-99-255.compute-1.amazonaws.com
um4.eqads.com
2    3.214.253.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-253-15.compute-1.amazonaws.com
i.liadm.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
4    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    54.84.191.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-191-206.compute-1.amazonaws.com
idx.liadm.com
1    52.95.122.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2600:9000:201e:4200:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    2600:9000:215f:ee00:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    52.85.132.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-15.iad50.r.cloudfront.net
sync1.intentiq.com
1    147.28.129.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    54.159.72.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-72-222.compute-1.amazonaws.com
sync.ipredictive.com
1    104.97.85.51 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-97-85-51.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    192.132.33.69 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 69.bidtellect.com
bttrack.com
1    52.86.174.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-174-189.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2600:1f18:ed:550a:3df5:cbd:6b19:ec2c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    54.85.125.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-125-66.compute-1.amazonaws.com
cs.minutemedia-prebid.com
1    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
1    44.214.40.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-214-40-113.compute-1.amazonaws.com
exchange.mediavine.com
2    54.71.111.90 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-111-90.us-west-2.compute.amazonaws.com
p.alocdn.com
4    2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700:20::681a:27a (United States)

ASN13335 (CLOUDFLARENET, US)
a.remarketstats.com
2    2606:4700:20::ac43:4acf (United States)

ASN13335 (CLOUDFLARENET, US)
a.clickcertain.com
Apex Domain
Subdomains		 Transfer
54 ntd.com
ntd.com — Cisco Umbrella Rank: 578082
www.ntd.com — Cisco Umbrella Rank: 825587
i.ntd.com — Cisco Umbrella Rank: 791752
5 MB
49 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
eus.rubiconproject.com — Cisco Umbrella Rank: 602
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2394
token.rubiconproject.com — Cisco Umbrella Rank: 458
58 KB
31 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
88 KB
24 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
164 KB
19 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
dsum.casalemedia.com — Cisco Umbrella Rank: 1396
12 KB
19 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
9 KB
18 adnxs.com
prebid.adnxs.com — Cisco Umbrella Rank: 1633
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
secure.adnxs.com — Cisco Umbrella Rank: 495
46 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
data.adsrvr.org — Cisco Umbrella Rank: 5710
5 KB
12 mixi.media
mixi.media — Cisco Umbrella Rank: 47328
static.mixi.media — Cisco Umbrella Rank: 99947
stat.mixi.media — Cisco Umbrella Rank: 60756
static6.mixi.media — Cisco Umbrella Rank: 76848
static3.mixi.media — Cisco Umbrella Rank: 70500
static8.mixi.media — Cisco Umbrella Rank: 77286
417 KB
10 googlesyndication.com
2ff71852cc4cef8a8b53f22056c9474a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
459 KB
9 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
3 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
ce.lijit.com — Cisco Umbrella Rank: 882
8 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
4 KB
7 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3063
rp.liadm.com — Cisco Umbrella Rank: 1574
rp4.liadm.com — Cisco Umbrella Rank: 6581
i.liadm.com — Cisco Umbrella Rank: 539
idx.liadm.com — Cisco Umbrella Rank: 2376
i6.liadm.com — Cisco Umbrella Rank: 2731
18 KB
6 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
2 KB
6 dotomi.com
prebid-match.dotomi.com — Cisco Umbrella Rank: 2253
stx-match.dotomi.com — Cisco Umbrella Rank: 2265
casale-match.dotomi.com — Cisco Umbrella Rank: 3027
2 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
430 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 157
36 KB
6 epochbase.com
subs.epochbase.com — Cisco Umbrella Rank: 268548
pwe.epochbase.com — Cisco Umbrella Rank: 70606
79 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
2 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
2 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1531
3 KB
4 openx.net
u.openx.net — Cisco Umbrella Rank: 659
us-u.openx.net — Cisco Umbrella Rank: 522
2 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
2 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 903
48 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
1 KB
3 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5555
ads.yieldmo.com — Cisco Umbrella Rank: 657
2 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
1 KB
3 stat.media
stat.media — Cisco Umbrella Rank: 36500
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
152 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
231 KB
2 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 7633
3 KB
2 alocdn.com
p.alocdn.com — Cisco Umbrella Rank: 7036
971 B
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
523 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 886
sync1.intentiq.com — Cisco Umbrella Rank: 2801
2 KB
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 597
893 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
1 KB
2 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 662
82 B
2 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1511
150 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 781
652 B
2 epoch.cloud
cdn.epoch.cloud — Cisco Umbrella Rank: 87631
175 KB
2 postrelease.com
exchange.postrelease.com — Cisco Umbrella Rank: 4810
779 B
2 youmaker.com
sc.youmaker.com — Cisco Umbrella Rank: 82661
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 68
69 KB
1 remarketstats.com
a.remarketstats.com — Cisco Umbrella Rank: 40202
584 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1284
187 B
1 t13.io
s2s.t13.io — Cisco Umbrella Rank: 1873
461 B
1 minutemedia-prebid.com
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 1901
327 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 728
442 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
1 KB
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 826
351 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1735
285 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
648 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
493 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
452 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
556 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
516 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1824
174 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
756 B
1 eqads.com
um4.eqads.com — Cisco Umbrella Rank: 2479
272 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
673 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 904
361 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
619 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 716
443 B
1 amazonaws.com
s3-us-west-2.amazonaws.com
60 KB
0 loopme.me Failed
csync.loopme.me Failed
279 70
Domain Requested by
37 www.ntd.com www.ntd.com
28 pixel.rubiconproject.com 14 redirects onetag-sys.com
s.amazon-adsystem.com
www.ntd.com
23 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
match.sharethrough.com
sync-amz.ads.yieldmo.com
onetag-sys.com
ssum-sec.casalemedia.com
ce.lijit.com
19 onetag-sys.com 4 redirects i.ntd.com
s.amazon-adsystem.com
onetag-sys.com
16 cm.g.doubleclick.net 10 redirects u.openx.net
sync-amz.ads.yieldmo.com
onetag-sys.com
s.amazon-adsystem.com
15 i.ntd.com www.ntd.com
14 ib.adnxs.com 5 redirects i.ntd.com
www.ntd.com
acdn.adnxs.com
s.amazon-adsystem.com
13 match.adsrvr.org 13 redirects
10 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
10 token.rubiconproject.com 7 redirects eus.rubiconproject.com
www.ntd.com
7 sync.1rx.io 7 redirects
7 ce.lijit.com 1 redirects s.amazon-adsystem.com
sync-amz.ads.yieldmo.com
ce.lijit.com
7 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.ntd.com
6 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
6 ups.analytics.yahoo.com 4 redirects onetag-sys.com
6 match.sharethrough.com s.amazon-adsystem.com
match.sharethrough.com
www.ntd.com
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 pwe.epochbase.com www.ntd.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 c1.adform.net 4 redirects
4 creativecdn.com 4 redirects
4 pixel.tapad.com 2 redirects sync-amz.ads.yieldmo.com
s.amazon-adsystem.com
4 eus.rubiconproject.com s.amazon-adsystem.com
i.ntd.com
eus.rubiconproject.com
4 x.bidswitch.net 2 redirects onetag-sys.com
4 static3.mixi.media www.ntd.com
4 unpkg.com 2 redirects www.ntd.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 c.amazon-adsystem.com www.ntd.com
c.amazon-adsystem.com
4 www.google.com www.ntd.com
www.gstatic.com
www.google.com
tpc.googlesyndication.com
3 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
3 sync.targeting.unrulymedia.com 2 redirects ce.lijit.com
3 ad.turn.com 3 redirects ssum-sec.casalemedia.com
3 pr-bh.ybp.yahoo.com 1 redirects u.openx.net
ssum-sec.casalemedia.com
3 match.prod.bidr.io 3 redirects
3 stat.media stat.mixi.media
3 www.googletagservices.com www.ntd.com
securepubads.g.doubleclick.net
3 www.googletagmanager.com www.ntd.com
www.googletagmanager.com
3 mixi.media www.ntd.com
static.mixi.media
2 a.clickcertain.com 1 redirects
2 p.alocdn.com 1 redirects www.ntd.com
2 capi.connatix.com 1 redirects www.ntd.com
2 dis.criteo.com 1 redirects ssum-sec.casalemedia.com
2 i.liadm.com 2 redirects
2 cdn.indexww.com ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 image8.pubmatic.com onetag-sys.com
2 ssbsync-global.smartadserver.com onetag-sys.com
2 ads.stickyadstv.com 2 redirects
2 sync.mathtag.com 2 redirects
2 ads.yieldmo.com sync-amz.ads.yieldmo.com
2 pixel-us-east.rubiconproject.com 2 redirects
2 stx-match.dotomi.com 2 redirects
2 acdn.adnxs.com i.ntd.com
2 js-sec.indexww.com i.ntd.com
2 us-u.openx.net u.openx.net
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 ad.360yield.com 2 redirects
2 fonts.gstatic.com www.google.com
2 cdn.epoch.cloud www.ntd.com
2 prebid-match.dotomi.com 2 redirects
2 htlb.casalemedia.com i.ntd.com
2 fastlane.rubiconproject.com i.ntd.com
2 exchange.postrelease.com i.ntd.com
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 static.mixi.media mixi.media
www.ntd.com
2 analytics.google.com www.googletagmanager.com
2 sc.youmaker.com www.ntd.com
2 www.youtube.com www.ntd.com
www.youtube.com
2 ntd.com 2 redirects
1 a.remarketstats.com 1 redirects
1 exchange.mediavine.com www.ntd.com
1 s2s.t13.io www.ntd.com
1 cs.minutemedia-prebid.com www.ntd.com
1 i6.liadm.com www.ntd.com
1 id.rlcdn.com 1 redirects
1 secure.adnxs.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 bttrack.com 1 redirects
1 s.seedtag.com www.ntd.com
1 hb.yahoo.net www.ntd.com
1 sync.ipredictive.com 1 redirects
1 prebid.a-mo.net s.amazon-adsystem.com
1 sync1.intentiq.com www.ntd.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 px.ads.linkedin.com s.amazon-adsystem.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 idx.liadm.com b-code.liadm.com
1 tr.blismedia.com ce.lijit.com
1 data.adsrvr.org 1 redirects
1 p.rfihub.com 1 redirects
1 um4.eqads.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 ap.lijit.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 sync.go.sonobi.com 1 redirects
1 trace.mediago.io 1 redirects
1 um.simpli.fi 1 redirects
1 s.ad.smaato.net 1 redirects
1 2ff71852cc4cef8a8b53f22056c9474a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rp4.liadm.com www.ntd.com
1 rp.liadm.com 1 redirects
1 static8.mixi.media www.ntd.com
1 static6.mixi.media www.ntd.com
1 b-code.liadm.com s3-us-west-2.amazonaws.com
1 prebid.adnxs.com i.ntd.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 stat.mixi.media mixi.media
1 stats.g.doubleclick.net www.googletagmanager.com
1 s3-us-west-2.amazonaws.com www.ntd.com
1 subs.epochbase.com www.ntd.com
0 csync.loopme.me Failed s.amazon-adsystem.com
279 113

This site contains links to these domains. Also see Links.

Domain
www.theepochtimes.com
en.falundafa.org
mixi.media
donate.ntd.com
help.ntd.com
Subject Issuer Validity Valid
ntd.com
E1		 2023-10-08 -
2024-01-06		 3 months crt.sh
i.ntd.com
R3		 2023-11-22 -
2024-02-20		 3 months crt.sh
*.epochbase.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-17 -
2024-01-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
mixi.media
R3		 2023-10-20 -
2024-01-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.youmaker.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-18 -
2024-07-17		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-08-03		 10 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
static.mixi.media
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
stat.mixi.media
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2023-05-31 -
2024-06-30		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-02-28 -
2024-01-30		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
stat.media
R3		 2023-09-18 -
2023-12-17		 3 months crt.sh
epoch.cloud
GTS CA 1P5		 2023-10-30 -
2024-01-28		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh

This page contains 26 frames:

Primary Page: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Frame ID: CF1E913121FF26F602830290A7073496
Requests: 133 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=z9vxhz2vhhqh
Frame ID: D1E4EF65E73C91651CA668AD73E7636B
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&dcc=t
Frame ID: 6367E2FD370136872269E9C2FECE35EE
Requests: 1 HTTP requests in this frame

Frame: https://2ff71852cc4cef8a8b53f22056c9474a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 33B6845385216077F075F1F00C9ECA6F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: B7483DAF96A2879D31FFC6D9CAEF3F87
Requests: 9 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: B1634177E2F97998C89F54694A1EE177
Requests: 7 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 66FF1F35C3095761959EBAFF6C33DF9A
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCFKymmI-1w63nVSFiZxhMzFkmHsPXeiiqtxbOVrjdNAWCukSTHfLyY0VLUPN_i7YwnBqCyhfTzDIeplPJHeqq90BQfmT3PHKbLwZwGOino5mt3gL5iCDxuATpa21FaN1y9GzYwSb5It37jQRdkkYG1JvV9UTDl7AUKgQlqFswbc-yLzyYqQrLvXF04B1gV35MOOnBEhyK9HEyocY8oBKtZYB5GUvuhlOP-VSjqTz_xgJFa8EBQ1IFYGUrHyj4rCw7lplUY9O3EyLnGBlb7z7QtTVG6GDPn3lcdZsfOXxSBYCMb00gp-mM04jE92ORdfHhYHFMcYti2jSFAbqMksRQ2ubA2ekeUAC7dsGbwZ9vWzLUFaNVd9nUW8o7nqH27S23qkfE1X8&sai=AMfl-YShKcppZ3mFtRxNCxQtuce6nMb49YKDbyg39_9p4FVFv7a6Kyhu4s7_9AHkRSxw1HYRSVX2kaTnNYj8ATmuiVGribBM2GU-uqJ-23f8YxYX_Y-HS3_345NoazOjNG5XslNdApvCfJB8Z270oVVKKeg&sig=Cg0ArKJSzKSaSVhaiEOREAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1E79C61033E2A7039CF6DBCE85EF7BBB
Requests: 5 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 26E3244BD8A7B505D05CA63C3788F068
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 642DD808C428919FC1CDF74F866E394D
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgvMJHJr_2lPeV__eFO_bvZSmpQJXqvrDdtIPuE_fdTZLb95Dfut2_MDPjhyvBbICXDTPeVh9BwF1wRDbP53eajith6Dhn3cFg0xpZuXWPY3fImmTjDNXp9cD5unlnOfgVVK3r4QUcTkfsAc9JYHf5BEgILmrKVxnfsBwFvk3dhUiJ68khVfv89e8x7fXiucCqmQDhNJNbHg-HuEETwuddyQuOKaMPhBdTEwYoIMsU-T1KkoHLvthB1x9MR_4tgxvGQo-asQgbK9GooBwJse-rvLArLJA86cjIvxCiCx-F1GLkPHavfh2qihF6Bs0niNPAl3-3Bu5Q3lyLDjOcbl9IjBVUUsrllNWVP4eVOOzT-WAcMqRMiHjviJglFOnygXdC_3NUHTxMwg&sai=AMfl-YQacd47EZGr0ndZvFWh6EK2BUHIqqO7A9345-9qJfj3pRBb5OGtfT6Z7kK7l-V9P_mTqKdOb3UwzEzPumwh_pcFCzc8umiyMku6GIqtpumCSV_VCDIMNpCWjJhRGT47IBSeprWooVsyrXenI3X8Ka14&sig=Cg0ArKJSzEo3mTbNNwX9EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A0B4D4FD58955FE3D32F65EA36717EC2
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0zZmlWRE1aRTJ1SmtBQmMzaDdoZjdwc3ZQUUFlVzBGV35B
Frame ID: 52D6C95C652C2D5B3C463B1C736F6D38
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=1480268236432194020&ex=appnexus.com
Frame ID: EBF33F476067262BE8CED2AD74CEF6DB
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2F71C1D9AE6E5F1B8DC1BD0A2F7257D8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 86496B6480121B9ECB15084A32B5F5DA
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700753090353
Frame ID: 6653B1FDDFDF007C3AB8ABE4E4C5A2A5
Requests: 14 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1499C67EA0CCDCCA5003F2EC2E23FD27
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2BAE45A57FE8AE746ED67BC081A2E035
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700753090349
Frame ID: 612A823E549B08D5220B67B1E652AA5C
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D3F511B5E063F020E969BD0761A8F2E8
Requests: 19 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: D6E5AD70E34BFB97258D6183B05115BE
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 3EECD99C06348B0EC1F856B4E4A7F5DA
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: B34505C13A9A20B93314597DC7270FF6
Requests: 10 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=7c5c6ba2-12ca-4c89-9b7d-ebd85a66d965&expiration=1708701894
Frame ID: 2E3C3A021CB9F30D3434616E6B0C2D0A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DC129BF1AC98D92EC1E06D1C0E2617FC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 871EB3E85B0F09A51405215DA2CE8FB1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

At NYC Lunar New Year Parade, Falun Gong Adherents Have Message for the World | NTD

Page URL History Show full URLs

  1. http://ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world... HTTP 301
    https://ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world... HTTP 301
    https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

279
Requests

68 %
HTTPS

30 %
IPv6

70
Domains

113
Subdomains

70
IPs

9
Countries

7578 kB
Transfer

11823 kB
Size

136
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html HTTP 301
    https://ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html HTTP 301
    https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87
  • https://unpkg.com/react@18/umd/react.production.min.js HTTP 302
  • https://unpkg.com/react@18.2.0/umd/react.production.min.js
Request Chain 88
  • https://unpkg.com/react-dom@18/umd/react-dom.production.min.js HTTP 302
  • https://unpkg.com/react-dom@18.2.0/umd/react-dom.production.min.js
Request Chain 109
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&dcc=t
Request Chain 112
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&rurl=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=48d02ebabb311037&is_secure=true&version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&rurl=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=conversant&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=AAAFwsHo6-0VtwMqUzkQAAAAAAA&expiration=1700839491
Request Chain 122
  • https://rp.liadm.com/j?dtstmp=1700753090947&se=e30&duid=33df6995a8cd--01hfycha7mg45shtk9s8p8smvk&tna=v2.11.1&pu=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&wpn=lc-bundle HTTP 302
  • https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hfycha7mg45shtk9s8p8smvk&tna=v2.11.1&dtstmp=1700753090947&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&i6=MjAwMTo0OTU4OjE0MjA6MTVhOjoxODY%3D
Request Chain 131
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=7978b75d-f239-4d82-bd80-ed7ced5a5dfd
Request Chain 133
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=c8e7db7e-592d-4bbd-ab04-0450e854c2cb
Request Chain 134
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AACW307Kvt4AABKAVLVgzQ&ex=beeswax.com
Request Chain 135
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=2c58c86c97
Request Chain 137
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=8892889A60E84F7FB9357F073655A745&ex=simpli.fi&status=ok
Request Chain 138
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=1b7de7e863fc528527kmw100lpbch8kk
Request Chain 139
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5BUID%5D HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=sonobi&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=059bc64e-3480-4676-8f06-8fedb9b752f9
Request Chain 140
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 150
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0zZmlWRE1aRTJ1SmtBQmMzaDdoZjdwc3ZQUUFlVzBGV35B
Request Chain 151
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1480268236432194020&ex=appnexus.com
Request Chain 157
  • https://match.adsrvr.org/track/cmf/openx?oxid=6a8e179e-a398-34c0-567a-4c2307bf3d37&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=6a8e179e-a398-34c0-567a-4c2307bf3d37&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=963a55a4-c8bf-44bc-8b5f-e99436d6aecb&ttd_puid=6a8e179e-a398-34c0-567a-4c2307bf3d37&gdpr=0&gdpr_consent=
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDxswgyveG1bqsnUYmlYdtk&google_cver=1
Request Chain 168
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=963a55a4-c8bf-44bc-8b5f-e99436d6aecb&gdpr=0&gdpr_consent=
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=OGJkZmZjODEtN2MzZS00NzJlLTk4YzEtOTU1YmQ5ODU0ZDI0 HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 170
  • https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=8bdffc81-7c3e-472e-98c1-955bd9854d24&gdpr=0&gdpr_consent= HTTP 302
  • https://stx-match.dotomi.com/match/bounce/current?DotomiTest=5aa718a8785710c8&is_secure=true&networkId=44410&version=1&nuid=8bdffc81-7c3e-472e-98c1-955bd9854d24&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAGlW7yGT7AdwNdotlpAAAAAAA&expiration=1700839494&nuid=8bdffc81-7c3e-472e-98c1-955bd9854d24&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 171
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPBCH79W-13-FLR8&gdpr=0
Request Chain 172
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 174
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3F30DVV880V712YaiuMb HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3F30DVV880V712YaiuMb HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=706ff231-c5c7-4f72-898b-dfa6c579383b%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b4b334a7-7f50-43b0-9bc5-f88259cdc421&ttd_puid=706ff231-c5c7-4f72-898b-dfa6c579383b%2C%2C
Request Chain 175
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1700753094283 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1605741386 HTTP 302
  • https://sync.1rx.io/usersync/turn/2499925625324269568?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005
Request Chain 176
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LPBCH79W-13-FLR8
Request Chain 177
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=1480268236432194020&pn_id=an
Request Chain 183
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=6288655f-6ec6-4400-ad8d-4ce315fd738f&gdpr=1&gdpr_consent=
Request Chain 185
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1480268236432194020
Request Chain 186
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=e39da7ad387070eed1db3934e81dc6d&gdpr_consent=&gdpr=1
Request Chain 188
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_zItbj08JmH3S5yHitqqSlsODwiRI0NlA
Request Chain 190
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=PW47UeOlzJurSWp0DKPfA2vcrRUKQ8r3uIbT6Fx5jPA
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA-fBhKyelrbWhBJtRlUR4c&google_cver=1
Request Chain 194
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=963a55a4-c8bf-44bc-8b5f-e99436d6aecb&gdpr=0&gdpr_consent=
Request Chain 198
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=fb9f655f-6ec6-4200-a3dd-37d5130888df&gdpr=1&gdpr_consent=
Request Chain 200
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1480268236432194020
Request Chain 201
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=38fff59a54f3b6e3f5459f20cfd8df&gdpr_consent=&gdpr=1
Request Chain 202
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_zItlN8PB72iFtEwAb-FPqDZk0z4hc2lQ
Request Chain 204
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=PW47UeOlzJurSWp0DKPfA2vcrRUKQ8r3uIbT6Fx5jPA
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA-fBhKyelrbWhBJtRlUR4c&google_cver=1
Request Chain 207
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=b4b334a7-7f50-43b0-9bc5-f88259cdc421&gdpr=0&gdpr_consent=
Request Chain 212
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 213
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 217
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b4b334a7-7f50-43b0-9bc5-f88259cdc421&expiration=1703345094&gdpr=0&gdpr_consent=
Request Chain 218
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZV9uxpQDTFLf1XJ96Fu9FAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdGWXuuQlQS1fpjnTw5LZk&google_cver=1
Request Chain 219
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZV9uxpQDTFLf1XJ96Fu9FAAABQMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOfiOz1mU7_tcBx81OnvFs0&google_cver=1
Request Chain 221
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZV9uxpQDTFLf1XJ96Fu9FAAABQMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=38fff59a54f3b6e3f5459f20cfd8df&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZV9uxpQDTFLf1XJ96Fu9FAAABQMAAAAB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umeb608_7304678992196016317&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/38fff59a54f3b6e3f5459f20cfd8df?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Bk0m2atE2oNzSL3VDG_Bnq_hZ4kVzX4anZNfGdbU~A HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AACW307Kvt4AABKAVLVgzQ&dataProviderId=817&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MzhmZmY1OWE1NGYzYjZlM2Y1NDU5ZjIwY2ZkOGRm&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHGTz9F4Gk6UMqcesPlwFlI&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=b4b334a7-7f50-43b0-9bc5-f88259cdc421&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=1480268236432194020&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=IbgmWfnB1R6bzz5&gdpr=0&gdpr_consent= HTTP 302
  • https://jelly.mdhv.io/v4/pixie?gdpr=0&gdpr_consent= HTTP 307
  • https://ads.stickyadstv.com/user-registering?dataProviderId=513&userId=31d6da40-aa74-4b1f-b96b-5ab236a43189 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=5493275&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=b1b26ae5-700b-4b4b-94a5-ccea647a3ec9 HTTP 302
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=
Request Chain 222
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZV9uxpQDTFLf1XJ96Fu9FAAA%261283?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZV9uxpQDTFLf1XJ96Fu9FAAA%261283
Request Chain 223
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=249085d8550914d9&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHaBv7PFisJANb_y-jAAAAAAA&expiration=1700839494&is_secure=true
Request Chain 225
  • https://um4.eqads.com/um/cs HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=7c5c6ba2-12ca-4c89-9b7d-ebd85a66d965&expiration=1708701894
Request Chain 226
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZV9uxlKHq4MhUlgXHJC9YgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdGWXuuQlQS1fpjnTw5LZk&google_cver=1
Request Chain 227
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZV9uxlKHq4MhUlgXHJC9YgAA%263455&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 228
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b4b334a7-7f50-43b0-9bc5-f88259cdc421&expiration=1703345094&gdpr=0&gdpr_consent=
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZV9uxlKHq4MhUlgXHJC9YgAADX8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOfiOz1mU7_tcBx81OnvFs0&google_cver=1
Request Chain 230
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477421108625226
Request Chain 232
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZV9uxlKHq4MhUlgXHJC9YgAA%263455 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZV9uxlKHq4MhUlgXHJC9YgAA%263455&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=93h7jwPj30ILddVCjYoP0KhCda09G0CE5XlThRKjgMA&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZV9uxlKHq4MhUlgXHJC9YgAA%263455&tc=1
Request Chain 233
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8522879841039415443&expiration=1701962695
Request Chain 236
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=b4b334a7-7f50-43b0-9bc5-f88259cdc421&gdpr=0&gdpr_consent=
Request Chain 237
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LPBCH79W-13-FLR8&gdpr=0
Request Chain 238
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8506218639 HTTP 302
  • https://sync.1rx.io/usersync/turn/9204659570572095488?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005
Request Chain 240
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=93h7jwPj30ILddVCjYoP0KhCda09G0CE5XlThRKjgMA&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 241
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LPBCH79W-13-FLR8 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LPBCH79W-13-FLR8&ex=d-rubiconproject.com&status=ok
Request Chain 244
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPBCH79W-13-FLR8
Request Chain 245
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjMwNmUzYThmNmNiZDRjNzQwNzVjM2ExMTMwZjU0ZDg0NDI2YTNlZA
Request Chain 246
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/4RgnrgrOLkBlNtBZZaXzKMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-RwlqlUFE2oJda7QDV7mSS3iXBvdUBSIpX24Z9g--~A
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMoUNTN8nt0-6zk4iekq1es&google_cver=1
Request Chain 248
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LPBCH79W-13-FLR8&ex=d-rubiconproject.com&status=ok
Request Chain 249
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b4b334a7-7f50-43b0-9bc5-f88259cdc421&gdpr=0&gdpr_consent=&expires=30
Request Chain 250
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=e9hFF5iLTZq5R4cCzB6TVQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=e9hFF5iLTZq5R4cCzB6TVQ
Request Chain 251
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBCQ0g3OVctMTMtRkxSOA== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEE7vEBKwQbejgCRctnC5KQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBCQ0g3OVctMTMtRkxSOA==&google_push=
Request Chain 252
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACW307Kvt4AABKAVLVgzQ&expires=30
Request Chain 253
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPBCH79W-13-FLR8 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPBCH79W-13-FLR8 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPBCH79W-13-FLR8&ckls=true&ci=E3mCmxwcSN&nc=false&trid=1101885978
Request Chain 254
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LPBCH79W-13-FLR8
Request Chain 255
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPBCH79W-13-FLR8
Request Chain 256
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=b1b26ae5-700b-4b4b-94a5-ccea647a3ec9&expires=30
Request Chain 257
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPBCH79W-13-FLR8
Request Chain 258
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LPBCH79W-13-FLR8
Request Chain 259
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPBCH79W-13-FLR8
Request Chain 260
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPBCH79W-13-FLR8&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPBCH79W-13-FLR8&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1sdXNYQUpCRTJ1SGxfVWNCYUROYU5LYWFLYV9WbGZrcX5B&ovsid=LPBCH79W-13-FLR8&dpid=58160
Request Chain 261
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LPBCH79W-13-FLR8&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LPBCH79W-13-FLR8&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 262
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LPBCH79W-13-FLR8
Request Chain 263
  • https://c1.adform.net/serving/cookie/match?party=1164 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1164 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=8060868320676449426
Request Chain 264
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=bfa8e079-eadc-48ca-9d32-033d91176381
Request Chain 265
  • https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ERMWsRJhXKxxAxmZYZY3DEYZ_7o
Request Chain 266
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=57745388-b908-40bb-a667-36a0056ed3d9
Request Chain 267
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=1480268236432194020&expires=30
Request Chain 268
  • https://ad.turn.com/r/cs?pid=6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=9204659570572095488&expires=60&gdpr=&gdpr_consent=
Request Chain 269
  • https://sync.1rx.io/usersync2/rubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5132116243 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/b4b334a7-7f50-43b0-9bc5-f88259cdc421 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005&expires=30
Request Chain 270
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 271
  • https://token.rubiconproject.com/token?pid=49096 HTTP 302
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LPBCH79W-13-FLR8 HTTP 303
  • https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LPBCH79W-13-FLR8
Request Chain 272
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LPBCH79W-13-FLR8
Request Chain 273
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13 HTTP 302
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LPBCH79W-13-FLR8
Request Chain 274
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404 HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LPBCH79W-13-FLR8
Request Chain 277
  • https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25229c6692ed-1077-4f72-817e-1e70b4864d85%2522%257D&title=At%20NYC%20Lunar%20New%20Year%20Parade%2C%20Falun%20Gong%20Adherents%20Have%20Message%20for%20the%20World%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html HTTP 302
  • https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25229c6692ed-1077-4f72-817e-1e70b4864d85%2522%257D&title=At%20NYC%20Lunar%20New%20Year%20Parade%2C%20Falun%20Gong%20Adherents%20Have%20Message%20for%20the%20World%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&tdc=1
Request Chain 281
  • https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html HTTP 302
  • https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html HTTP 302
  • https://a.clickcertain.com/px/?c=2455d1796b86efb

279 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
www.ntd.com/
Redirect Chain
  • http://ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
  • https://ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
  • https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
162 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
ed7265e462c0822fa4d785263d913c8bbdf9ca3a3b379c07c184e0ac12b075ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
public, max-age=14400
cf-cache-status
MISS
cf-ray
82aa6bbc897a3a08-YYZ
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 15:24:45 GMT
expires
Thu, 23 Nov 2023 19:24:45 GMT
server
cloudflare
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-nextjs-cache
STALE
x-powered-by
Next.js
x-xss-protection
1; mode=block

Redirect headers

cache-control
public, max-age=14400
cf-cache-status
MISS
cf-ray
82aa6bbaeef13a08-YYZ
content-type
text/html
date
Thu, 23 Nov 2023 15:24:44 GMT
expires
Thu, 23 Nov 2023 19:24:44 GMT
location
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
server
cloudflare
strict-transport-security
max-age=63072000
vary
Accept-Encoding
Flushing-parade-LBD0241-900x506.jpeg
i.ntd.com/assets/uploads/2023/01/ 		686 KB
687 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ntd.com/assets/uploads/2023/01/Flushing-parade-LBD0241-900x506.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.144.101 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-144-101.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6567f1f26bf9c8ab32576cb70744a2cd20f4efdca1047484da01887e1b3a5963
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
Date
Thu, 23 Nov 2023 15:24:45 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1403547
Content-Length
702783
Last-Modified
Sun, 22 Jan 2023 02:28:15 GMT
Server
nginx
ETag
"63cc9f3f-ab93f"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31535992
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Fri, 22 Nov 2024 15:24:37 GMT
ntd-logo-comment.png
i.ntd.com/assets/themes/ntd/images/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ntd.com/assets/themes/ntd/images/ntd-logo-comment.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.144.101 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-144-101.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d38468263d67fc86718b19ea5585ad67b413fc85ce55c82bec81f159923c830d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
Date
Thu, 23 Nov 2023 15:24:45 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1403547
Content-Length
35679
Last-Modified
Fri, 14 Oct 2022 17:48:55 GMT
Server
nginx
ETag
"6349a107-8b5f"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31356654
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Wed, 20 Nov 2024 13:35:39 GMT
template.css
subs.epochbase.com/lib/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subs.epochbase.com/lib/template.css
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.251.162 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.251.107.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2f009a44aa057e608440849ba7d59135c178393165207fb8268d1680f9365b5b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 03 Nov 2023 19:11:33 GMT
server
nginx/1.20.1
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=3600, public, no-transform
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1242
expires
Thu, 23 Nov 2023 16:24:45 GMT
4a739f824f596a15.css
www.ntd.com/_next/static/css/ 		140 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/css/4a739f824f596a15.css
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39606abb2773dd3c0cdad88f49c31445e9d558631c25fb21bcbf06046c361340
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:35:48 GMT
server
cloudflare
etag
W/"22ea3-18ba6c71c60"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bbe3c4e3a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
3cd2d6e571594a33.css
www.ntd.com/_next/static/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0b305e408e4d852e855962afee13321ebf52d3894e1a8a42dfbf8d3b4741a9e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:35:48 GMT
server
cloudflare
etag
W/"5cf7-18ba6c71c5f"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bbe3c503a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
3142a792e382aafb.css
www.ntd.com/_next/static/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/css/3142a792e382aafb.css
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb2ca5c959e60b125bc07e2f962d60dafea7cfb55b9193d33f4879501db7a21d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:35:48 GMT
server
cloudflare
etag
W/"3db9-18ba6c71c5f"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bbe3c533a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
30418f44-85d0cd07c9902eeb.js
www.ntd.com/_next/static/chunks/ 		680 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/chunks/30418f44-85d0cd07c9902eeb.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ec251d05abab8e5f107b3bdda10a535e84ff677ccc282d9d61f0335fc01268f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:35:48 GMT
server
cloudflare
etag
W/"a9f15-18ba6c71c64"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bbe9cf93a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
9073-3a5bfa0f17d1d72f.js
www.ntd.com/_next/static/chunks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/chunks/9073-3a5bfa0f17d1d72f.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12d467813dd443184a5c52c782f0b3c2a401a873d28dc9130ac30900dc8590ab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:35:48 GMT
server
cloudflare
etag
W/"2452-18ba6c71c66"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bbe9cfd3a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
663.040d83569fca7810.js
www.ntd.com/_next/static/chunks/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/chunks/663.040d83569fca7810.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb05bc6f6bc43783fe6132aeee6ecdacfc83c8223f32aa9c998c75b7f3dd9d9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:37:04 GMT
server
cloudflare
etag
W/"2801-18ba6c842c5"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bbe9d013a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
1391.0ae298293689721c.js
www.ntd.com/_next/static/chunks/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/chunks/1391.0ae298293689721c.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72fd7e24b02580e7f6501d079c90a19d4c87ab4624c51f96f4e3c7a07a0e30d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:35:48 GMT
server
cloudflare
etag
W/"2b5b-18ba6c71c63"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bbf0dba3a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
webpack-8fc3a293139a2d69.js
www.ntd.com/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/chunks/webpack-8fc3a293139a2d69.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9eddf5a65005ab000071c3179eaa30fce0f40e67d742a18ce8caf892264a652
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:37:04 GMT
server
cloudflare
etag
W/"18b0-18ba6c842c2"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bc04fd73a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
framework-79bce4a3a540b080.js
www.ntd.com/_next/static/chunks/ 		127 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/chunks/framework-79bce4a3a540b080.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:35:48 GMT
server
cloudflare
etag
W/"1fbd2-18ba6c71c67"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bc088383a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
main-9a2cb928659cd95b.js
www.ntd.com/_next/static/chunks/ 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/chunks/main-9a2cb928659cd95b.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8e78daa065e02de5d8b249192b4e2c364a523cff15f783b273a38664634354b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:35:48 GMT
server
cloudflare
etag
W/"1d968-18ba6c71c67"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bc1da603a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
_app-6c66e47dc43f9607.js
www.ntd.com/_next/static/chunks/pages/ 		317 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a085a48de1c29460f6e8dde984099c3cc348ea5db5bf26a878178939eb77d0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:37:04 GMT
server
cloudflare
etag
W/"4f292-18ba6c842bf"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bc1fa863a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
4201-66f788ee4ee45a93.js
www.ntd.com/_next/static/chunks/ 		116 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/chunks/4201-66f788ee4ee45a93.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5a3e13ad52b15a5e9f82b95a971d1203facb8ff8a47ac5fe144d61f2ec7c77
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:35:48 GMT
server
cloudflare
etag
W/"1ce9a-18ba6c71c65"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bc1fa883a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
2962-a4df57f83cf7a4f7.js
www.ntd.com/_next/static/chunks/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/chunks/2962-a4df57f83cf7a4f7.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
641d72ddefb953f6ac870a992be6a9d7cb1154a3b77a666fb6cb253ec7e52e03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:35:48 GMT
server
cloudflare
etag
W/"4442-18ba6c71c63"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bc1fa893a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
4277-9113847c34226409.js
www.ntd.com/_next/static/chunks/ 		84 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/chunks/4277-9113847c34226409.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e232f0777782167244e5f824d348b49a9f92446b12810aa4a3d7216572aeaf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:35:48 GMT
server
cloudflare
etag
W/"1502f-18ba6c71c65"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bc1fa8a3a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
9146-c010d8b3f8fd1db0.js
www.ntd.com/_next/static/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/chunks/9146-c010d8b3f8fd1db0.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
779d8fdda515b570970a5fb09b5eefbf0c8ec6300d969d4d609806a37f77e803
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:35:48 GMT
server
cloudflare
etag
W/"1d13-18ba6c71c66"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bc20ab03a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
1294-8741fd956c5fad68.js
www.ntd.com/_next/static/chunks/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/chunks/1294-8741fd956c5fad68.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fdf7c13d5b3b559871a32380728a9c126bd004577031335423da2c981141407
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:37:04 GMT
server
cloudflare
etag
W/"3730-18ba6c842c5"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bc24b003a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
1335-c79d8729f0c50b8b.js
www.ntd.com/_next/static/chunks/ 		121 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/chunks/1335-c79d8729f0c50b8b.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5a33ccfcc05ae337e7f3924e408ae1486f368970ed761aabed6e7b057651498
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:35:48 GMT
server
cloudflare
etag
W/"1e31f-18ba6c71c63"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bc25b1d3a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
3213-33fa56d227aef8a4.js
www.ntd.com/_next/static/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/chunks/3213-33fa56d227aef8a4.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4505adde3a6db0f39a9dc7428643d1e9b84331c2d3022bec401b7002c07369e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:35:48 GMT
server
cloudflare
etag
W/"3061-18ba6c71c64"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bc27b453a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
1601-ce29e6661bb60ba0.js
www.ntd.com/_next/static/chunks/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/chunks/1601-ce29e6661bb60ba0.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2997f9a557c9b636e93dfa7b84a57dfc6c7e3b6593f0341b77891dd7e19cc91
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:35:48 GMT
server
cloudflare
etag
W/"22ae-18ba6c71c63"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bc29b6b3a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
%5Burl%5D-a6aa872959d7f080.js
www.ntd.com/_next/static/chunks/pages/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/chunks/pages/%5Burl%5D-a6aa872959d7f080.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
582e42d6984215cd2526b7a6f01bb23d649c746af9fafbb60bd3d43b09e4d123
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:37:04 GMT
server
cloudflare
etag
W/"5aff-18ba6c842c0"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bc29b6f3a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
_buildManifest.js
www.ntd.com/_next/static/e0e904b1fc0109aa188f80cef3a76a2fc945f296/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/e0e904b1fc0109aa188f80cef3a76a2fc945f296/_buildManifest.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d780c2236b34848e2b3b15b3b2529b1eea1c2e7d92fbda888ad6766cbfe80bff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:37:04 GMT
server
cloudflare
etag
W/"10e5-18ba6c842bf"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bc29b703a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
_ssgManifest.js
www.ntd.com/_next/static/e0e904b1fc0109aa188f80cef3a76a2fc945f296/ 		598 B
331 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/e0e904b1fc0109aa188f80cef3a76a2fc945f296/_ssgManifest.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
163cb5d5188442a3dc0cc458a58b06a08e498eea3ae25e310c473cdaae977f39
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:37:19 GMT
server
cloudflare
etag
W/"256-18ba6c87d93"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bc2ab893a08-YYZ
expires
Fri, 22 Nov 2024 15:24:45 GMT
NTDLogo.svg
i.ntd.com/assets/themes/ntd/images/ 		660 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ntd.com/assets/themes/ntd/images/NTDLogo.svg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.144.101 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-144-101.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
Date
Thu, 23 Nov 2023 15:24:45 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1403547
Content-Length
660
Last-Modified
Fri, 14 Oct 2022 17:48:55 GMT
Server
nginx
ETag
"6349a107-294"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=30806626
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
truncated
/ 		78 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f81fc2f3cc04c1f965f2683dc2b369bd4ebbc18b454196d101f74f69efe3433

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		78 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6800eb63dc978c9903864b28a08ed4f6b533bdb842ac6622a07c311e47a0a298

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		78 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8b6528bc2a63e986a842311ca6971aac53d77331c25d16a03e9e45de5bccf8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		79 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a6fff8e4746724d6b7a0cadd7b189300165a442228b58f2a9c30ab1fedbbc1b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		79 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcf538ab166e90e4dfda982d360b06de8da42bd945c277ec6f357a55b43bbc5b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		79 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c21eea3ff63e3cbe49cfe06d47eba4a268ed5e2d583d9fbe8590f39b85212ae

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		80 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
720530af830892701ef8b15094596aba1a91afffc1a013cad9103da6cd9df0e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
ENTD_Play.svg
www.ntd.com/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntd.com/images/ENTD_Play.svg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
last-modified
Mon, 11 Sep 2023 14:26:49 GMT
server
cloudflare
cf-cache-status
MISS
etag
W/"7e6-18a84a34dab"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
82aa6bc34c803a08-YYZ
x-xss-protection
1; mode=block
expires
Thu, 23 Nov 2023 19:24:46 GMT
NTDLogo.svg
www.ntd.com/images/ 		660 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntd.com/images/NTDLogo.svg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:46 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 11 Sep 2023 14:26:49 GMT
server
cloudflare
content-encoding
gzip
etag
W/"294-18a84a34dab"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
82aa6bc38cf23a08-YYZ
x-xss-protection
1; mode=block
expires
Thu, 23 Nov 2023 19:24:46 GMT
footer-app-logo.png
www.ntd.com/images/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntd.com/images/footer-app-logo.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:46 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
74494
x-xss-protection
1; mode=block
last-modified
Mon, 11 Sep 2023 14:25:48 GMT
server
cloudflare
etag
W/"122fe-18a84a25ff3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
82aa6bc38cf53a08-YYZ
expires
Thu, 23 Nov 2023 19:24:46 GMT
NTD_BackToTop.svg
www.ntd.com/images/ 		2 KB
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntd.com/images/NTD_BackToTop.svg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e33b98871ae098fb62dd6f123409a67fad6a3d0e8e22120a7d9b9188814b11a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/_next/static/css/3cd2d6e571594a33.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
last-modified
Mon, 11 Sep 2023 14:26:49 GMT
server
cloudflare
cf-cache-status
MISS
etag
W/"7d6-18a84a34dac"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
82aa6bc38cf63a08-YYZ
x-xss-protection
1; mode=block
expires
Thu, 23 Nov 2023 19:24:46 GMT
truncated
/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5

Request headers

Referer
Origin
https://www.ntd.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
01212023-DSC07205-1200x720.jpg
i.ntd.com/assets/uploads/2023/01/ 		840 KB
840 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ntd.com/assets/uploads/2023/01/01212023-DSC07205-1200x720.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.144.101 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-144-101.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
871b8242d1aabad13d92c8fac67273aa5e5aef0ecdb1f31985b0b0a807b0e2f3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
Date
Thu, 23 Nov 2023 15:24:46 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1403547
Content-Length
859661
Last-Modified
Sun, 22 Jan 2023 01:49:17 GMT
Server
nginx
ETag
"63cc961d-d1e0d"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31536000
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Fri, 22 Nov 2024 15:24:46 GMT
dragon-LBD0514-1200x800.jpeg
i.ntd.com/assets/uploads/2023/01/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ntd.com/assets/uploads/2023/01/dragon-LBD0514-1200x800.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.144.101 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-144-101.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f61ff4f888bc3690036c62d05030f9e8710d2c86e0593c517c02f60719860e92
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
Date
Thu, 23 Nov 2023 15:24:46 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1403547
Content-Length
1159639
Last-Modified
Sun, 22 Jan 2023 02:29:21 GMT
Server
nginx
ETag
"63cc9f81-11b1d7"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31536000
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Fri, 22 Nov 2024 15:24:46 GMT
Wang-Lirong-5597302766-1200x800.jpeg
i.ntd.com/assets/uploads/2023/01/ 		547 KB
547 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ntd.com/assets/uploads/2023/01/Wang-Lirong-5597302766-1200x800.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.144.101 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-144-101.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c7f6c50373b11c90ab48d22df301ff705b05c61e4efaf19e03a57dd79a63f4c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
Date
Thu, 23 Nov 2023 15:24:46 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1403547
Content-Length
559633
Last-Modified
Sun, 22 Jan 2023 02:30:36 GMT
Server
nginx
ETag
"63cc9fcc-88a11"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31536000
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Fri, 22 Nov 2024 15:24:46 GMT
Yulia-Nova-3257914872-1200x800.jpeg
i.ntd.com/assets/uploads/2023/01/ 		560 KB
561 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ntd.com/assets/uploads/2023/01/Yulia-Nova-3257914872-1200x800.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.144.101 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-144-101.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
15740d57e5110399735f18958d8a9bbb2b1468b209ba051519086f29cf7b8433
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
Date
Thu, 23 Nov 2023 15:24:46 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1403547
Content-Length
573889
Last-Modified
Sun, 22 Jan 2023 02:33:54 GMT
Server
nginx
ETag
"63cca092-8c1c1"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31536000
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Fri, 22 Nov 2024 15:24:46 GMT
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-85d0cd07c9902eeb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0de2a176ad08f62d4eb01561e51936094f156760b03746e2f17e69345824f7b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 23 Nov 2023 15:24:46 GMT
8735.d0b957bfa55e8687.js
www.ntd.com/_next/static/chunks/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/_next/static/chunks/8735.d0b957bfa55e8687.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/webpack-8fc3a293139a2d69.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c497f68641e8abd81d72b3b6bae5b3e3ca4f92c3e95cf9169c4de2477f8a7bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
273
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:35:48 GMT
server
cloudflare
etag
W/"af73-18ba6c71c66"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82aa6bc85ca23a08-YYZ
expires
Fri, 22 Nov 2024 15:24:46 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/%5Burl%5D-a6aa872959d7f080.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::6a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e37853993ce02f2f6249ecfbf554c4d36db8423a1b5d1cf2f0f132b743a0e26c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 23 Nov 2023 15:24:47 GMT
95162.js
mixi.media/data/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mixi.media/data/js/95162.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/1391.0ae298293689721c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
53ed511ad10e71682b09ab0a1c1e64274db0d10faa289f8dd9ac0c9a587e808b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:47 GMT
Content-Encoding
gzip
Last-Modified
Thursday, 23-Nov-2023 15:24:47 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript;charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
js
www.googletagmanager.com/gtag/ 		284 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/main-9a2cb928659cd95b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0fb1e76f62d72742220f880ca9a0c2184391098cb0b60116fe01aff3729a29fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95120
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 15:24:47 GMT
gtm.js
www.googletagmanager.com/ 		116 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K52XVPF
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d6e6b8176fad5cad7c3b7c4ba8f96cecace409a5881109b6c315b3b3e67a7060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45759
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Nov 2023 15:24:47 GMT
gpt.js
www.googletagservices.com/tag/js/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
983326464044996937b52c6890af12cf4d72d60e1a7351dc0d3aa53549dfe614
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30382
x-xss-protection
0
server
cafe
etag
676 / 19684 / 31079745 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 15:24:47 GMT
prebid.js
i.ntd.com/assets/themes/m-ntd/js/ads/ 		275 KB
276 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.144.101 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-144-101.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
aeb31f1ee02675acb9388db1392b3cf1fa9e47d53ebeef47b9020b65bc981e58
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
Date
Thu, 23 Nov 2023 15:24:46 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1403547
Content-Length
281947
Pragma
no-cache
Last-Modified
Fri, 14 Oct 2022 17:48:55 GMT
Server
nginx
ETag
"6349a107-44d5b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31342372
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
apstag.js
c.amazon-adsystem.com/aax2/ 		267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-191.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 14:37:56 GMT
content-encoding
gzip
via
1.1 1fa3f854976309f3d11907ad7125291a.cloudfront.net (CloudFront), 1.1 77f3bc2c9964f50671e7151896d06648.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:45 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, YUL62-C2
age
2812
x-amz-server-side-encryption
AES256
etag
W/"08899ab5b5f986f64974630ad47b39a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Wc77kxuSpVtJIciBt2y3A3dtqHMei3auHG_xYYX0pWvO3ClHmT9aQA==
counts
www.ntd.com/api/v1/ 		1 KB
201 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/api/v1/counts?site=www.ntd.com&post=id
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/3213-33fa56d227aef8a4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74ae5337bf7163e6da1d15cb96374543ff3be0333571bc2943ae04d4b357129b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

expires
Thu, 01 Jan 1970 00:00:00 UTC
date
Thu, 23 Nov 2023 15:24:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
via
1.1 google
cf-cache-status
DYNAMIC
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
author
EMG
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ntd.com
app-name
remark
access-control-allow-credentials
true
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag
noindex
cf-ray
82aa6bca4fc53a08-YYZ
app-version
0.1.2
count
sc.youmaker.com/reaction/share/ 		664 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sc.youmaker.com/reaction/share/count?site=www.ntd.com&itemid=896438,956245,956233,956232,956228,956231,956171,956255,956261,956196&token=
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.97.157 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
157.97.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
585a1717771fe70744105938c9bc5fb1d34eff76986494faf1686f01d6a680df

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:47 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
664
getcounts
www.ntd.com/v1/api/video/ 		50 B
167 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/v1/api/video/getcounts
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/663.040d83569fca7810.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6123d5a6a5462a1133375cda85757f7c42ebacba5d5a60531b7b1a521c536465
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 15:24:47 GMT
via
1.1 google
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
content-encoding
gzip
server
cloudflare
cf-cache-status
DYNAMIC
vary
Origin, Accept-Encoding
x-frame-options
DENY
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
cf-ray
82aa6bca4fc83a08-YYZ
x-xss-protection
1; mode=block
counts
www.ntd.com/api/v1/ 		638 B
453 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/api/v1/counts?site=www.ntd.com&post=id
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/3213-33fa56d227aef8a4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc2369512161677104c40f001cfee9c0f05f446fee673f485b2041aa8f932805
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

expires
Thu, 01 Jan 1970 00:00:00 UTC
date
Thu, 23 Nov 2023 15:24:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
via
1.1 google
cf-cache-status
DYNAMIC
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
author
EMG
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ntd.com
app-name
remark
access-control-allow-credentials
true
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag
noindex
cf-ray
82aa6bca4fc93a08-YYZ
app-version
0.1.2
count
sc.youmaker.com/reaction/share/ 		409 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sc.youmaker.com/reaction/share/count?site=www.ntd.com&itemid=955872,955824,955861,955962,955895,955801&token=
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.97.157 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
157.97.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
4a14c309f1d214318225f48804b9d3ba2bc977352d072b0ddbaf832859d293ab

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:47 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
409
geo
pwe.epochbase.com/ 		145 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pwe.epochbase.com/geo
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.129.110.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
efb53e9377bb698c663c5159f6b7eeb5561a23698660a117e96ac5977d1dec9c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:47 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
default-user.png
www.ntd.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntd.com/images/default-user.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92a96977b3a5107b1c7c5bd8d603b01792eabfb32090695967f04b207b154c5d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:47 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
2560
x-xss-protection
1; mode=block
last-modified
Mon, 11 Sep 2023 14:25:48 GMT
server
cloudflare
etag
W/"a00-18a84a25ff1"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
82aa6bcd8cee3a08-YYZ
expires
Thu, 23 Nov 2023 19:24:47 GMT
share.svg
www.ntd.com/images/ 		338 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntd.com/images/share.svg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
203e0f4dcfd2bed10b75a8fd250568838f01d4fd3363279741962d77675af937
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:47 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 11 Sep 2023 14:26:49 GMT
server
cloudflare
content-encoding
gzip
etag
W/"152-18a84a34db8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
82aa6bcd8cef3a08-YYZ
x-xss-protection
1; mode=block
expires
Thu, 23 Nov 2023 19:24:47 GMT
share_single.svg
www.ntd.com/images/ 		388 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntd.com/images/share_single.svg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86587e974d57e7489b5d60f8b446f48aa89bfedf7be4d003204256c1ca3cc9fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:47 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 11 Sep 2023 14:26:49 GMT
server
cloudflare
content-encoding
gzip
etag
W/"184-18a84a34db8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
82aa6bcd8cfa3a08-YYZ
x-xss-protection
1; mode=block
expires
Thu, 23 Nov 2023 19:24:47 GMT
id955873-Geoffrey-Holt.jpg-352x220.webp
i.ntd.com/assets/uploads/2023/11/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ntd.com/assets/uploads/2023/11/id955873-Geoffrey-Holt.jpg-352x220.webp
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.144.101 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-144-101.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0bb27fba4d75d184c99cc0a90cafa688fa860201fba285c132280c852d751f09
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
Date
Thu, 23 Nov 2023 15:24:47 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1403547
Content-Length
31628
Last-Modified
Tue, 21 Nov 2023 15:31:51 GMT
Server
nginx
ETag
"655ccd67-7b8c"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/webp
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31371061
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
id955825-navy-plane-on-ocean.jpg-352x220.webp
i.ntd.com/assets/uploads/2023/11/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ntd.com/assets/uploads/2023/11/id955825-navy-plane-on-ocean.jpg-352x220.webp
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.144.101 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-144-101.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d91d0c708f4c38040c4aa6419b93e38e256e252389f9fecd5f8f03f4f7af721d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
Date
Thu, 23 Nov 2023 15:24:47 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1403547
Content-Length
3634
Last-Modified
Tue, 21 Nov 2023 12:31:08 GMT
Server
nginx
ETag
"655ca30c-e32"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/webp
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31353281
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
id955885-Walmart-shooting-Ohio-AP23325545583948.jpg-352x220.webp
i.ntd.com/assets/uploads/2023/11/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ntd.com/assets/uploads/2023/11/id955885-Walmart-shooting-Ohio-AP23325545583948.jpg-352x220.webp
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.144.101 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-144-101.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
069e8a7c90d32bc5d9b4cbfe7fd043d9f9cee51e2aa6be0c334923eb4b749084
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
Date
Thu, 23 Nov 2023 15:24:47 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1403547
Content-Length
16140
Last-Modified
Tue, 21 Nov 2023 17:00:54 GMT
Server
nginx
ETag
"655ce246-3f0c"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/webp
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31369009
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
id956016-Florida-fire-AP23325738449016.jpg-352x220.webp
i.ntd.com/assets/uploads/2023/11/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ntd.com/assets/uploads/2023/11/id956016-Florida-fire-AP23325738449016.jpg-352x220.webp
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.144.101 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-144-101.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6d5147ae622961cfd2306561f66fd89f43f0bcb9f4f36d70884aafae1b93826f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
Date
Thu, 23 Nov 2023 15:24:48 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1403547
Content-Length
11328
Last-Modified
Wed, 22 Nov 2023 03:51:04 GMT
Server
nginx
ETag
"655d7aa8-2c40"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/webp
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31408289
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
id955973-Judge-Scott-McAfee-AP23325785897029.jpg-352x220.webp
i.ntd.com/assets/uploads/2023/11/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ntd.com/assets/uploads/2023/11/id955973-Judge-Scott-McAfee-AP23325785897029.jpg-352x220.webp
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.144.101 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-144-101.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
404f1bf85f9a58a8a50a033f3ad275b88aeee36395aa4ba6d447f2fb9bb42e3a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
Date
Thu, 23 Nov 2023 15:24:48 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1403547
Content-Length
10984
Last-Modified
Tue, 21 Nov 2023 23:21:42 GMT
Server
nginx
ETag
"655d3b86-2ae8"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/webp
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31392379
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
id955823-TN-HD-1121.jpg-352x220.webp
i.ntd.com/assets/uploads/2023/11/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ntd.com/assets/uploads/2023/11/id955823-TN-HD-1121.jpg-352x220.webp
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.144.101 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-144-101.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
dbf880ffbf033a903d3adeb3d8f9a48fc3ac2bf6bfe20a15fea5d19b25094306
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
Date
Thu, 23 Nov 2023 15:24:48 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1403547
Content-Length
15162
Last-Modified
Tue, 21 Nov 2023 12:21:24 GMT
Server
nginx
ETag
"655ca0c4-3b3a"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/webp
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31480010
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
watch_ntd_on.png
www.ntd.com/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntd.com/images/watch_ntd_on.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
713263f98de24816dc9c23cceaac5e33d2d503c3e3279d5f594f3c6bbc37f00d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:48 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
20726
x-xss-protection
1; mode=block
last-modified
Mon, 11 Sep 2023 14:26:49 GMT
server
cloudflare
etag
W/"50f6-18a84a34dba"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
82aa6bd079dd3a08-YYZ
expires
Thu, 23 Nov 2023 19:24:48 GMT
watch_ntd_row1-2.png
www.ntd.com/images/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntd.com/images/watch_ntd_row1-2.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
389fa4125ec3420aaa5b87423adc74c1e2fdbae9cd1eefb2dc2634b5032f4be7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:48 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
65131
x-xss-protection
1; mode=block
last-modified
Mon, 11 Sep 2023 14:25:48 GMT
server
cloudflare
etag
W/"fe6b-18a84a25ffe"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
82aa6bd0aa2e3a08-YYZ
expires
Thu, 23 Nov 2023 19:24:48 GMT
watch_ntd_row2-2.png
www.ntd.com/images/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntd.com/images/watch_ntd_row2-2.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6951c7c304900b4e2b7f0213fab3e077225b9bd842056a10134b0afbb1be26db
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:48 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
94887
x-xss-protection
1; mode=block
last-modified
Mon, 11 Sep 2023 14:26:49 GMT
server
cloudflare
etag
W/"172a7-18a84a34dbb"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
82aa6bd0aa343a08-YYZ
expires
Thu, 23 Nov 2023 19:24:48 GMT
www-widgetapi.js
www.youtube.com/s/player/63e90c30/www-widgetapi.vflset/ 		215 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/63e90c30/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af82cd92cb1df231870f60b847a411fcc4adfffef67f01fff41885828edee2e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:16:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
471
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68238
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 02:45:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 22 Nov 2024 15:16:56 GMT
template
pwe.epochbase.com/api/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pwe.epochbase.com/api/template?siteId=www.ntd.com&templateId=sign-in-navbar
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.129.110.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0ea258555e5fcf60617c4791778cba754e64b9acb2792b47c32af0cf2dfa0b3e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:48 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.1
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rules
pwe.epochbase.com/api/plan/ 		4 KB
900 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pwe.epochbase.com/api/plan/rules?siteId=www.ntd.com&planId=live-ntd
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.129.110.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
f2fbec20eff343b19ab9e0f85926cdee9701203228f142d35c1727e833850c1f

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:48 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.1
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ge.js
s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ 		59 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ge.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.205.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
d20db6c1df31874b999f525e1eb15c5041d7b5b94c7336754c97d72fca64c1f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:24:50 GMT
Last-Modified
Tue, 29 Aug 2023 17:44:45 GMT
Server
AmazonS3
x-amz-request-id
S3FP4CHGJJMB4PYM
ETag
"b54fadc7e5991d9914d62a0459bfdf77"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
60527
x-amz-id-2
SUIObXbc+0U0AsUm8DApSOhWOZ33QhpmuaPPkWPrcPenI2KdksQR1glgFMViK2xz2V4V5fh4q54=
Expires
Thu, 28 Sep 2023 17:44:44 GMT
js
www.googletagmanager.com/gtag/ 		284 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K52XVPF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef8f27c714729b89b92fa5255e9e9fea9b24c62f19b11f55508b0a3070da5279
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95226
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 15:24:48 GMT
collect
analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-2BRDBGYLL0&gtm=45je3b81v896365836&_p=1700753086859&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1305463054.1700753088&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700753088&sct=1&seg=0&dl=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&dt=At%20NYC%20Lunar%20New%20Year%20Parade%2C%20Falun%20Gong%20Adherents%20Have%20Message%20for%20the%20World%20%7C%20NTD&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1&tfd=4314
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2BRDBGYLL0&cid=1305463054.1700753088&gtm=45je3b81v896365836&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
template
pwe.epochbase.com/api/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pwe.epochbase.com/api/template?siteId=www.ntd.com&templateId=sign-in-combo&version=
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.129.110.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2e52b90c4576fcc79aa119ec5d779a093ae19822d0a3f220d5e52db8251389f7

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:48 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.1
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 		465 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
Origin
https://www.ntd.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:26:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190682
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 12:26:38 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:24:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
43203
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138149
x-xss-protection
0
server
cafe
etag
11558412289700915514
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 22 Nov 2024 03:24:45 GMT
jsapi.v5.12.0.en_US.js
static.mixi.media/static/jsapi/ 		251 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js
Requested by
Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:24:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Mar 2022 07:51:02 GMT
Server
nginx
ETag
W/"62455d66-3eabf"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
sm.js
stat.mixi.media/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.mixi.media/sm.js
Requested by
Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:24:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Dec 2021 13:53:02 GMT
Server
nginx
ETag
W/"61a8cfbe-13481"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=3600
Connection
keep-alive
miximedia.svg
static.mixi.media/static/adpreview-assets/mixi-media/images/logo/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mixi.media/static/adpreview-assets/mixi-media/images/logo/miximedia.svg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:24:49 GMT
Last-Modified
Mon, 30 Sep 2019 14:11:01 GMT
Server
nginx
ETag
"5d920cf5-1849"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6217
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-191.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 14:47:40 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 8628ab00b77c57209ad876418b745f6e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
2230
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
oAtpJirRdpJva4oKkOoKgnnrEQirWQ97nRJXUTLlSR0YR1YHwRjl3w==
ae51d432-b517-4c68-9f8a-22444acccbb5
config.aps.amazon-adsystem.com/configs/ 		537 B
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-17.iad12.r.cloudfront.net
Software
CloudFront /
Resource Hash
0cd025650731be40fa9351f621181de6458980ce8ca01bcdbdbc12afac2f31c2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:50 GMT
via
1.1 c0b0d7167cc2eb52d8d154aa7fc03a0a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD12-P3
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
EO2BVDH5vT1LXxodlrvQiAlsJTnNo6g9nCL8jAWwkbzLubAVJa0g2Q==
config
c.amazon-adsystem.com/cdn/prod/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ntd.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-191.yul62.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:42:48 GMT
via
1.1 77f3bc2c9964f50671e7151896d06648.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C2
age
9719
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.ntd.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
Z7T6j8XqF6GRptLjogUA4DzC1IYDw9Nbh1J6HsoRif30emW4EbcD7w==
config
c.amazon-adsystem.com/cdn/prod/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ntd.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-191.yul62.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:42:48 GMT
via
1.1 77f3bc2c9964f50671e7151896d06648.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C2
age
9720
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.ntd.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
x5ouCaymDXOUvYSTulxsG_uSnzihMIGupdCrRtbYP4KspAvxc4fgMQ==
react.production.min.js
unpkg.com/react@18.2.0/umd/
Redirect Chain
  • https://unpkg.com/react@18/umd/react.production.min.js
  • https://unpkg.com/react@18.2.0/umd/react.production.min.js
10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@18.2.0/umd/react.production.min.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:50 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1928420
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HE4XEKE8BGQVF7J29KH9QKQH-yyz
server
cloudflare
etag
W/"29f1-mAiaM9DPL6Sz4bqbfuubi6Csgqc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
82aa6bdd5eab36fb-YYZ

Redirect headers

date
Thu, 23 Nov 2023 15:24:49 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HFYC1DNW0WTHRBB80HF4GF68-yyz
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
519
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/react@18.2.0/umd/react.production.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
82aa6bdb4b6236fb-YYZ
react-dom.production.min.js
unpkg.com/react-dom@18.2.0/umd/
Redirect Chain
  • https://unpkg.com/react-dom@18/umd/react-dom.production.min.js
  • https://unpkg.com/react-dom@18.2.0/umd/react-dom.production.min.js
129 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@18.2.0/umd/react-dom.production.min.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:50 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1842252
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HE7FM6YS4DTNZYGXSVNZ62TK-yyz
server
cloudflare
etag
W/"2032a-UG2RAMqgcABaiQvUlt5kxDfW0Ag"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
82aa6bdd5ea436fb-YYZ

Redirect headers

date
Thu, 23 Nov 2023 15:24:49 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HFYC1DNT58TGBHR025S31BDB-yyz
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
519
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/react-dom@18.2.0/umd/react-dom.production.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
82aa6bdb4b5e36fb-YYZ
signInCombo-2.1.umd.js
pwe.epochbase.com/libs/ 		252 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pwe.epochbase.com/libs/signInCombo-2.1.umd.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6c66e47dc43f9607.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.129.110.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
133bd9c50accec513f057a09b3be1d84c8c791b8646640223573deca444f4657

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:49 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 16 Nov 2023 22:13:48 GMT
server
nginx/1.20.1
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
NTDLogo.svg
i.ntd.com/assets/themes/ntd/images/ 		660 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ntd.com/assets/themes/ntd/images/NTDLogo.svg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.144.101 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-144-101.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
Date
Thu, 23 Nov 2023 15:24:49 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
1403547
Content-Length
660
Last-Modified
Fri, 14 Oct 2022 17:48:55 GMT
Server
nginx
ETag
"6349a107-294"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=30806622
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
bid
aax.amazon-adsystem.com/e/dtb/ 		221 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&pid=Rae7DLQ1aLgzj&cb=0&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22below_article_ads%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
a5034624d77bf23f1b3f8d96aba64011cbffea1585d6f3041abaeb675736e4f6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 421f55bf919c48fdb315cf78c5d6e1dc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
ATSQ9DKR8NVVB8ZPQN8V
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
221
x-amz-cf-id
uIuEInwnEM8LmnS7I4Et2CDZpx1fpf95lPKSC88rlgXE36ExVBPZUw==
cookie_sync
prebid.adnxs.com/pbs/v1/ 		638 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f90338473cb76d2ea048cf525b2b2b42208ac2d559ec801976e3e002747eb5fc

Request headers

Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:50 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		0
0
prebid
exchange.postrelease.com/ 		0
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_rid=58b05e5a9191d1&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiYmVsb3dfYXJ0aWNsZV9hZHMiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzM2LDI4MF1dfX19XX0=&ntv_dbr=eyJiZWxvd19hcnRpY2xlX2FkcyI6MH0=&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Requested by
Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.126.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-126-75.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:50 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		618 B
961 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&tg_i.page=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&tg_i.domain=ntd.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_article_below_end_336&tk_flint=pbjs_lite_v6.23.0&x_source.tid=a5d6cbef-ac13-4710-b029-d4b5c46576e9&l_pb_bid_id=85f3b6b212a196&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_article_below_end_336&slots=1&rand=0.6291040011047049
Requested by
Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
852bc27ae5c552e352212ac40f04603e0167a57636d51cccc9acc6797796991b

Request headers

Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ 		15 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.ntd.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebid
ib.adnxs.com/ut/v3/ 		19 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:50 GMT
an-x-request-uuid
165aceec-18b3-4f5d-8831-788142842827
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ntd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=360724&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213cbbbf6c65043f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html%22%2C%22domain%22%3A%22ntd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ntd.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221420a95dee21a43%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%2C%22gpid%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by
Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89212680eca99e193dac400ed5dc6f7e45ac861b49732483114803fe3193e650

Request headers

Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmmPnGiMExx0hjIJld6u024g9hYcnjVh4Pn4I%2B9MI%2BFd%2Fc4xn9xV%2F%2B1bRHLlnmhPmLQjHfqufGmBpP4K8FM4OWXOQPe8m54zHm5N2EdXhL3SN7%2BvJMRODzrD0E98C5wMmOLlGdRu"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82aa6bdd8897a226-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
bid
aax.amazon-adsystem.com/e/dtb/ 		221 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&pid=Rae7DLQ1aLgzj&cb=1&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22sidebar_ads_right_top_300_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
3122cc88d9f81a4c920a78d3a4195659dea8135b6bb104610471f8d856218530
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 421f55bf919c48fdb315cf78c5d6e1dc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-amz-rid
V1MQGDK5SEBGK1WJG434
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
221
x-amz-cf-id
D30YuVpb2fAbA2UApPRd5M128s5gTdiMDaLrAwWPYif1bWu_F8ba_A==
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		0
0
prebid
exchange.postrelease.com/ 		0
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_rid=20cb61acf4225f2&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoic2lkZWJhcl9hZHNfcmlnaHRfdG9wXzMwMF8xIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19XX0=&ntv_dbr=eyJiZWxvd19hcnRpY2xlX2FkcyI6MCwic2lkZWJhcl9hZHNfcmlnaHRfdG9wXzMwMF8xIjowfQ==&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Requested by
Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.126.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-126-75.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:50 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		586 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&rf=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&tg_i.page=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&tg_i.domain=ntd.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_336x280-3&tk_flint=pbjs_lite_v6.23.0&x_source.tid=85255fee-11e1-479e-9316-407daf9929fd&l_pb_bid_id=236d608a734af21&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_336x280-3&slots=1&rand=0.5931408253790487
Requested by
Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
026b04eb7670fbe78a8b90f06ace47478464183d20bfe13c82bbc60d5cc2ac0f

Request headers

Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
586
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:50 GMT
an-x-request-uuid
a08a448f-c059-4e8c-8cc9-823a6023450d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ntd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.ntd.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cygnus
htlb.casalemedia.com/ 		37 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=360713&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22287b212c1506b8a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html%22%2C%22domain%22%3A%22ntd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ntd.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2229338f6e725f967%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22360713%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%2C%22gpid%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by
Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
614df6c217d2641b5f4380f36bedff2eafe63289218809dbc8c6f34e15701567

Request headers

Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PE6w8Zrs3XO4Yppb0YjB%2BUaRQ6a2zmUgHDRlsLOgXOHpdsrnQFIOmmDIESXDrjVEdw1uzCQJ0OGsjJHsZkMRicsz3cl955KCwik8t1mPPiPcw05t8YBJhhOXE2CylrO9LMtdekOy"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82aa6bdd8896a226-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
lc2.js
b-code.liadm.com/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/lc2.js
Requested by
Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:3a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b0512ff1ecca4eeaa79eabd6f059915e9cec84022c2f78519acf20d942b628e0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 19:12:52 GMT
content-encoding
gzip
via
1.1 9a6f07a84b60a85466bb31603767843c.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
72718
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
Wn3l2LYmjMjgtDDAEB14OtCXiz9qygtyq0CIl0_0XNafpNHZX1z9Dw==
anchor
www.google.com/recaptcha/api2/ Frame D1E4 		60 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=z9vxhz2vhhqh
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::6a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0a7de850470a7ca3b05e0562c8cc2f485568503de511a6ec24420c3fdd4264f9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ODPKjRscqt_uvobzW_2Jig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ODPKjRscqt_uvobzW_2Jig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 15:24:50 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
jsapi
mixi.media/newdata/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mixi.media/newdata/jsapi?action=news
Requested by
Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
85e52aca7f16282019bb0a6dda29fdb1f91f9e9ad6339f4aae0efa30e41c864f

Request headers

Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
multipart/form-data

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:50 GMT
Content-Encoding
gzip
Last-Modified
Thursday, 23-Nov-2023 15:24:50 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Node
ads5-1sser12
iu3
s.amazon-adsystem.com/ Frame 6367
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&dcc=t
391 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
69ac4fcaeeb36708015ea52ad19eca5b19063c0c7125b83f69f0d9dd445cca06
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
391
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 23 Nov 2023 15:24:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
PM808EH776PFHS7SNQDX

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 23 Nov 2023 15:24:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ZEHBJRT848JPNFC2ZW1G
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame D1E4 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=z9vxhz2vhhqh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:20:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 10:20:25 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame D1E4 		465 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=z9vxhz2vhhqh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:26:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10692
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190682
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 12:26:38 GMT
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&rurl=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconversant%...
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=48d02ebabb311037&is_secure=true&version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&rurl=https%3A%2F%2Fib.adnxs.c...
  • https://ib.adnxs.com/prebid/setuid?bidder=conversant&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=AAAFwsHo6-0VtwMqUzkQAAAAAAA&expiration=1700839491
43 B
970 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=conversant&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=AAAFwsHo6-0VtwMqUzkQAAAAAAA&expiration=1700839491
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:51 GMT
an-x-request-uuid
adf120e8-0d3f-4a5a-9d7b-b4da1d8a7bf2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:51 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://ib.adnxs.com/prebid/setuid?bidder=conversant&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=AAAFwsHo6-0VtwMqUzkQAAAAAAA&expiration=1700839491
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
settings
stat.media/counter/ 		450 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/settings?payload=COeDAxjhuaLmvzE&cb=_callbacks____0lpbch7j8
Requested by
Host: stat.mixi.media
URL: https://stat.mixi.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.162.95.70 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
sm-server1-1.smir12.imcmdb.net
Software
nginx /
Resource Hash
4a61c1aa9951ded49fd4122734c9ccdb31c3f34aa8865ed7b7dae0873713d853

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:24:51 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
ActaDeck-Medium.otf
cdn.epoch.cloud/assets/fonts/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.epoch.cloud/assets/fonts/ActaDeck-Medium.otf
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c675529d813e074e45b83d5d12dde2bf726bb6b31ee8227dbfcf946e05af5c

Request headers

Referer
https://www.ntd.com/
Origin
https://www.ntd.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1101
alt-svc
h3=":443"; ma=86400
content-length
51776
last-modified
Wed, 19 Feb 2020 18:57:39 GMT
server
cloudflare
etag
"5e4d8523-ca40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scjXk7bcnpmtChFgpP8un%2FUoB%2BJLJ6qoEAJtXm%2FA1fQaohGUQnmXwcUsjSFka%2BskxyteOCfuaL%2Bv7ffBbICOZ2Pw8unoApnnCm4GNRdptwJj%2F3%2F%2Fz0s3Nav3qX8hg6IarcqX6Wc%2BUrM6Ncd78kA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82aa6be2b90a5074-ORD
RingsideNarrow-Medium.otf
cdn.epoch.cloud/assets/fonts/ 		123 KB
124 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.epoch.cloud/assets/fonts/RingsideNarrow-Medium.otf
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55

Request headers

Referer
https://www.ntd.com/
Origin
https://www.ntd.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1100
alt-svc
h3=":443"; ma=86400
content-length
126244
last-modified
Tue, 07 Jun 2022 20:08:09 GMT
server
cloudflare
etag
"629fb029-1ed24"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UidcG0mUGFlA2GGEYjhjK5PtFVy0AxdR7%2BmbYEHCkOQKjoKGVg%2B4H3TjtHibu4kW99UgprMFynsTnZm6Pb6sr3sCGQPBHvCWNrAo4BQNf%2Bz%2BIDLP52nR8S%2FxN5dcGWu19fyja%2Bl6bB4mj9GKWjE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82aa6be2b90c5074-ORD
11424825.jpeg
static6.mixi.media/img/400x300/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static6.mixi.media/img/400x300/11424825.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
59dc788326a1d20f4bfb5fc192505829a9ed9f12e9fe90c3cff7c4e00156f31f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:24:51 GMT
Last-Modified
Mon, 20 Nov 2023 18:12:12 GMT
Server
nginx
ETag
W/"655ba17c-14255"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
49533
11389384.jpeg
static3.mixi.media/img/400x300/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.mixi.media/img/400x300/11389384.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
282122cc5070f90657b0f493556c9858db0fbeeee26bc7fc26cf2df0b01eef7c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:24:51 GMT
Last-Modified
Sat, 04 Nov 2023 23:48:05 GMT
Server
nginx
ETag
W/"6546d835-3c2c1"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
33425
11422332.jpeg
static8.mixi.media/img/400x300/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static8.mixi.media/img/400x300/11422332.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
b296d9967f2f50e4b2edfa7c959efacf4ea5f64eb9e96e6dc815e57fbed48e55

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:24:51 GMT
Last-Modified
Sun, 19 Nov 2023 19:30:00 GMT
Server
nginx
ETag
W/"655a6238-148b1"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
42002
11042006.jpeg
static3.mixi.media/img/400x300/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.mixi.media/img/400x300/11042006.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
e486c64f1de4a585fd8d2794aeb4f3853d13ffe3a45f397ed18ad7dc6fd2feed

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:24:51 GMT
Last-Modified
Thu, 08 Jun 2023 14:42:15 GMT
Server
nginx
ETag
W/"6481e8c7-11a2b"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
55993
11411503.jpeg
static3.mixi.media/img/400x300/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.mixi.media/img/400x300/11411503.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
9a22035361ff03a917f8a03ee6efeb4848ca6caded308c2630c1031bfe754d92

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:24:51 GMT
Last-Modified
Tue, 14 Nov 2023 17:07:48 GMT
Server
nginx
ETag
W/"6553a964-14d49c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
75388
11415314.jpeg
static3.mixi.media/img/400x300/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.mixi.media/img/400x300/11415314.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
751f916eef378462304f9f5cfefdfa560eba2ae4ec02c7b94d3bca7214c002b3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:24:51 GMT
Last-Modified
Thu, 16 Nov 2023 09:14:39 GMT
Server
nginx
ETag
W/"6555dd7f-13f17"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
50889
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1700753090947&se=e30&duid=33df6995a8cd--01hfycha7mg45shtk9s8p8smvk&tna=v2.11.1&pu=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-me...
  • https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hfycha7mg45shtk9s8p8smvk&tna=v2.11.1&dtstmp=1700753090947&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-fal...
13 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hfycha7mg45shtk9s8p8smvk&tna=v2.11.1&dtstmp=1700753090947&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&i6=MjAwMTo0OTU4OjE0MjA6MTVhOjoxODY%3D
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Server
3.215.46.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-46-21.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:51 GMT
x-pixel-event-id
14cbe693-be79-450e-b650-1c1a66c7ea41
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
null
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
13

Redirect headers

location
https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hfycha7mg45shtk9s8p8smvk&tna=v2.11.1&dtstmp=1700753090947&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&i6=MjAwMTo0OTU4OjE0MjA6MTVhOjoxODY%3D
access-control-allow-origin
https://www.ntd.com
date
Thu, 23 Nov 2023 15:24:51 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1325607026919098&correlator=3855652486418180&eid=31079745%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=5965368%2Cntd.tv_article_below_end_336&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700753091176&lmt=1700753091&adxs=459&adys=12898&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&vis=1&psz=835x13277&msz=300x0&fws=4&ohw=1600&ga_vid=1305463054.1700753088&ga_sid=1700753091&ga_hid=1655065248&ga_fc=true&dlt=1700753085082&idt=4476&prev_scp=first_article%3Dfalse%26amznbid%3D2%26amznp%3D2&cust_params=site%3Dwww.ntd.com%252Cntd.com&adks=2418553208&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f36e8ca5dcf2d6239d390499de5c3a0cdc7539143d6fb049bb6a934829883b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13000
x-xss-protection
0
google-lineitem-id
6399483582
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138451061735
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2ff71852cc4cef8a8b53f22056c9474a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 33B6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2ff71852cc4cef8a8b53f22056c9474a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 15:24:51 GMT
expires
Fri, 22 Nov 2024 15:24:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1325607026919098&correlator=3855652486418180&eid=31079745%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=5965368%2Cntd.tv_336x280-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700753091328&lmt=1700753091&adxs=1069&adys=1391&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&vis=1&psz=370x14980&msz=300x0&fws=4&ohw=1600&ga_vid=1305463054.1700753088&ga_sid=1700753091&ga_hid=1655065248&ga_fc=true&dlt=1700753085082&idt=4476&prev_scp=first_article%3Dfalse%26amznbid%3D2%26amznp%3D2&cust_params=site%3Dwww.ntd.com%252Cntd.com&adks=1165351140&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
168fb280da84af940d43d3a03eae970a4cdcfcf42c60f4db58f38168f03fea89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13135
x-xss-protection
0
google-lineitem-id
5685716310
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138442366523
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame B748 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e33012d7d29d3d36612209c9a3a610cfefa188eb44cc85b40cd35a7ac1bfd398
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3162
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 23 Nov 2023 15:24:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
ETKRWVPTJQ3KTBEW4REM
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D1E4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 02:42:03 GMT
x-content-type-options
nosniff
age
45768
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 30 Nov 2023 02:42:03 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D1E4 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=z9vxhz2vhhqh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 12:47:01 GMT
x-content-type-options
nosniff
age
268670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Nov 2024 12:47:01 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D1E4 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=z9vxhz2vhhqh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:43:31 GMT
x-content-type-options
nosniff
age
250880
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Nov 2024 17:43:31 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame D1E4 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=z9vxhz2vhhqh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::6a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=bottomright&cb=z9vxhz2vhhqh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 23 Nov 2023 15:24:51 GMT
ecm3
s.amazon-adsystem.com/ Frame B748
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=7978b75d-f239-4d82-bd80-ed7ced5a5dfd
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=7978b75d-f239-4d82-bd80-ed7ced5a5dfd
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SHXT8G9T20MZPMKNK3G5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=7978b75d-f239-4d82-bd80-ed7ced5a5dfd
Date
Thu, 23 Nov 2023 15:24:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
csync.loopme.me/ Frame B748 		0
0
ecm3
s.amazon-adsystem.com/ Frame B748
Redirect Chain
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=c8e7db7e-592d-4bbd-ab04-0450e854c2cb
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=c8e7db7e-592d-4bbd-ab04-0450e854c2cb
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NN6A8YX6NY916SE50K80
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=c8e7db7e-592d-4bbd-ab04-0450e854c2cb
access-control-allow-origin
*
date
Thu, 23 Nov 2023 15:24:52 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
ecm3
s.amazon-adsystem.com/ Frame B748
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AACW307Kvt4AABKAVLVgzQ&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AACW307Kvt4AABKAVLVgzQ&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TF6TJTDK00V4BXSBXVPH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AACW307Kvt4AABKAVLVgzQ&ex=beeswax.com
Date
Thu, 23 Nov 2023 15:24:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame B748
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=2c58c86c97
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=2c58c86c97
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PMQWET0J86B8HWSMVJPQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 23 Nov 2023 15:24:39 GMT
via
1.1 c83536c4e12f4a229fa27266fc5fdd56.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
12
x-cache
Hit from cloudfront
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=2c58c86c97
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
nOJZhOTyPprXzCJBBFR5hMX0p1Qw-NAMAiWR9H6dnqnaAtOxGSk9NQ==
/
onetag-sys.com/match/ Frame B748 		0
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame B748
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=8892889A60E84F7FB9357F073655A745&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=8892889A60E84F7FB9357F073655A745&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M56E2YKQSG8TCBFNSCSG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 23 Nov 2023 15:24:52 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=8892889A60E84F7FB9357F073655A745&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 22 Nov 2023 15:24:52 GMT
ecm3
s.amazon-adsystem.com/ Frame B748
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=1b7de7e863fc528527kmw100lpbch8kk
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=1b7de7e863fc528527kmw100lpbch8kk
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0B6QTBP55045FQBMZA7H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 23 Nov 2023 15:24:52 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=1b7de7e863fc528527kmw100lpbch8kk
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5BUID%5D
  • https://ib.adnxs.com/prebid/setuid?bidder=sonobi&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=059bc64e-3480-4676-8f06-8fedb9b752f9
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=sonobi&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=059bc64e-3480-4676-8f06-8fedb9b752f9
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:52 GMT
an-x-request-uuid
58c65fe8-c3d9-47fc-890f-0d855f33ea65
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:51 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-128
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ib.adnxs.com/prebid/setuid?bidder=sonobi&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=059bc64e-3480-4676-8f06-8fedb9b752f9
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cm
u.openx.net/w/1.0/ Frame B163
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
693 B
732 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7e9ebe92e6ab9c85b3bc2dbe089f5884936d5d2deced272eb37219836a034556

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
399
content-type
text/html
date
Thu, 23 Nov 2023 15:24:52 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 23 Nov 2023 15:24:51 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
/
match.sharethrough.com/jwumXNuB/v1/ Frame 66FF 		675 B
860 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.212.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-212-107.compute-1.amazonaws.com
Software
/
Resource Hash
7b12f2c5cfbe0417910a1f136368ac2d40abd2bcf4329f8e6c7b7483ca5254b9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
675
date
Thu, 23 Nov 2023 15:24:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1E79 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCFKymmI-1w63nVSFiZxhMzFkmHsPXeiiqtxbOVrjdNAWCukSTHfLyY0VLUPN_i7YwnBqCyhfTzDIeplPJHeqq90BQfmT3PHKbLwZwGOino5mt3gL5iCDxuATpa21FaN1y9GzYwSb5It37jQRdkkYG1JvV9UTDl7AUKgQlqFswbc-yLzyYqQrLvXF04B1gV35MOOnBEhyK9HEyocY8oBKtZYB5GUvuhlOP-VSjqTz_xgJFa8EBQ1IFYGUrHyj4rCw7lplUY9O3EyLnGBlb7z7QtTVG6GDPn3lcdZsfOXxSBYCMb00gp-mM04jE92ORdfHhYHFMcYti2jSFAbqMksRQ2ubA2ekeUAC7dsGbwZ9vWzLUFaNVd9nUW8o7nqH27S23qkfE1X8&sai=AMfl-YShKcppZ3mFtRxNCxQtuce6nMb49YKDbyg39_9p4FVFv7a6Kyhu4s7_9AHkRSxw1HYRSVX2kaTnNYj8ATmuiVGribBM2GU-uqJ-23f8YxYX_Y-HS3_345NoazOjNG5XslNdApvCfJB8Z270oVVKKeg&sig=Cg0ArKJSzKSaSVhaiEOREAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Nov 2023 15:24:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1E79 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
269ecd5384cff5988118c07b549ecf90eb9382d69477cae705ac84217405ee06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62503
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 15:24:52 GMT
9607838449900506551
tpc.googlesyndication.com/simgad/ Frame 1E79 		175 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9607838449900506551?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a207fbabb76a765c99d31d89bac2e18037120a7079f0ae44201163aae301f6de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 05:20:55 GMT
x-content-type-options
nosniff
age
36237
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
179312
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 15:07:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 22 Nov 2024 05:20:55 GMT
tamptsync
sync-amz.ads.yieldmo.com/ Frame 26E3 		1017 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.31.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-31-170.compute-1.amazonaws.com
Software
/
Resource Hash
91ae542a7870e4109b73586afaa1550a4a23c06688d370051a10b2803c3fd62b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 23 Nov 2023 15:24:52 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 642D 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.72.158.153 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-158-153.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 15:24:52 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame A0B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgvMJHJr_2lPeV__eFO_bvZSmpQJXqvrDdtIPuE_fdTZLb95Dfut2_MDPjhyvBbICXDTPeVh9BwF1wRDbP53eajith6Dhn3cFg0xpZuXWPY3fImmTjDNXp9cD5unlnOfgVVK3r4QUcTkfsAc9JYHf5BEgILmrKVxnfsBwFvk3dhUiJ68khVfv89e8x7fXiucCqmQDhNJNbHg-HuEETwuddyQuOKaMPhBdTEwYoIMsU-T1KkoHLvthB1x9MR_4tgxvGQo-asQgbK9GooBwJse-rvLArLJA86cjIvxCiCx-F1GLkPHavfh2qihF6Bs0niNPAl3-3Bu5Q3lyLDjOcbl9IjBVUUsrllNWVP4eVOOzT-WAcMqRMiHjviJglFOnygXdC_3NUHTxMwg&sai=AMfl-YQacd47EZGr0ndZvFWh6EK2BUHIqqO7A9345-9qJfj3pRBb5OGtfT6Z7kK7l-V9P_mTqKdOb3UwzEzPumwh_pcFCzc8umiyMku6GIqtpumCSV_VCDIMNpCWjJhRGT47IBSeprWooVsyrXenI3X8Ka14&sig=Cg0ArKJSzEo3mTbNNwX9EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A0B4 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
269ecd5384cff5988118c07b549ecf90eb9382d69477cae705ac84217405ee06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62503
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 15:24:52 GMT
12185688737506780164
tpc.googlesyndication.com/simgad/ Frame A0B4 		241 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12185688737506780164?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab102b65cd0580b53633fa7396974f47cbaac345e99a3b2fb616198776d79282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:46:51 GMT
x-content-type-options
nosniff
age
23881
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
247133
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 15:53:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 22 Nov 2024 08:46:51 GMT
ecm3
s.amazon-adsystem.com/ Frame 52D6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0zZmlWRE1aRTJ1SmtBQmMzaDdoZjdwc3ZQUUFlVzBGV35B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0zZmlWRE1aRTJ1SmtBQmMzaDdoZjdwc3ZQUUFlVzBGV35B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 15:24:53 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
DB5GJGHPE0XWG8GW1V1J

Redirect headers

age
0
content-length
0
date
Thu, 23 Nov 2023 15:24:53 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0zZmlWRE1aRTJ1SmtBQmMzaDdoZjdwc3ZQUUFlVzBGV35B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.87
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame EBF3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=1480268236432194020&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=1480268236432194020&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 15:24:53 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
53J3JDWNVE78GGQ74CXN

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
21a9fa11-1f08-4c28-b4ca-7dc7b396ef66
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 15:24:53 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=1480268236432194020&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
/
mixi.media/cookiematching/ 		43 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJDQ1ODI4MTM0LTdjMGUtNGJkMC05NmY4LTY3YTViN2VjMzc5MhoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNzAwNzUzMDkxNjA0GgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJDQ1ZDlmMjU5LTIxZGYtNGUxZC1hOWY2LWNmMGExNGUwMGEzYRoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1700753092783
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Date
Thu, 23 Nov 2023 15:24:53 GMT
Last-Modified
Thursday, 23-Nov-2023 15:24:53 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 23 Nov 2023 15:24:53 GMT
view
stat.media/counter/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/view
Requested by
Host: stat.mixi.media
URL: https://stat.mixi.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.162.95.70 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
sm-server1-1.smir12.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Thu, 23 Nov 2023 15:24:53 GMT
Server
nginx
Connection
keep-alive
ecm3
s.amazon-adsystem.com/ Frame B163 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=32586be3-bf32-8f3a-9674-ceb46f8cf6d7
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VDGEZVBR71YS6K69FWMM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
fe4971da-3334-a689-67ad-5ad6f8e8f07e
pr-bh.ybp.yahoo.com/sync/openx/ Frame B163 		43 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/fe4971da-3334-a689-67ad-5ad6f8e8f07e?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:37a8:24af:759b:4c92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame B163 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=32586be3-bf32-8f3a-9674-ceb46f8cf6d7
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MAVCW6X738F3J7EQY098
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B163
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=6a8e179e-a398-34c0-567a-4c2307bf3d37&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=6a8e179e-a398-34c0-567a-4c2307bf3d37&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=963a55a4-c8bf-44bc-8b5f-e99436d6aecb&ttd_puid=6a8e179e-a398-34c0-567a-4c2307bf3d37&gdpr=0&gdpr_consent=
43 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=963a55a4-c8bf-44bc-8b5f-e99436d6aecb&ttd_puid=6a8e179e-a398-34c0-567a-4c2307bf3d37&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=963a55a4-c8bf-44bc-8b5f-e99436d6aecb&ttd_puid=6a8e179e-a398-34c0-567a-4c2307bf3d37&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 15:24:54 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame B163 		170 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDZlMWM0NTQtNmFlZi02YTY0LTQzOWEtMTY5YWNkNWRmMzU3
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B163
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDxswgyveG1bqsnUYmlYdtk&google_cver=1
43 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDxswgyveG1bqsnUYmlYdtk&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDxswgyveG1bqsnUYmlYdtk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 2F71 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
44
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
82aa6bf1193139e9-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 15:24:53 GMT
expires
Thu, 23 Nov 2023 19:24:53 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8649 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
24425
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 23 Nov 2023 15:24:53 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
455, 40536
X-Served-By
cache-lga13626-LGA, cache-yyz4562-YYZ
X-Timer
S1700753093.292005,VS0,VE0
/
onetag-sys.com/usync/ Frame 6653 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700753090353
Requested by
Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
a6626bda924b82d98179141733bb25ee76b32d1c01b1f237405fdd2c7b8ccec8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1382
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
ixmatch.html
js-sec.indexww.com/um/ Frame 1499 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
44
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
82aa6bf1193339e9-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 15:24:53 GMT
expires
Thu, 23 Nov 2023 19:24:53 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2BAE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
24425
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 23 Nov 2023 15:24:53 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
455, 40537
X-Served-By
cache-lga13626-LGA, cache-yyz4562-YYZ
X-Timer
S1700753093.318281,VS0,VE0
/
onetag-sys.com/usync/ Frame 612A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700753090349
Requested by
Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
a06e848c173d7fdccf63861e5a13336c035d70024c5edb3e9f5611a04a802250
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1381
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame D3F5 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.72.158.153 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-158-153.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 15:24:53 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 66FF 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=8bdffc81-7c3e-472e-98c1-955bd9854d24
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MQWZPW3C9SBTSWAH68C3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 66FF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=963a55a4-c8bf-44bc-8b5f-e99436d6aecb&gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=963a55a4-c8bf-44bc-8b5f-e99436d6aecb&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.225.212.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-212-107.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:54 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=963a55a4-c8bf-44bc-8b5f-e99436d6aecb&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 15:24:54 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 66FF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=OGJkZmZjODEtN2MzZS00NzJlLTk4YzEtOTU1YmQ5ODU0ZDI0
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.225.212.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-212-107.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:54 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 66FF
Redirect Chain
  • https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=8bdffc81-7c3e-472e-98c1-955bd9854d24&gdpr=0&gdpr_consent=
  • https://stx-match.dotomi.com/match/bounce/current?DotomiTest=5aa718a8785710c8&is_secure=true&networkId=44410&version=1&nuid=8bdffc81-7c3e-472e-98c1-955bd9854d24&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAGlW7yGT7AdwNdotlpAAAAAAA&expiration=1700839494&nuid=8bdffc81-7c3e-472e-98c1-955bd9854d24&is_secure=true&g...
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAGlW7yGT7AdwNdotlpAAAAAAA&expiration=1700839494&nuid=8bdffc81-7c3e-472e-98c1-955bd9854d24&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.225.212.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-212-107.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:54 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAGlW7yGT7AdwNdotlpAAAAAAA&expiration=1700839494&nuid=8bdffc81-7c3e-472e-98c1-955bd9854d24&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
v1
match.sharethrough.com/sync/ Frame 66FF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPBCH79W-13-FLR8&gdpr=0
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPBCH79W-13-FLR8&gdpr=0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.225.212.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-212-107.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:54 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPBCH79W-13-FLR8&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
amazon
ce.lijit.com/beacon/ Frame D6E5
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a0f1145cf1f95c67cbb5a83ea895f2662b8d26230986bcaef03842ad7da9e69b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
450
Content-Type
text/html
Date
Thu, 23 Nov 2023 15:24:54 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap3dca1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Thu, 23 Nov 2023 15:24:54 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3dca1
ecm3
s.amazon-adsystem.com/ Frame 26E3 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=3F30DVV880V712YaiuMb
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QKRQQFFTDZ78YC4QBH48
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 26E3
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3F30DVV880V712YaiuMb
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3F30DVV880V712YaiuMb
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=706ff231-c5c7-4f72-898b-dfa6c579383b%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b4b334a7-7f50-43b0-9bc5-f88259cdc421&ttd_puid=706ff231-c5c7-4f72-898b-dfa6c579383b%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b4b334a7-7f50-43b0-9bc5-f88259cdc421&ttd_puid=706ff231-c5c7-4f72-898b-dfa6c579383b%2C%2C
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:54 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b4b334a7-7f50-43b0-9bc5-f88259cdc421&ttd_puid=706ff231-c5c7-4f72-898b-dfa6c579383b%2C%2C
date
Thu, 23 Nov 2023 15:24:54 GMT
server
Kestrel
content-length
359
merge
ce.lijit.com/ Frame 26E3
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1700753094283
  • https://ad.turn.com/r/cs?pid=45&rndcb=1605741386
  • https://sync.1rx.io/usersync/turn/2499925625324269568?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:55 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=97&3pid=RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005
Date
Thu, 23 Nov 2023 15:24:55 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX596aaa96ca3e4642aa8c5d2385c9c14f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
sync
ads.yieldmo.com/ Frame 26E3
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LPBCH79W-13-FLR8
43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LPBCH79W-13-FLR8
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
18.213.154.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-154-57.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LPBCH79W-13-FLR8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
sync
ads.yieldmo.com/v000/ Frame 26E3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=1480268236432194020&pn_id=an
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=1480268236432194020&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
18.213.154.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-154-57.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:53 GMT
an-x-request-uuid
a7d84a45-ed62-4159-9bfa-559564b10afa
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.yieldmo.com/v000/sync?userid=1480268236432194020&pn_id=an
x-proxy-origin
70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 26E3 		170 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M0YzMERWVjg4MFY3MTJZYWl1TWI=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 642D 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.72.158.153 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-158-153.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
53633e0adc901215f864e5f238869dc03eced4671b4b8a1a866d6a42466fc816

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:24:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 20:10:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17099
Connection
keep-alive
Content-Length
13228
Expires
Thu, 23 Nov 2023 20:09:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A0B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0o4vFupBvqyY-PMdWiuSBnQw4M9aQdO0qW29-iLVxqGKZiHvTixlic4S3uYuzv6YqQLUsTDs6pCYuN7OiFG1dqHzg3EWVYL7NRfBt4njWC2md67pWh36K0ULbBb0acXSyM6klI42NuunA0kxWQCgdEdQ7uH6PcT5AQMXAc9mjM95LW83Tyr69TY5CuIuQ_Cpj5Pydif5o4h8nGoWmMDJAEqzeFgI8Rkr_qp95LvCH1UQURqfPW0Mf_akNWjB6kQuMDryjlAZKoEpwNu2VT3LzWBkT0fB5RHGgqYqkPaRgzaV3MrNzxCnj9-mZqTt0LxO1K7KMxNL_OaLsyZ-v90yhoZYw329E8rzbSpQfj1A&sai=AMfl-YTr-1BQtgCiyQLgSaqAFy5_cnwakssrheSOA1zxIw2rPWodszS51NZWkva39OFY3t_mrndg5C8LZ-dXQSDrDbhakuH6UHKICtLKn6qRzzNCHywvo1OXSypG0el5FGFVXvzUhift2l80yBz3p9vnXI_w&sig=Cg0ArKJSzDBZkJoI16eWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Nov 2023 15:24:54 GMT
truncated
/ Frame A0B4 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9c7a94402c5831093dd4d367f342738134ea0844bad5270eab2ddcac95e4470

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame D3F5 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.72.158.153 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-158-153.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
53633e0adc901215f864e5f238869dc03eced4671b4b8a1a866d6a42466fc816

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:24:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 20:10:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17099
Connection
keep-alive
Content-Length
13228
Expires
Thu, 23 Nov 2023 20:09:52 GMT
/
onetag-sys.com/match/ Frame 6653
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=6288655f-6ec6-4400-ad8d-4ce315fd738f&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=6288655f-6ec6-4400-ad8d-4ce315fd738f&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090353
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 23 Nov 2023 15:24:54 GMT
Server
MT3 1143 599e619 master iad iad-pixel-x3 config_version:"1605"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=6288655f-6ec6-4400-ad8d-4ce315fd738f&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 23 Nov 2023 15:24:53 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6653 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090353
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
213.19.162.80 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
2eb7d209ab67664d6226c75331547ba1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 6653
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1480268236432194020
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1480268236432194020
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090353
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
an-x-request-uuid
cb42daa3-a5ed-49cf-ab61-264a35ec26ff
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1480268236432194020
x-proxy-origin
70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 6653
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=e39da7ad387070eed1db3934e81dc6d&gdpr_consent=&gdpr=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=e39da7ad387070eed1db3934e81dc6d&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090353
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:54 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=e39da7ad387070eed1db3934e81dc6d&gdpr_consent=&gdpr=1
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700753094356024-287
tap.php
pixel.rubiconproject.com/ Frame 6653 		42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=yyQlTh2AFNWK1qPP9jpeG0uhF52XLG1O93EsgpU98bs
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090353
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6653
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_zItbj08JmH3S5yHitqqSlsODwiRI0NlA
170 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_zItbj08JmH3S5yHitqqSlsODwiRI0NlA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090353
Protocol
H2
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_zItbj08JmH3S5yHitqqSlsODwiRI0NlA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 6653 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090353
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.83.76.85 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:54 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 6653
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=PW47UeOlzJurSWp0DKPfA2vcrRUKQ8r3uIbT6Fx5jPA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=PW47UeOlzJurSWp0DKPfA2vcrRUKQ8r3uIbT6Fx5jPA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090353
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C3501Y14EYHX22WBCGY3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=PW47UeOlzJurSWp0DKPfA2vcrRUKQ8r3uIbT6Fx5jPA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 6653 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:52 GMT
content-length
0
/
onetag-sys.com/match/ Frame 6653
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA-fBhKyelrbWhBJtRlUR4c&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA-fBhKyelrbWhBJtRlUR4c&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090353
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA-fBhKyelrbWhBJtRlUR4c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 6653 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090353
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 6653
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=963a55a4-c8bf-44bc-8b5f-e99436d6aecb&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=963a55a4-c8bf-44bc-8b5f-e99436d6aecb&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090353
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=963a55a4-c8bf-44bc-8b5f-e99436d6aecb&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 15:24:54 GMT
server
Kestrel
content-length
233
sync
x.bidswitch.net/ Frame 6653 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090353
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:24:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 1E79 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRV8pzIKIs_vDe2FzI3tQWyaa6NxBW37zfQLgHzF2A9-_ZDOYPhDyWY7vrCpnpnHnBqlCRALrLtirAta0nJysLSWDfCfsZujCQ9ZPTzJlflESoNvSf_en_DSeFuQ4673sCCuYf3js_lbxY36-lTELxjY4aLQfp8xirLkPFZfrxGQfdm9arsURGdYJvmOOdpy_FmFA3IcW33bm6ACX7aKGw6gQ8W4fw-xtxovWlkbhZDfGyFg86ScJ4tyVIO73R3Cvk9Ip5usF8r9KPY5hGNW7yn4J3XqCm0uSv9m2a-jZzNSadAIL5jdPLYeRnPWUUgeKqkqufmhqEH18rnUYVAhSTKGGi6Zt6DPBy0mOd4ErUqT66VCftVjpeK-s&sai=AMfl-YSQ1yLIanVEqdI_AxHv6KBFDHK_acdyR8xYQYFEMtDiswPMM7wVoBkSyCr2A_8B1c7h2KWH7Z9uc0_CTiak66ccUUmaI_75e0qu45BcGCjSHFZUTGpw8JwCRk5WXTXCBGzYA67kzSSwv4y5-Rr70sY&sig=Cg0ArKJSzHAnIufis7gOEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Nov 2023 15:24:54 GMT
truncated
/ Frame 1E79 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
933adce374ea86b379d7ce7f45537ed7efc6d25d839f4298efdecb0e2fae8183

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
/
onetag-sys.com/match/ Frame 612A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=fb9f655f-6ec6-4200-a3dd-37d5130888df&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=fb9f655f-6ec6-4200-a3dd-37d5130888df&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090349
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 23 Nov 2023 15:24:54 GMT
Server
MT3 1143 599e619 master iad iad-pixel-x19 config_version:"1605"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=fb9f655f-6ec6-4200-a3dd-37d5130888df&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 23 Nov 2023 15:24:53 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 612A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090349
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.80 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ab5e55007c9747024b4f039df5ce6b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 612A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1480268236432194020
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1480268236432194020
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090349
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
an-x-request-uuid
9b9c0bf6-73da-4062-a3f6-750212f5a949
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1480268236432194020
x-proxy-origin
70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 612A
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=38fff59a54f3b6e3f5459f20cfd8df&gdpr_consent=&gdpr=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=38fff59a54f3b6e3f5459f20cfd8df&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090349
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:54 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=38fff59a54f3b6e3f5459f20cfd8df&gdpr_consent=&gdpr=1
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700753094556009-275
pixel
cm.g.doubleclick.net/ Frame 612A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_zItlN8PB72iFtEwAb-FPqDZk0z4hc2lQ
170 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_zItlN8PB72iFtEwAb-FPqDZk0z4hc2lQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090349
Protocol
H2
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi_zItlN8PB72iFtEwAb-FPqDZk0z4hc2lQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 612A 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090349
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.83.76.85 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:54 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 612A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=PW47UeOlzJurSWp0DKPfA2vcrRUKQ8r3uIbT6Fx5jPA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=PW47UeOlzJurSWp0DKPfA2vcrRUKQ8r3uIbT6Fx5jPA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090349
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
164DX0TFMHT5308D63K6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=PW47UeOlzJurSWp0DKPfA2vcrRUKQ8r3uIbT6Fx5jPA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 612A 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:53 GMT
content-length
0
/
onetag-sys.com/match/ Frame 612A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA-fBhKyelrbWhBJtRlUR4c&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA-fBhKyelrbWhBJtRlUR4c&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090349
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA-fBhKyelrbWhBJtRlUR4c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 612A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=b4b334a7-7f50-43b0-9bc5-f88259cdc421&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=b4b334a7-7f50-43b0-9bc5-f88259cdc421&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090349
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=b4b334a7-7f50-43b0-9bc5-f88259cdc421&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 15:24:54 GMT
server
Kestrel
content-length
233
sync
x.bidswitch.net/ Frame 612A 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090349
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:24:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
tap.php
pixel.rubiconproject.com/ Frame 612A 		42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=PW47UeOlzJurSWp0DKPfA2vcrRUKQ8r3uIbT6Fx5jPA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090349
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
occ
ups.analytics.yahoo.com/ups/58488/ Frame 612A 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700753090349
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
async_usersync
ib.adnxs.com/ Frame 8649 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
an-x-request-uuid
43d19ebf-66af-4c12-8db1-d9b148618538
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3EEC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
877 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30604d2b81aaa9388b0d54ca754fbc8f2464a8affd0c2c049edd02a031c3170b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82aa6bf92a68a226-YYZ
content-encoding
br
content-type
text/html
date
Thu, 23 Nov 2023 15:24:54 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74MdVrp35ogG6XeCI%2FCLJq6B3g%2FdDf0ldL1zCqE%2FEV4FWewis0S4WsnlWhKLH2jZvVs7mPapvBAGquJeQVFuYPWNEWfnbQuGs4oKTLr9IqwLzWJSWoCR7FeHvcvlzHa%2BlGm2DF9zhWgbXA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82aa6bf828efa226-YYZ
content-length
0
date
Thu, 23 Nov 2023 15:24:54 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwkY0l7R5p5FZy6jSkM8qd44BiQhN9HwMkKOwAOBpVjqFuGBEtkI3ffsRih0f%2FlCeF8a2xPPR8K5X0AT0gHrhyNUYQmN1NyExrEbU4MRBBVnoTa%2F3qSfkhehWUqxD3OjMdjW7s4MP8Zkjg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame B345
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
007d5b34cab95c4f3358e8edff43f58871194503b4b8b50bf752736169638ba7

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82aa6bf9eb5aa226-YYZ
content-encoding
br
content-type
text/html
date
Thu, 23 Nov 2023 15:24:54 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsO7%2FcT30tY1BC7CCwQJoqNMNgrM7Uj6NJElPkMOOAsIYhEmoteztj0MU1zPbt9H%2F0Fk5FsyQVwicpV5%2FE0e%2BKBTU9Lt%2BBV45eQQb8lesh0XsfdjKDQL%2BoveXJCVJb6IOdvYsbC8TFvClQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82aa6bf92a67a226-YYZ
content-length
0
date
Thu, 23 Nov 2023 15:24:54 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5fv8RWCkXNN4JXUBRjGNAVZwOJQGAMV6MEHtmcmfkUrwZVXgD5ATstgQhc9No%2FIeTPOq3kR4IKkCMVVnZiQwHTlRaKS28dYMM2oWfGrHYq0%2BTMQ8q7D%2FLUKXDCuTcOX2Yc3TfZPPCwm2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 2BAE 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
an-x-request-uuid
65e90c17-6f8d-4f39-b213-d6a93e2904a7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 642D 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
khaos.json
token.rubiconproject.com/ Frame D3F5 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 3EEC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b4b334a7-7f50-43b0-9bc5-f88259cdc421&expiration=1703345094&gdpr=0&gdpr_consent=
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b4b334a7-7f50-43b0-9bc5-f88259cdc421&expiration=1703345094&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKcfghD%2FN8XPjCPpPl5eUWqlWE2ApwtpXVGK7y6VFXt%2BQ3QMQGv4q58jV2Wk4HZDINdWSNm3ZAcO06xQpkvY0s0b5I5OmE8HeTz7i7oLNi6xRmga6k7qp%2FEiCu7WPJmKDT78PJHhDitvjw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82aa6bfa5c0ca226-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b4b334a7-7f50-43b0-9bc5-f88259cdc421&expiration=1703345094&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 15:24:54 GMT
server
Kestrel
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 3EEC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZV9uxpQDTFLf1XJ96Fu9FAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdGWXuuQlQS1fpjnTw5LZk&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdGWXuuQlQS1fpjnTw5LZk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JY%2FBQQtBtNOI0ZsvHyvp2N6IH6pXf0bfNVBbES1jRwHRzbUKG27JgGH%2BU8jspf9dMaFCJaZr41sqJHeGgi2nMxxAzuKgZBfEcb%2BOXwFMwYja77Vaqb0lo1w5k6EUOBlPso8XrxZ6yFfK9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82aa6bfb4c00711b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdGWXuuQlQS1fpjnTw5LZk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 3EEC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZV9uxpQDTFLf1XJ96Fu9FAAABQMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOfiOz1mU7_tcBx81OnvFs0&google_cver=1
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOfiOz1mU7_tcBx81OnvFs0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIRLsa0affnODUTX3bewHmSU4wud7ELO9JPJJluHdFthMnZ%2FhihseNPkyM0bg31cUsPph8cp7v8llZ%2BGAHPi1wuGw6yUNEBDPBCd5jYrv2uS2Rs3mwr%2Fo0J0N1i6svAtwNoKChgcBpGt%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82aa6bfa7a6a711b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOfiOz1mU7_tcBx81OnvFs0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3EEC 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZV9uxpQDTFLf1XJ96Fu9FAAABQMAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E3EKQ0TDQVWGAH8KNJ92
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
ad.turn.com/r/ Frame 3EEC
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZV9uxpQDTFLf1XJ96Fu9FAAABQMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=38fff59a54f3b6e3f5459f20cfd8df&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umeb608_7304678992196016317&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/38fff59a54f3b6e3f5459f20cfd8df?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Bk0m2atE2oNzSL3VDG_Bnq_hZ4kVzX4anZNfGdbU~A
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AACW307Kvt4AABKAVLVgzQ&dataProviderId=817&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MzhmZmY1OWE1NGYzYjZlM2Y1NDU5ZjIwY2ZkOGRm&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHGTz9F4Gk6UMqcesPlwFlI&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=b4b334a7-7f50-43b0-9bc5-f88259cdc421&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=1480268236432194020&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=IbgmWfnB1R6bzz5&gdpr=0&gdpr_consent=
  • https://jelly.mdhv.io/v4/pixie?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=513&userId=31d6da40-aa74-4b1f-b96b-5ab236a43189
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=5493275&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=b1b26ae5-700b-4b4b-94a5-ccea647a3ec9
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=
0
0
demconf.jpg
dpm.demdex.net/ Frame 3EEC
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZV9uxpQDTFLf1XJ96Fu9FAAA%261283?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZV9uxpQDTFLf1XJ96Fu9FAAA%261283
42 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZV9uxpQDTFLf1XJ96Fu9FAAA%261283
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
34.228.100.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-100-56.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcscanary-prod-va6-1-v067-07f4b616a.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
KK2Oss0oTTw=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-1-v053-09de4d13e.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
KZXwH3VMS3g=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZV9uxpQDTFLf1XJ96Fu9FAAA%261283
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum.casalemedia.com/ Frame 3EEC
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=249085d8550914d9&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHaBv7PFisJANb_y-jAAAAAAA&expiration=1700839494&is_secure=true
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHaBv7PFisJANb_y-jAAAAAAA&expiration=1700839494&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGC93B%2BLNDCEP%2B3zIrAxKTPhnPVFh6rMLkEXizvFfygg%2FlK2XtFDhM23%2BPGjQBiAH8OGrSnCWM1YFJ240ApKa%2B%2Fqtm7syoiLIcyGrMEpazepNR4TmiCqMVLZu7u7aFU8JdNthpNk"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82aa6bfc3f37a226-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHaBv7PFisJANb_y-jAAAAAAA&expiration=1700839494&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 3EEC 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZV9uxpQDTFLf1XJ96Fu9FAAA%261283
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:54 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
27607
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
82aa6bfa09d139e9-YYZ
content-length
43
expires
Fri, 24 Nov 2023 15:24:54 GMT
crum
dsum-sec.casalemedia.com/ Frame 2E3C
Redirect Chain
  • https://um4.eqads.com/um/cs
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=7c5c6ba2-12ca-4c89-9b7d-ebd85a66d965&expiration=1708701894
43 B
736 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=7c5c6ba2-12ca-4c89-9b7d-ebd85a66d965&expiration=1708701894
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82aa6bfc5e53711b-YYZ
content-length
43
content-type
image/gif
date
Thu, 23 Nov 2023 15:24:55 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOLSbqHrLVactg8O8SXZYvf1PQYBtFfFMEAp2ww%2FPkZaYvlsiMf0FQCvFdeYx4X%2F0JDhg%2FvfLwZW5FyyWd%2FAKPrcf9CDq3EdE5ICWDms2m1ecBAkXeDUCQpAsPI8Nxy7hQz6g4NgdGxysw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache
content-length
0
date
Thu, 23 Nov 2023 15:24:54 GMT
expires
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=7c5c6ba2-12ca-4c89-9b7d-ebd85a66d965&expiration=1708701894
crum
dsum-sec.casalemedia.com/ Frame B345
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZV9uxlKHq4MhUlgXHJC9YgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdGWXuuQlQS1fpjnTw5LZk&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdGWXuuQlQS1fpjnTw5LZk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSsk9tTXLhHq1cDl7C5mBTM8gCM0Pfm0rYQ%2F7ULc5OVrylU1UpCDihorFst1o%2FuwV4jAboG11K%2Fz7jbRrWEMiyeeTdehHfiRlKuntIBZgmBaZztFJu9Nno6wqKS9D87Czs2tQK1yijCJfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82aa6bfc9eb0711b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdGWXuuQlQS1fpjnTw5LZk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame B345
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZV9uxlKHq4MhUlgXHJC9YgAA%263455&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
484290
expires
Thu, 23 Nov 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Thu, 23 Nov 2023 15:24:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
rum
dsum-sec.casalemedia.com/ Frame B345
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b4b334a7-7f50-43b0-9bc5-f88259cdc421&expiration=1703345094&gdpr=0&gdpr_consent=
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b4b334a7-7f50-43b0-9bc5-f88259cdc421&expiration=1703345094&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7wM3pVzr%2BssofDt5vt3bJTtUYp9Q7FRCqpojK%2Fjzl2BGbaTnyVBuzg%2BaAG3NyG9O%2FKOsIqBAatsqEs2KPeGVADpod%2BlHI3M2Ow9ntcdxx5Y3TVjQWpizBcs%2F5d%2FGSejkKCgQEwJMTa6Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82aa6bfbace3711b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=b4b334a7-7f50-43b0-9bc5-f88259cdc421&expiration=1703345094&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 15:24:54 GMT
server
Kestrel
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame B345
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZV9uxlKHq4MhUlgXHJC9YgAADX8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOfiOz1mU7_tcBx81OnvFs0&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOfiOz1mU7_tcBx81OnvFs0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkxJw1r93ANF07l25KsR2IdrO0e61%2FctSQma1cRAAxebo64sRFs2NiVTo51gMHJ02vn1YLA1LWDTHjWjVxF9vmyd7%2FNOL04RdOIA0u%2FNMpQ291qbJQPFUcqIOr1sZyiX9U6GUDNsjfzKmw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82aa6bfc2deb711b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOfiOz1mU7_tcBx81OnvFs0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B345
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477421108625226
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477421108625226
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7%2B8UVs4J%2Bt%2FhgTShVmzCfA8YAFfldiv9grO2WUUYV%2FIlB03F0BoSFHG1zMgMT5jb2YEKzMr0ICaB3MM0LHsx9hEWoJNXOzn9IYJDQppISH9g1iSyXFdsizozBEtaEd4tEve0BM2%2B%2FZ11Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82aa6bfeaa3e711b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477421108625226
Date
Thu, 23 Nov 2023 15:24:55 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ZV9uxlKHq4MhUlgXHJC9YgAADX8AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B345 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZV9uxlKHq4MhUlgXHJC9YgAADX8AAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:37a8:24af:759b:4c92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame B345
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZV9uxlKHq4MhUlgXHJC9YgAA%263455
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZV9uxlKHq4MhUlgXHJC9YgAA%263455&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=93h7jwPj30ILddVCjYoP0KhCda09G0CE5XlThRKjgMA&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZV9uxlKHq4MhUlgXHJC9YgAA%263455&tc=1
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=93h7jwPj30ILddVCjYoP0KhCda09G0CE5XlThRKjgMA&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZV9uxlKHq4MhUlgXHJC9YgAA%263455&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37hjLmfsC3xwQ1OEO3%2Ff74WsdEG%2Fb8rxirXL7Nhu2Y89u0slnqnh%2FIyLStAouF4%2FsHgqgGLLhkbNFv%2FYAXvmtMZXDUk4wpTIEkq1xNnwnD6nQjMMBH2TnYd%2BAcU9PCfU4Rf0N%2BxB5f4WkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82aa6c028917711b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=93h7jwPj30ILddVCjYoP0KhCda09G0CE5XlThRKjgMA&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZV9uxlKHq4MhUlgXHJC9YgAA%263455&tc=1
pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT, Thu, 23 Nov 2023 15:24:55 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B345
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8522879841039415443&expiration=1701962695
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8522879841039415443&expiration=1701962695
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6L%2BfUGBU5r6AdECUnskVbnqAT6vU1KvqDzeheXNergJosxx6VVVS9jjSqvjcHmE92sKmWpY9KQedZjwphOsy1QxF%2BmOaQXBNCafLHSN1E99uJvVwgZCURoAwXWEAkkSxrZGlRGXurJO2%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82aa6c007d1f711b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8522879841039415443&expiration=1701962695
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
htw-pixel.gif
cdn.indexww.com/ht/ Frame B345 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZV9uxlKHq4MhUlgXHJC9YgAA%263455
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:54 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
27607
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
82aa6bfb4c3d39e9-YYZ
content-length
43
expires
Fri, 24 Nov 2023 15:24:54 GMT
ecm3
s.amazon-adsystem.com/ Frame D6E5 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=HtHcjPZH7pAOeQUJTM2dtXwa&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F8J05KNB0AKMV9DQPTTY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame D6E5
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=b4b334a7-7f50-43b0-9bc5-f88259cdc421&gdpr=0&gdpr_consent=
43 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=b4b334a7-7f50-43b0-9bc5-f88259cdc421&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:55 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=27&3pid=b4b334a7-7f50-43b0-9bc5-f88259cdc421&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 15:24:54 GMT
server
Kestrel
content-length
223
merge
ce.lijit.com/ Frame D6E5
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LPBCH79W-13-FLR8&gdpr=0
43 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LPBCH79W-13-FLR8&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:55 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LPBCH79W-13-FLR8&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ab5e55007c9747024b4f039df5ce6b
Expires
0
RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005
sync.targeting.unrulymedia.com/csync/ Frame D6E5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=8506218639
  • https://sync.1rx.io/usersync/turn/9204659570572095488?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005
43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:24:55 GMT
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:55 GMT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
sovrn
tr.blismedia.com/v1/api/sync/ Frame D6E5 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:55 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
merge
ce.lijit.com/ Frame D6E5
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=93h7jwPj30ILddVCjYoP0KhCda09G0CE5XlThRKjgMA&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=93h7jwPj30ILddVCjYoP0KhCda09G0CE5XlThRKjgMA&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:56 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=93h7jwPj30ILddVCjYoP0KhCda09G0CE5XlThRKjgMA&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT, Thu, 23 Nov 2023 15:24:55 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 642D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LPBCH79W-13-FLR8
  • https://s.amazon-adsystem.com/ecm3?id=LPBCH79W-13-FLR8&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LPBCH79W-13-FLR8&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WNJ2W7VSQ0DS1QAW9JPD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LPBCH79W-13-FLR8&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8bab65602db075726861004da5629947
Expires
0
72731
idx.liadm.com/idex/unknown/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/unknown/72731?duid=33df6995a8cd--01hfycha7mg45shtk9s8p8smvk&resolve=md5
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/lc2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.191.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-191-206.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
2
access-control-allow-origin
https://www.ntd.com
cache-control
max-age=3599, private
access-control-allow-credentials
true
trace-id
d3a93269a2d19d39
expires
Thu, 23 Nov 2023 16:24:55 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame 642D 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YH3AX9DYY8CNP4FV60KX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 642D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPBCH79W-13-FLR8
0
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPBCH79W-13-FLR8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:55 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 04D61F0CAE114CEDA22F698E83EDDAB5 Ref B: YTO01EDGE0812 Ref C: 2023-11-23T15:24:55Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYK03AgDgBr6cFpphUDtA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPBCH79W-13-FLR8
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 642D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjMwNmUzYThmNmNiZDRjNzQwNzVjM2ExMTMwZjU0ZDg0NDI2YTNlZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjMwNmUzYThmNmNiZDRjNzQwNzVjM2ExMTMwZjU0ZDg0NDI2YTNlZA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjMwNmUzYThmNmNiZDRjNzQwNzVjM2ExMTMwZjU0ZDg0NDI2YTNlZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 642D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/4RgnrgrOLkBlNtBZZaXzKMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-RwlqlUFE2oJda7QDV7mSS3iXBvdUBSIpX24Z9g--~A
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-RwlqlUFE2oJda7QDV7mSS3iXBvdUBSIpX24Z9g--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 23 Nov 2023 15:24:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-RwlqlUFE2oJda7QDV7mSS3iXBvdUBSIpX24Z9g--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 642D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMoUNTN8nt0-6zk4iekq1es&google_cver=1
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMoUNTN8nt0-6zk4iekq1es&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMoUNTN8nt0-6zk4iekq1es&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 642D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LPBCH79W-13-FLR8&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LPBCH79W-13-FLR8&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X5CA85RZD80BZKBZAX89
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LPBCH79W-13-FLR8&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 642D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b4b334a7-7f50-43b0-9bc5-f88259cdc421&gdpr=0&gdpr_consent=&expires=30
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b4b334a7-7f50-43b0-9bc5-f88259cdc421&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b4b334a7-7f50-43b0-9bc5-f88259cdc421&gdpr=0&gdpr_consent=&expires=30
date
Thu, 23 Nov 2023 15:24:55 GMT
server
Kestrel
content-length
289
ecm3
s.amazon-adsystem.com/ Frame 642D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=e9hFF5iLTZq5R4cCzB6TVQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=e9hFF5iLTZq5R4cCzB6TVQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=e9hFF5iLTZq5R4cCzB6TVQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2K8YBG1EY95914M5DWM2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=e9hFF5iLTZq5R4cCzB6TVQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 642D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBCQ0g3OVctMTMtRkxSOA==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEE7vEBKwQbejgCRctnC5KQ&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBCQ0g3OVctMTMtRkxSOA==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBCQ0g3OVctMTMtRkxSOA==&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBCQ0g3OVctMTMtRkxSOA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 642D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACW307Kvt4AABKAVLVgzQ&expires=30
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACW307Kvt4AABKAVLVgzQ&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACW307Kvt4AABKAVLVgzQ&expires=30
Date
Thu, 23 Nov 2023 15:24:55 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 642D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPBCH79W-13-FLR8
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPBCH79W-13-FLR8
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPBCH79W-13-FLR8&ckls=true&ci=E3mCmxwcSN&nc=false&trid=1101885978
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPBCH79W-13-FLR8&ckls=true&ci=E3mCmxwcSN&nc=false&trid=1101885978
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Server
52.85.132.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-15.iad50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:56 GMT
via
1.1 966a4e45512437c14125c564c492a2d6.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
V9RbV2YW7pAqiuaunHLGjMo2Bgy-VVH6yNdpJbTCbGmE8zxRRTnlYQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:56 GMT
via
1.1 5fdbf75fe42f57cdc3d155f7290c5a9e.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPBCH79W-13-FLR8&ckls=true&ci=E3mCmxwcSN&nc=false&trid=1101885978
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
npT9OYtjjh_VNlDsqLTMLGFJJ0AfR0Rqssq0oaWYqXd0ZLw1lRrgfA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
magnite
prebid.a-mo.net/setuid/ Frame 642D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LPBCH79W-13-FLR8
0
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LPBCH79W-13-FLR8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:55 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LPBCH79W-13-FLR8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
setuid
ib.adnxs.com/prebid/ Frame 642D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPBCH79W-13-FLR8
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPBCH79W-13-FLR8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
an-x-request-uuid
f0a32dfe-747b-470f-b534-1a3ba3b4165b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPBCH79W-13-FLR8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 642D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=b1b26ae5-700b-4b4b-94a5-ccea647a3ec9&expires=30
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=b1b26ae5-700b-4b4b-94a5-ccea647a3ec9&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=b1b26ae5-700b-4b4b-94a5-ccea647a3ec9&expires=30
Date
Thu, 23 Nov 2023 15:24:56 GMT
Connection
keep-alive
X-CI-RTID
0931436e-a690-403b-953b-2e25e2614892
Content-Length
144
Content-Type
text/html; charset=utf-8
receive
pixel.tapad.com/idsync/ex/ Frame 642D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPBCH79W-13-FLR8
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPBCH79W-13-FLR8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:55 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPBCH79W-13-FLR8
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame 642D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LPBCH79W-13-FLR8
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LPBCH79W-13-FLR8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-LoopMe_n-Azerion_n-Beeswax_ox-db5_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_n-baidu_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 15:24:56 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LPBCH79W-13-FLR8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
v1
match.sharethrough.com/sync/ Frame D3F5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPBCH79W-13-FLR8
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPBCH79W-13-FLR8
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Server
34.225.212.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-212-107.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:55 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPBCH79W-13-FLR8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
cksync
hb.yahoo.net/ Frame D3F5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPBCH79W-13-FLR8&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPBCH79W-13-FLR8&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1sdXNYQUpCRTJ1SGxfVWNCYUROYU5LYWFLYV9WbGZrcX5B&ovsid=LPBCH79W-13-FLR8&dpid=58160
53 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1sdXNYQUpCRTJ1SGxfVWNCYUROYU5LYWFLYV9WbGZrcX5B&ovsid=LPBCH79W-13-FLR8&dpid=58160
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Server
104.97.85.51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-97-85-51.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 23 Nov 2023 15:24:56 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 23 Nov 2023 15:24:56 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1sdXNYQUpCRTJ1SGxfVWNCYUROYU5LYWFLYV9WbGZrcX5B&ovsid=LPBCH79W-13-FLR8&dpid=58160
date
Thu, 23 Nov 2023 15:24:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
capi.connatix.com/us/ Frame D3F5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LPBCH79W-13-FLR8&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LPBCH79W-13-FLR8&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LPBCH79W-13-FLR8&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82aa6c028f057115-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 23 Nov 2023 15:24:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LPBCH79W-13-FLR8&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82aa6c019e0e7115-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
Rubicon
s.seedtag.com/cs/cookiesync/ Frame D3F5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LPBCH79W-13-FLR8
0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LPBCH79W-13-FLR8
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:55 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LPBCH79W-13-FLR8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
tap.php
pixel.rubiconproject.com/ Frame D3F5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1164
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=8060868320676449426
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=8060868320676449426
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=8060868320676449426
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame D3F5
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=bfa8e079-eadc-48ca-9d32-033d91176381
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=bfa8e079-eadc-48ca-9d32-033d91176381
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-servername
Track002-iad
pragma
no-cache
date
Thu, 23 Nov 2023 15:24:14 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=bfa8e079-eadc-48ca-9d32-033d91176381
cache-control
private,no-cache
content-length
223
expires
-1
tap.php
pixel.rubiconproject.com/ Frame D3F5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ERMWsRJhXKxxAxmZYZY3DEYZ_7o
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ERMWsRJhXKxxAxmZYZY3DEYZ_7o
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ERMWsRJhXKxxAxmZYZY3DEYZ_7o
Date
Thu, 23 Nov 2023 15:24:55 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame D3F5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=57745388-b908-40bb-a667-36a0056ed3d9
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=57745388-b908-40bb-a667-36a0056ed3d9
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=57745388-b908-40bb-a667-36a0056ed3d9
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2075912
content-length
0
expires
Thu, 23 Nov 2023 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D3F5
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=1480268236432194020&expires=30
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=1480268236432194020&expires=30
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
an-x-request-uuid
ecf522db-b692-4f31-9cb9-cc8999fe2e7e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=1480268236432194020&expires=30
x-proxy-origin
70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D3F5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=9204659570572095488&expires=60&gdpr=&gdpr_consent=
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=9204659570572095488&expires=60&gdpr=&gdpr_consent=
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=9204659570572095488&expires=60&gdpr=&gdpr_consent=
pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame D3F5
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5132116243
  • https://sync.1rx.io/usersync/tradedesk/b4b334a7-7f50-43b0-9bc5-f88259cdc421
  • https://sync.targeting.unrulymedia.com/csync/RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-596aaa96-ca3e-46...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005&expires=30
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005&expires=30
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005&expires=30
Date
Thu, 23 Nov 2023 15:24:55 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX596aaa96ca3e4642aa8c5d2385c9c14f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
esync
token.rubiconproject.com/ Frame D3F5
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 23 Nov 2023 15:24:55 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
60909
i6.liadm.com/s/ Frame D3F5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=49096
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LPBCH79W-13-FLR8
  • https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LPBCH79W-13-FLR8
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LPBCH79W-13-FLR8
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:3df5:cbd:6b19:ec2c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 15:24:56 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LPBCH79W-13-FLR8
Date
Thu, 23 Nov 2023 15:24:56 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
cs
cs.minutemedia-prebid.com/ Frame D3F5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LPBCH79W-13-FLR8
0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LPBCH79W-13-FLR8
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Server
54.85.125.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-125-66.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:56 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LPBCH79W-13-FLR8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
setuid
s2s.t13.io/ Frame D3F5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LPBCH79W-13-FLR8
86 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=rubicon&uid=LPBCH79W-13-FLR8
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:56 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s2s.t13.io/setuid?bidder=rubicon&uid=LPBCH79W-13-FLR8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Expires
0
redirect
exchange.mediavine.com/usersync/ Frame D3F5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LPBCH79W-13-FLR8
0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LPBCH79W-13-FLR8
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Server
44.214.40.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-40-113.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:56 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LPBCH79W-13-FLR8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
async_usersync
ib.adnxs.com/ Frame 8649 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
an-x-request-uuid
d36fc08c-6d5e-4bf3-839a-74121316cc29
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2BAE 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:55 GMT
an-x-request-uuid
0e6dd472-932f-47ab-a21c-74fb253098fc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
70.25.255.186; 70.25.255.186; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
p.gif
p.alocdn.com/c/vn3d8u2u/a/etarget/
Redirect Chain
  • https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C...
  • https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C...
42 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25229c6692ed-1077-4f72-817e-1e70b4864d85%2522%257D&title=At%20NYC%20Lunar%20New%20Year%20Parade%2C%20Falun%20Gong%20Adherents%20Have%20Message%20for%20the%20World%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&tdc=1
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Protocol
H2
Server
54.71.111.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-71-111-90.us-west-2.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Thu, 23 Nov 2023 15:24:56 GMT
server
nginx/1.20.1
content-type
image/GIF

Redirect headers

location
/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25229c6692ed-1077-4f72-817e-1e70b4864d85%2522%257D&title=At%20NYC%20Lunar%20New%20Year%20Parade%2C%20Falun%20Gong%20Adherents%20Have%20Message%20for%20the%20World%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&tdc=1
date
Thu, 23 Nov 2023 15:24:56 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
server
nginx/1.20.1
content-type
image/GIF
collect
analytics.google.com/g/ 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-2BRDBGYLL0&gtm=45je3b81v896365836&_p=1700753086859&gcd=11l1l1l1l1&dma=0&cid=1305463054.1700753088&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1700753088&sct=1&seg=0&dl=https%3A%2F%2Fwww.ntd.com%2Fat-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html&dt=At%20NYC%20Lunar%20New%20Year%20Parade%2C%20Falun%20Gong%20Adherents%20Have%20Message%20for%20the%20World%20%7C%20NTD&_s=2&tfd=13748
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 15:24:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dcbaf75dbf6880af85eed3cfc7d9619f9f772f9c125ef87a9a10cd65a161ccdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12086
x-xss-protection
0
view
stat.media/counter/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/view
Requested by
Host: stat.mixi.media
URL: https://stat.mixi.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.162.95.70 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
sm-server1-1.smir12.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ntd.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Thu, 23 Nov 2023 15:24:58 GMT
Server
nginx
Connection
keep-alive
/
a.clickcertain.com/px/
Redirect Chain
  • https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
  • https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
  • https://a.clickcertain.com/px/?c=2455d1796b86efb
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.clickcertain.com/px/?c=2455d1796b86efb
Protocol
H2
Server
2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b11ad23915468560a9fa86d6a2cf326726fc52e8da1d55184a91bbc256d64e0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:58 GMT
content-encoding
br
x-frontend
cc-nginx-5c6697d5bd-hpntl:cc-nginx-5c6697d5bd-hpntl
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
5622bbfd-935d-46fa-98a8-329954b81ea6
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQQC17tamQrYKP04POBK3BhNTHTYG0kKZ3ZZ41l6uvp0hkWgA%2FKWFm4BJw3XjFq1c71C%2FHzmq8lQqnll6JhhwFfmbVkmBSADfvC7DJSrbwITf2BPEIC6DJS%2Bt7G%2FBmanTsvPb4s6VtR4Dx0PrKDkng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
82aa6c12be7336c1-YYZ

Redirect headers

date
Thu, 23 Nov 2023 15:24:58 GMT
x-frontend
cc-nginx-5c6697d5bd-f7ntx:cc-nginx-5c6697d5bd-f7ntx
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
adbd9120-e620-4c5c-a6fb-b2b0131f69bd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqGh5aTTVzIX5tzCPuefWlkN04PP4AH06sADaJuT6S%2FDuHP2U58yhiWUGgEAzuwSfhqIzhH%2FVdSDFgt%2BArkldRErAe2pxFy6VhpySy6RyU1VuNYatzuTjG8Iw5%2BXdYwtmbys8kweTr%2FKBKmU4wUmTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
location
https://a.clickcertain.com/px/?c=2455d1796b86efb
cf-ray
82aa6c11dc7236c1-YYZ
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 15:24:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DC12 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
36771
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 05:12:07 GMT
expires
Fri, 22 Nov 2024 05:12:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 871E 		829 B
562 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::6a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fc7ab1bd0db40d4a02ebd94751171030e4f736b77a85ac3d3e1372da25a062b6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UW_d5q7RZ_uDj-BjHo9xKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-UW_d5q7RZ_uDj-BjHo9xKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 15:24:58 GMT
expires
Thu, 23 Nov 2023 15:24:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 871E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311150101&jk=1325607026919098&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame DC12 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:37:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
17227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 10:37:51 GMT
generate_204
tpc.googlesyndication.com/ Frame DC12 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4NByAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:24:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311150101&jk=1325607026919098&bg=!6uml6abNAAZxrfrxUa07ADQBe5WfODSvmOwJId7yuO2jdEntVYArPRJeCJ2u6Qk_F58ESUU6dIgflclbWFP-sOgWg-hWAgAAAn1SAAAAA2gBB5kCrgv7J_oLUylR_yX_1vuteLJeZaltbCli8zgdBzvKbQUYd2zB-WiVGl31aJcroDWZawoHN3UeqKVWejnePO4Phqr0sZIf71RiZZfa0qZMGnBGVhO3B43HxtQSslHuxrlNuAr7_kyGIn8sZaekdR_TLzKM2MRBNuqGrXRpQi7qoXyzi073fxFmKNhsoNeX1hzn2wV68Hd3umBgTmOBOWw3ZMsy6j6POJ0YFuqyw1vTSa3CJ4UoaCTv5bMclzZ4vpJT10c6dlHrXFuKo16yV5W6DBMsHQLq4Y6YKnYdQMnXgVUL9tbvjoCTg--h5Btt90mAW1y2V3CR-ZVmoZC8EypwQSfXyxxKYuUi1mHwdlTKJLhzyBftSYJrWQEUdZiG8GD03Vuyyfy9A58VnC--bTGsbIq8vcDmd7qhm_407l_gykoQyNeuK-4-i490199KHDTzLpHCad_fh3OkIyvbWHpUfXp3u5WxQKWiHxMqAos4aCN4VEfDLEULkCM95EHAg6gpLED9M0sXOWRQuCTO8nKb27rS4ciZ7AifefWvsPmMMsveMx3tlV-ir5j6whR4ygWA_OH71PAgDPkqwM_lCrfequydOhpckjZhcDz1yklHIchPlPbyzFBIxEk1fAUpql1K8VcL87AuKzYu1XBVWRGdegzDjZHDGbBmbZ_hXVIMTJVsPeOxBPmAg3BW52hdfOFY5IxZ82Lba340eLue_KjSEmGVCUDQJmZkOldTiPffWfF-DoxQRkOgRglrmPi8ofaOR36y1PMos1uDQpu5deYfpB3reOUxMP7iux3-H_joFuCqH-qDKRkuTw9QzkMhvqSZG6jxUaHpHqKr9usjDOK7U77vqu7QMYDirprEieVVFcLvW8OAnD1_yvzjA7FV1Jre0ztZi7mbc0Sp29J6q_XW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid.adnxs.com
URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Domain
prebid.adnxs.com
URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| documentPictureInPicture object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| MicroModal function| __NEXT_PRELOADREADY object| vttjs function| WebVTT function| videojs object| __MIDDLEWARE_MATCHERS function| __BUILD_MANIFEST_CB function| gtag object| dataLayer object| apstag object| paywall object| entd_cat_ids object| entd_cat_names object| entd_term_ids object| entd_all_term_ids object| entd_tags object| entd_tags_slugs object| entd_author_name string| entd_page_type string| entd_post_id undefined| entd_publish_date undefined| entd_publish_timestamp undefined| entd_last_updated_date string| entd_primary_category string| entd_primary_category_name undefined| entd_primary_category_top_parent boolean| entd_no_ads undefined| entd_word_count undefined| entd_ads_term_ids string| featured_img_thumbnail boolean| entd_is_premium_article undefined| entd_post_countries object| siteUtils object| __BUILD_MANIFEST object| __SSG_MANIFEST object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| pbjsChunk object| pbjs object| _pbjsGlobals object| google_tag_manager object| google_tag_data object| geq object| googletag object| gaGlobal object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| ggeac object| google_js_reporting_queue function| _jsload object| jsapi object| __statmedia_callbacks object| _aps boolean| apstagLOADED object| apscustom object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ undefined| google_measure_js_timing function| GeAnalytics function| geLoadLi function| _0x3f5321 boolean| geqpreprun function| run_ge function| _0x112b function| _0x543d object| gekx object| liQ object| _geq object| recaptcha object| closure_lm_110280 object| React object| jsapi_ object| JsAPI object| ReactDOM object| reactCommonComponents object| __statmedia object| U function| StatMedia object| statmedia49639 object| __li__evt_bus object| liQ_instances number| google_unique_id object| ksl6o0arwggg object| closure_lm_598058 undefined| dynamicPixel object| GoogleGcLKhOms object| google_image_requests

136 Cookies

Domain/Path Name / Value
.liadm.com/j Name: lidid
Value: 82ca5c5b-fcd1-4f25-bb91-a395b7715d31
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARDIFgoJCP____8HENIW
i6.liadm.com/s Name: _li_ss
Value: CgA
.youtube.com/ Name: YSC
Value: HB8toRlK1B4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: nav2npc4_-g
.ntd.com/ Name: pw_cid
Value: 6f710180-8a14-11ee-bec8-292050bcdcb1
.ntd.com/ Name: _ga
Value: GA1.1.1305463054.1700753088
.rubiconproject.com/ Name: khaos
Value: LPBCH79W-13-FLR8
.ntd.com/ Name: _li_dcdm_c
Value: .ntd.com
.ntd.com/ Name: _lc2_fpi
Value: 33df6995a8cd--01hfycha7mg45shtk9s8p8smvk
.ntd.com/ Name: _lc2_fpi_meta
Value: {%22w%22:1700753090804}
.mixi.media/ Name: nid
Value: ads5-1sser12
.amazon-adsystem.com/ Name: ad-id
Value: Azik8R1e5EdMusFpc28cyzA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.liadm.com/ Name: lidid
Value: 82ca5c5b-fcd1-4f25-bb91-a395b7715d31
.stat.media/ Name: _sm_uid
Value: 45828134-7c0e-4bd0-96f8-67a5b7ec3792
.stat.media/ Name: _sm_udt
Value: 1700753091604
.stat.media/ Name: _sm_sid
Value: 45d9f259-21df-4e1d-a9f6-cf0a14e00a3a
.stat.media/ Name: _sm_cm
Value: 32
.smaato.net/ Name: SCM
Value: 2c58c86c97
.smaato.net/ Name: SCMaps
Value: 2c58c86c97
.openx.net/ Name: i
Value: b92228c7-0a1f-0b37-0cac-84cb63980eca|1700753091
.go.sonobi.com/ Name: __uis
Value: 059bc64e-3480-4676-8f06-8fedb9b752f9
.go.sonobi.com/ Name: HAPLB8G
Value: s86128|ZV9ux
.mediago.io/ Name: __mguid_
Value: 1b7de7e863fc528527kmw100lpbch8kk
.simpli.fi/ Name: suid
Value: 8892889A60E84F7FB9357F073655A745
.bidr.io/ Name: bito
Value: AACW307Kvt4AABKAVLVgzQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.doubleclick.net/ Name: IDE
Value: AHWqTUnaNhoS8GmL7p6UpKgswPgarpPY-dqqD08CgyUWi8JFs29PFI96DF4ocFTz9fQ
.ntd.com/ Name: __gads
Value: ID=875bf765f32d922d:T=1700753091:RT=1700753091:S=ALNI_MZ_V9zVgBVLCILnLQRvCJAzrtK-vw
.ntd.com/ Name: __gpi
Value: UID=00000a0100959797:T=1700753091:RT=1700753091:S=ALNI_MbBMZe005hAjUtGcLlypLdncqdEnA
.openx.net/ Name: pd
Value: v2|1700753092|vMgavPkWgy
.bidswitch.net/ Name: tuuid
Value: 7978b75d-f239-4d82-bd80-ed7ced5a5dfd
.bidswitch.net/ Name: c
Value: 1700753092
.bidswitch.net/ Name: tuuid_lu
Value: 1700753092
.360yield.com/ Name: tuuid
Value: c8e7db7e-592d-4bbd-ab04-0450e854c2cb
.360yield.com/ Name: tuuid_lu
Value: 1700753092
.sharethrough.com/ Name: stx_user_id
Value: 8bdffc81-7c3e-472e-98c1-955bd9854d24
.ntd.com/ Name: _ga_2BRDBGYLL0
Value: GS1.1.1700753088.1.0.1700753092.56.0.0
.yieldmo.com/ Name: yieldmo_id
Value: 3F30DVV880V712YaiuMb%7C1700697600000%7C0
.ads.yieldmo.com/ Name: re_sync
Value: rc%3D1181918%7Cunl%3D1181918%7Ctapad%3D1181918%7Cdv360%3D1181918%7Can%3D1181918
.adnxs.com/ Name: uuid2
Value: 1480268236432194020
.mixi.media/ Name: _sm_uid
Value: 45828134-7c0e-4bd0-96f8-67a5b7ec3792
.mixi.media/ Name: _sm_udt
Value: 1700753091604
.mixi.media/ Name: _sm_sid
Value: 45d9f259-21df-4e1d-a9f6-cf0a14e00a3a
.onetag-sys.com/ Name: OTP
Value: PW47UeOlzJurSWp0DKPfA2vcrRUKQ8r3uIbT6Fx5jPA
.yahoo.com/ Name: A3
Value: d=AQABBMVuX2UCELk06GsPVUJ1REObZxMo8SYFEgEBAQHAYGVpZQAAAAAA_eMAAA&S=AQAAAvz3sNriPp0zACyIjmJpxvE
.tapad.com/ Name: TapAd_TS
Value: 1700753094221
.tapad.com/ Name: TapAd_DID
Value: 706ff231-c5c7-4f72-898b-dfa6c579383b
.adsrvr.org/ Name: TDID
Value: b4b334a7-7f50-43b0-9bc5-f88259cdc421
.ads.yieldmo.com/ Name: ptran
Value: 1480268236432194020
.ads.yieldmo.com/ Name: ptrrc
Value: LPBCH79W-13-FLR8
.openx.net/ Name: univ_id
Value: 537072971|963a55a4-c8bf-44bc-8b5f-e99436d6aecb|1700753094429195
.mathtag.com/ Name: uuid
Value: fb9f655f-6ec6-4200-a3dd-37d5130888df
.ads.stickyadstv.com/ Name: UID
Value: 38fff59a54f3b6e3f5459f20cfd8df
.casalemedia.com/ Name: CMPS
Value: 3455
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7863
.lijit.com/ Name: ljt_reader
Value: HtHcjPZH7pAOeQUJTM2dtXwa
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZV9uxpQDTFLf1XJ96Fu9FAAABQMAAAAB
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrI0V7IyNDcwtDQzMrM00VGyMEbjm6HyjaDqjU3NLUB8SxNk%2BVoAoM0Qfw%3D%3D
.dotomi.com/ Name: DotomiTest
Value: 249085d8550914d9
.eqads.com/ Name: EQUser
Value: UID=7c5c6ba2-12ca-4c89-9b7d-ebd85a66d965
www.ntd.com/ Name: _geuid
Value: 9c6692ed-1077-4f72-817e-1e70b4864d85
www.ntd.com/ Name: _geps
Value: true
.demdex.net/ Name: demdex
Value: 24886288624548744103149076664909489175
.lijit.com/ Name: _ljtrtb_27
Value: b4b334a7-7f50-43b0-9bc5-f88259cdc421
.casalemedia.com/ Name: CMID
Value: ZV9uxpQDTFLf1XJ96Fu9FAAA
.casalemedia.com/ Name: CMPRO
Value: 1283
.turn.com/ Name: uid
Value: 9204659570572095488
.blismedia.com/ Name: b
Value: 655F6EC78AD6262E9A745283BLIS
.dpm.demdex.net/ Name: dpm
Value: 24886288624548744103149076664909489175
.fwmrm.net/ Name: _uid
Value: umeb608_7304678992196016317
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtobmBgbmpsYGlqYmAIAKPH57MQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzEyNDSwMDMyNTIyE-Iz1PUpDfH0Ny80NHZMKwQA_dD0jiQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzEyNDSwMDMyNTIyE-Iz1PUpDfH0Ny80NHZMKwQA_dD0jiQAAAA
.lijit.com/ Name: _ljtrtb_83
Value: LPBCH79W-13-FLR8
.adform.net/ Name: C
Value: 1
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umeb608_7304678992196016317
.ads.stickyadstv.com/ Name: MRM_UID
Value: umeb608_7304678992196016317
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005%22%2C%22nxtrdr%22%3Afalse%7D
.creativecdn.com/ Name: ts
Value: 1700753095
.creativecdn.com/ Name: u
Value: XWflqoTEXypW5gjOMEsB
.creativecdn.com/ Name: g
Value: XWflqoTEXypW5gjOMEsB_1700753095601
.adform.net/ Name: uid
Value: 8060868320676449426
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005%22%7D
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-111316b1-1261-5cac-7103-19996196370c.Jw2VQIMAG3%2Bs0BSxrfW34zi%2FqlSq9B%2FK35so3HaFv50
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-111316b1-1261-5cac-7103-19996196370c.Jw2VQIMAG3%2Bs0BSxrfW34zi%2FqlSq9B%2FK35so3HaFv50
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AERMWsRJhXKxxAxmZYZY3DEYZ_7o.s0cqL2ewMkp9xMrR%2BgUysQM3PIBT%2BeBCSOR8vRdXYBY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AERMWsRJhXKxxAxmZYZY3DEYZ_7o.s0cqL2ewMkp9xMrR%2BgUysQM3PIBT%2BeBCSOR8vRdXYBY
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIO0I46-hB3Utq28nUed9D7bHA4NS_eB-u9LOOgSMX1jQEHwYBCDH3f2qBjABOgRyABfNQgR3mBYV.4urXNF%2Be9WVgO1%2Fx4IY7OdgUbeMBPipw%2B%2BhqzPnsRp8
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIO0I46-hB3Utq28nUed9D7bHA4NS_eB-u9LOOgSMX1jQEHwYBCDH3f2qBjABOgRyABfNQgR3mBYV.4urXNF%2Be9WVgO1%2Fx4IY7OdgUbeMBPipw%2B%2BhqzPnsRp8
.linkedin.com/ Name: bcookie
Value: "v=2&99e12c28-bc85-4f81-809b-94c0b905a3b8"
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=3019:u=1:x=1:i=1700753095:t=1700839495:v=2:sig=AQE2zbaxVuL8svviqUidCTIFOpyMsKM4"
.criteo.com/ Name: uid
Value: 57745388-b908-40bb-a667-36a0056ed3d9
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-Bk0m2atE2oNzSL3VDG_Bnq_hZ4kVzX4anZNfGdbU~A
.lijit.com/ Name: _ljtrtb_97
Value: RX-596aaa96-ca3e-4642-aa8c-5d2385c9c14f-005
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnX329mpj7BYkCXyuHCXY4HXLIJLt2ODluCIrE0X_N5BvT43AqJGr2WDLxcpQC4TM1
.primis.tech/ Name: csuuid
Value: 655f6ec7c598c
.adnxs.com/ Name: anj
Value: dTM7k!M40*hgVC6ghqdmU(5<Uu`B1J!]tbn.CK$wNl!cP9Z3m9=E:jDiF4*9/Qz5L.OZFt`pT3A77#UD#>oBkb<FA:.o$Rg@d2=IeTFy^1K?to@W/rEdIhdpgmTsH/3c-YYt$HC0GPBEZ0.0JNf2F]>e$?W)*C6LIvZ5w'.iCsjtlUo_7Nz-S^>4FCnY3ME4a2m
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJjb252ZXJzYW50Ijp7InVpZCI6IkFBQUZ3c0hvNi0wVnR3TXFVemtRQUFBQUFBQSIsImV4cGlyZXMiOiIyMDI0LTAyLTIxVDE1OjI0OjUxWiJ9LCJzb25vYmkiOnsidWlkIjoiMDU5YmM2NGUtMzQ4MC00Njc2LThmMDYtOGZlZGI5Yjc1MmY5IiwiZXhwaXJlcyI6IjIwMjQtMDItMjFUMTU6MjQ6NTJaIn0sInJ1Ymljb24iOnsidWlkIjoiTFBCQ0g3OVctMTMtRkxSOCIsImV4cGlyZXMiOiIyMDI0LTAyLTIxVDE1OjI0OjU1WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTExLTIzVDE1OjI0OjUxWiJ9
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2f7r:18vk~2f7r:19e0~2f7r"
.rlcdn.com/ Name: rlas3
Value: jisKqnWLGvyCECfDn0OZbAdCwVeQcGaF9XY7OvODKno=
.rlcdn.com/ Name: pxrc
Value: CMfd/aoGEgYIkLwrEAA=
.connatix.com/ Name: cnx_userId
Value: 65d49a4432cc41a3b1b86505daa48f42
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: 97c00591-4785-4812-86cc-7be574f45b64
.prebid.a-mo.net/ Name: sd_amuid2
Value: 97c00591-4785-4812-86cc-7be574f45b64
.ipredictive.com/ Name: cu
Value: b1b26ae5-700b-4b4b-94a5-ccea647a3ec9|1700753096045
.lijit.com/ Name: ljtrtb
Value: eJwVzDEOwjAMRuG7eOaX0thObEaQEEMH1AVWxyWXQNydsj59eh%2Bqnc40ZDBLdPSpBcKjwEcqpllVzz2lLnQi48Ouj8v13v2JhXFbNzu6%2Fx%2FbC%2BotIrwhg9%2BQJhURltC9sml6LjJRitL3B9yXHWk%3D
.lijit.com/ Name: _ljtrtb_86
Value: 93h7jwPj30ILddVCjYoP0KhCda09G0CE5XlThRKjgMA
.lijit.com/ Name: _ljtrtb_80
Value: LPBCH79W-13-FLR8
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AACW307Kvt4AABKAVLVgzQ
.alocdn.com/ Name: uuid
Value: 7a480064-b68f-414e-b105-2a937af88d2d
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bGsCqF6HSp6Pzp6X1XS67N80UiJJiqwnvePS0asmv1AIUlFFhZLBscfE1AkfsqbcgkwMD3dSGT6eXaOgzXjMDayFQ+RbmB32Z6ma+WVcS1g3g==
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: E3mCmxwcSN
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEHGTz9F4Gk6UMqcesPlwFlI
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwiCnKSIzJC2PBAFEhUKBmNhc2FsZRILCNbN3InMkLY8EAUYASABKAIyCwiOu8LG4pC2PBAFOAFaCXN0aWNreWFkc2AC
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMUEJDSDc5Vy0xMy1GTFI4IiwiZXhwaXJlcyI6IjIwMjMtMTItMDdUMTU6MjQ6NTYuMzY3NzA2NzczWiJ9fX0=
.hb.yahoo.net/ Name: visitor-id
Value: 3437546960898689000V10
.hb.yahoo.net/ Name: data-mag
Value: LPBCH79W-13-FLR8~~63
.ads.stickyadstv.com/ Name: uid-bp-892
Value: b4b334a7-7f50-43b0-9bc5-f88259cdc421
.intentiq.com/ Name: intentIQCDate
Value: 1700753096643
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUd1JtZldw
.intentiq.com/ Name: IQPData
Value: 1176108986#1700753096637#0#1700753096637
.intentiq.com/ Name: IQMID
Value: 1176108986#1700753096647
.ads.stickyadstv.com/ Name: uid-bp-951
Value: 1480268236432194020
.w55c.net/ Name: wfivefivec
Value: IbgmWfnB1R6bzz5
.w55c.net/ Name: matchfreewheel
Value: 5
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: IbgmWfnB1R6bzz5
.ads.stickyadstv.com/ Name: uid-bp-20721
Value: 31d6da40-aa74-4b1f-b96b-5ab236a43189
.ads.stickyadstv.com/ Name: uid-bp-25746
Value: b1b26ae5-700b-4b4b-94a5-ccea647a3ec9
a.clickcertain.com/ Name: _ccpx_u
Value: 97ddf2b0%2d6171%2d471f%2dac55%2db57584cc9c4e
a.clickcertain.com/ Name: _ccpx
Value: 2455d1796b86efb
a.clickcertain.com/ Name: _ccpx_2455d1796b86efb
Value: 1

6 Console Messages

Source Level URL
Text
javascript error URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Message:
Access to XMLHttpRequest at 'https://prebid.adnxs.com/pbs/v1/openrtb2/auction' from origin 'https://www.ntd.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.ntd.com/at-nyc-lunar-new-year-parade-falun-gong-adherents-have-message-for-the-world_896438.html
Message:
Access to XMLHttpRequest at 'https://prebid.adnxs.com/pbs/v1/openrtb2/auction' from origin 'https://www.ntd.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D
Message:
Failed to load resource: net::ERR_SOCKET_NOT_CONNECTED
network error URL: https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2ff71852cc4cef8a8b53f22056c9474a.safeframe.googlesyndication.com
a.clickcertain.com
a.remarketstats.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ads.stickyadstv.com
ads.yieldmo.com
analytics.google.com
ap.lijit.com
b-code.liadm.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
capi.connatix.com
casale-match.dotomi.com
cdn.epoch.cloud
cdn.indexww.com
ce.lijit.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
creativecdn.com
cs.minutemedia-prebid.com
csync.loopme.me
data.adsrvr.org
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
exchange.mediavine.com
exchange.postrelease.com
fastlane.rubiconproject.com
fonts.gstatic.com
hb.yahoo.net
htlb.casalemedia.com
i.liadm.com
i.ntd.com
i6.liadm.com
ib.adnxs.com
id.rlcdn.com
idx.liadm.com
image8.pubmatic.com
js-sec.indexww.com
live.primis.tech
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mixi.media
ntd.com
onetag-sys.com
p.alocdn.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.a-mo.net
prebid.adnxs.com
pwe.epochbase.com
px.ads.linkedin.com
rp.liadm.com
rp4.liadm.com
s.ad.smaato.net
s.amazon-adsystem.com
s.seedtag.com
s2s.t13.io
s3-us-west-2.amazonaws.com
sc.youmaker.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssum-sec.casalemedia.com
stat.media
stat.mixi.media
static.mixi.media
static3.mixi.media
static6.mixi.media
static8.mixi.media
stats.g.doubleclick.net
stx-match.dotomi.com
subs.epochbase.com
sync-amz.ads.yieldmo.com
sync.1rx.io
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
u.openx.net
um.simpli.fi
um4.eqads.com
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ntd.com
www.youtube.com
x.bidswitch.net
ad.turn.com
csync.loopme.me
prebid.adnxs.com
104.18.38.76
104.72.158.153
104.97.85.51
136.243.66.182
142.251.16.156
147.28.129.140
151.101.129.108
172.64.146.152
172.64.151.101
18.160.10.17
18.213.154.57
185.162.95.70
185.167.164.43
185.184.8.90
185.89.208.11
192.132.33.69
199.127.204.142
199.38.167.130
213.19.162.80
23.12.144.101
23.83.76.85
2600:1f18:4e9:5a05:37a8:24af:759b:4c92
2600:1f18:730:b120:c62f:9488:7811:a2e
2600:1f18:ed:550a:3df5:cbd:6b19:ec2c
2600:9000:201e:4200:1a:5235:f980:93a1
2600:9000:215f:0:1b:5138:8a40:93a1
2600:9000:215f:3a00:8:8845:1500:93a1
2600:9000:215f:ee00:1b:6b7d:2300:93a1
2602:803:c002:200::41
2606:4700:20::681a:27a
2606:4700:20::ac43:4acf
2606:4700::6810:7aaf
2606:4700::6812:181e
2606:4700:e6::ac40:ca07
2606:ae80:1451:11::2010
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::8b
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c0b::6a
2607:f8b0:4004:c17::61
2607:f8b0:4004:c17::9b
2607:f8b0:4004:c17::9d
2607:f8b0:4004:c1b::84
2607:f8b0:4004:c1d::5d
2607:f8b0:4004:c1d::84
2620:112:f002:bbbb::21
2620:1ec:21::14
3.161.212.32
3.213.126.75
3.214.253.15
3.215.46.21
3.225.218.10
34.107.140.113
34.107.251.162
34.110.129.224
34.111.113.62
34.120.97.157
34.149.50.64
34.225.212.107
34.228.100.56
34.231.99.255
34.96.105.8
35.208.249.213
35.211.178.172
35.236.220.17
35.244.154.8
35.244.159.8
44.214.40.113
50.16.62.247
51.222.39.186
52.1.31.170
52.218.205.56
52.223.40.198
52.46.143.56
52.85.107.191
52.85.132.15
52.86.174.189
52.87.69.135
52.95.122.74
54.159.72.222
54.71.111.90
54.84.191.206
54.85.125.66
63.251.28.133
63.251.86.51
68.67.179.155
69.166.1.34
69.173.151.100
74.119.119.150
74.121.140.211
8.28.7.82
8.43.72.98
007d5b34cab95c4f3358e8edff43f58871194503b4b8b50bf752736169638ba7
026b04eb7670fbe78a8b90f06ace47478464183d20bfe13c82bbc60d5cc2ac0f
02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55
069e8a7c90d32bc5d9b4cbfe7fd043d9f9cee51e2aa6be0c334923eb4b749084
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a7de850470a7ca3b05e0562c8cc2f485568503de511a6ec24420c3fdd4264f9
0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb27fba4d75d184c99cc0a90cafa688fa860201fba285c132280c852d751f09
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c5a3e13ad52b15a5e9f82b95a971d1203facb8ff8a47ac5fe144d61f2ec7c77
0cd025650731be40fa9351f621181de6458980ce8ca01bcdbdbc12afac2f31c2
0de2a176ad08f62d4eb01561e51936094f156760b03746e2f17e69345824f7b2
0ea258555e5fcf60617c4791778cba754e64b9acb2792b47c32af0cf2dfa0b3e
0fb1e76f62d72742220f880ca9a0c2184391098cb0b60116fe01aff3729a29fb
12d467813dd443184a5c52c782f0b3c2a401a873d28dc9130ac30900dc8590ab
133bd9c50accec513f057a09b3be1d84c8c791b8646640223573deca444f4657
15740d57e5110399735f18958d8a9bbb2b1468b209ba051519086f29cf7b8433
163cb5d5188442a3dc0cc458a58b06a08e498eea3ae25e310c473cdaae977f39
168fb280da84af940d43d3a03eae970a4cdcfcf42c60f4db58f38168f03fea89
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1b11ad23915468560a9fa86d6a2cf326726fc52e8da1d55184a91bbc256d64e0
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
203e0f4dcfd2bed10b75a8fd250568838f01d4fd3363279741962d77675af937
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
269ecd5384cff5988118c07b549ecf90eb9382d69477cae705ac84217405ee06
282122cc5070f90657b0f493556c9858db0fbeeee26bc7fc26cf2df0b01eef7c
2e52b90c4576fcc79aa119ec5d779a093ae19822d0a3f220d5e52db8251389f7
2f009a44aa057e608440849ba7d59135c178393165207fb8268d1680f9365b5b
30604d2b81aaa9388b0d54ca754fbc8f2464a8affd0c2c049edd02a031c3170b
3122cc88d9f81a4c920a78d3a4195659dea8135b6bb104610471f8d856218530
37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096
389fa4125ec3420aaa5b87423adc74c1e2fdbae9cd1eefb2dc2634b5032f4be7
390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700
39606abb2773dd3c0cdad88f49c31445e9d558631c25fb21bcbf06046c361340
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ec251d05abab8e5f107b3bdda10a535e84ff677ccc282d9d61f0335fc01268f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404f1bf85f9a58a8a50a033f3ad275b88aeee36395aa4ba6d447f2fb9bb42e3a
4505adde3a6db0f39a9dc7428643d1e9b84331c2d3022bec401b7002c07369e5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c675529d813e074e45b83d5d12dde2bf726bb6b31ee8227dbfcf946e05af5c
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
4a085a48de1c29460f6e8dde984099c3cc348ea5db5bf26a878178939eb77d0c
4a14c309f1d214318225f48804b9d3ba2bc977352d072b0ddbaf832859d293ab
4a61c1aa9951ded49fd4122734c9ccdb31c3f34aa8865ed7b7dae0873713d853
4a6fff8e4746724d6b7a0cadd7b189300165a442228b58f2a9c30ab1fedbbc1b
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53633e0adc901215f864e5f238869dc03eced4671b4b8a1a866d6a42466fc816
53ed511ad10e71682b09ab0a1c1e64274db0d10faa289f8dd9ac0c9a587e808b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e42d6984215cd2526b7a6f01bb23d649c746af9fafbb60bd3d43b09e4d123
585a1717771fe70744105938c9bc5fb1d34eff76986494faf1686f01d6a680df
59dc788326a1d20f4bfb5fc192505829a9ed9f12e9fe90c3cff7c4e00156f31f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6123d5a6a5462a1133375cda85757f7c42ebacba5d5a60531b7b1a521c536465
614df6c217d2641b5f4380f36bedff2eafe63289218809dbc8c6f34e15701567
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
641d72ddefb953f6ac870a992be6a9d7cb1154a3b77a666fb6cb253ec7e52e03
6567f1f26bf9c8ab32576cb70744a2cd20f4efdca1047484da01887e1b3a5963
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6800eb63dc978c9903864b28a08ed4f6b533bdb842ac6622a07c311e47a0a298
6951c7c304900b4e2b7f0213fab3e077225b9bd842056a10134b0afbb1be26db
69ac4fcaeeb36708015ea52ad19eca5b19063c0c7125b83f69f0d9dd445cca06
6d5147ae622961cfd2306561f66fd89f43f0bcb9f4f36d70884aafae1b93826f
713263f98de24816dc9c23cceaac5e33d2d503c3e3279d5f594f3c6bbc37f00d
720530af830892701ef8b15094596aba1a91afffc1a013cad9103da6cd9df0e4
72fd7e24b02580e7f6501d079c90a19d4c87ab4624c51f96f4e3c7a07a0e30d4
745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44
74ae5337bf7163e6da1d15cb96374543ff3be0333571bc2943ae04d4b357129b
751f916eef378462304f9f5cfefdfa560eba2ae4ec02c7b94d3bca7214c002b3
779d8fdda515b570970a5fb09b5eefbf0c8ec6300d969d4d609806a37f77e803
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7b12f2c5cfbe0417910a1f136368ac2d40abd2bcf4329f8e6c7b7483ca5254b9
7e9ebe92e6ab9c85b3bc2dbe089f5884936d5d2deced272eb37219836a034556
7f81fc2f3cc04c1f965f2683dc2b369bd4ebbc18b454196d101f74f69efe3433
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5
852bc27ae5c552e352212ac40f04603e0167a57636d51cccc9acc6797796991b
85e52aca7f16282019bb0a6dda29fdb1f91f9e9ad6339f4aae0efa30e41c864f
86587e974d57e7489b5d60f8b446f48aa89bfedf7be4d003204256c1ca3cc9fe
871b8242d1aabad13d92c8fac67273aa5e5aef0ecdb1f31985b0b0a807b0e2f3
89212680eca99e193dac400ed5dc6f7e45ac861b49732483114803fe3193e650
8c497f68641e8abd81d72b3b6bae5b3e3ca4f92c3e95cf9169c4de2477f8a7bf
8fdf7c13d5b3b559871a32380728a9c126bd004577031335423da2c981141407
91ae542a7870e4109b73586afaa1550a4a23c06688d370051a10b2803c3fd62b
92a96977b3a5107b1c7c5bd8d603b01792eabfb32090695967f04b207b154c5d
933adce374ea86b379d7ce7f45537ed7efc6d25d839f4298efdecb0e2fae8183
983326464044996937b52c6890af12cf4d72d60e1a7351dc0d3aa53549dfe614
99e232f0777782167244e5f824d348b49a9f92446b12810aa4a3d7216572aeaf
9a22035361ff03a917f8a03ee6efeb4848ca6caded308c2630c1031bfe754d92
9c21eea3ff63e3cbe49cfe06d47eba4a268ed5e2d583d9fbe8590f39b85212ae
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9e33b98871ae098fb62dd6f123409a67fad6a3d0e8e22120a7d9b9188814b11a
9f36e8ca5dcf2d6239d390499de5c3a0cdc7539143d6fb049bb6a934829883b8
a06e848c173d7fdccf63861e5a13336c035d70024c5edb3e9f5611a04a802250
a0f1145cf1f95c67cbb5a83ea895f2662b8d26230986bcaef03842ad7da9e69b
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a207fbabb76a765c99d31d89bac2e18037120a7079f0ae44201163aae301f6de
a5034624d77bf23f1b3f8d96aba64011cbffea1585d6f3041abaeb675736e4f6
a6626bda924b82d98179141733bb25ee76b32d1c01b1f237405fdd2c7b8ccec8
ab102b65cd0580b53633fa7396974f47cbaac345e99a3b2fb616198776d79282
aeb31f1ee02675acb9388db1392b3cf1fa9e47d53ebeef47b9020b65bc981e58
af82cd92cb1df231870f60b847a411fcc4adfffef67f01fff41885828edee2e3
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b0512ff1ecca4eeaa79eabd6f059915e9cec84022c2f78519acf20d942b628e0
b0b305e408e4d852e855962afee13321ebf52d3894e1a8a42dfbf8d3b4741a9e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b296d9967f2f50e4b2edfa7c959efacf4ea5f64eb9e96e6dc815e57fbed48e55
b2997f9a557c9b636e93dfa7b84a57dfc6c7e3b6593f0341b77891dd7e19cc91
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144
b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec
b8b6528bc2a63e986a842311ca6971aac53d77331c25d16a03e9e45de5bccf8f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d
c7f6c50373b11c90ab48d22df301ff705b05c61e4efaf19e03a57dd79a63f4c0
c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d20db6c1df31874b999f525e1eb15c5041d7b5b94c7336754c97d72fca64c1f1
d38468263d67fc86718b19ea5585ad67b413fc85ce55c82bec81f159923c830d
d6e6b8176fad5cad7c3b7c4ba8f96cecace409a5881109b6c315b3b3e67a7060
d780c2236b34848e2b3b15b3b2529b1eea1c2e7d92fbda888ad6766cbfe80bff
d91d0c708f4c38040c4aa6419b93e38e256e252389f9fecd5f8f03f4f7af721d
dbf880ffbf033a903d3adeb3d8f9a48fc3ac2bf6bfe20a15fea5d19b25094306
dcb05bc6f6bc43783fe6132aeee6ecdacfc83c8223f32aa9c998c75b7f3dd9d9
dcbaf75dbf6880af85eed3cfc7d9619f9f772f9c125ef87a9a10cd65a161ccdb
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcf538ab166e90e4dfda982d360b06de8da42bd945c277ec6f357a55b43bbc5b
e33012d7d29d3d36612209c9a3a610cfefa188eb44cc85b40cd35a7ac1bfd398
e37853993ce02f2f6249ecfbf554c4d36db8423a1b5d1cf2f0f132b743a0e26c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e486c64f1de4a585fd8d2794aeb4f3853d13ffe3a45f397ed18ad7dc6fd2feed
ed7265e462c0822fa4d785263d913c8bbdf9ca3a3b379c07c184e0ac12b075ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8f27c714729b89b92fa5255e9e9fea9b24c62f19b11f55508b0a3070da5279
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
efb53e9377bb698c663c5159f6b7eeb5561a23698660a117e96ac5977d1dec9c
f2fbec20eff343b19ab9e0f85926cdee9701203228f142d35c1727e833850c1f
f5a33ccfcc05ae337e7f3924e408ae1486f368970ed761aabed6e7b057651498
f61ff4f888bc3690036c62d05030f9e8710d2c86e0593c517c02f60719860e92
f8e78daa065e02de5d8b249192b4e2c364a523cff15f783b273a38664634354b
f90338473cb76d2ea048cf525b2b2b42208ac2d559ec801976e3e002747eb5fc
f9c7a94402c5831093dd4d367f342738134ea0844bad5270eab2ddcac95e4470
f9eddf5a65005ab000071c3179eaa30fce0f40e67d742a18ce8caf892264a652
fb2ca5c959e60b125bc07e2f962d60dafea7cfb55b9193d33f4879501db7a21d
fc2369512161677104c40f001cfee9c0f05f446fee673f485b2041aa8f932805
fc7ab1bd0db40d4a02ebd94751171030e4f736b77a85ac3d3e1372da25a062b6