urlscan.io logo urlscan.io
SecurityTrails logo

www.theepochtimes.com Open in urlscan Pro
151.139.128.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://url9334.thenewsprovider.com/ls/click?upn=0vDAPwGqck0IuJsyrwqTOt1wf90RZzgsX-2FjBraNGhK-2BQXVI2oBrBc2uCy4y-2FtPiPLzcmDBTnyXTEQ...
Effective URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=Ema...
Submission: On January 25 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 84 IPs in 8 countries across 85 domains to perform 411 HTTP transactions. The main IP is 151.139.128.11, located in United States and belongs to HIGHWINDS3, US. The main domain is www.theepochtimes.com. The Cisco Umbrella rank of the primary domain is 39333.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 1st 2020. Valid for: 2 years.
This is the only time www.theepochtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.56 11377 (SENDGRID)
1 1 34.107.238.87 15169 (GOOGLE)
53 151.139.128.11 20446 (HIGHWINDS3)
36 35.244.243.66 15169 (GOOGLE)
5 54.192.160.42 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
3 54.230.162.78 16509 (AMAZON-02)
13 34.120.33.89 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 35.201.68.206 15169 (GOOGLE)
2 34.120.97.157 15169 (GOOGLE)
4 4.7.168.73 3356 (LEVEL3)
1 3 2620:116:800b... 14618 (AMAZON-AES)
1 13.225.214.10 16509 (AMAZON-02)
2 4 13.226.31.3 16509 (AMAZON-02)
1 2607:f8b0:402... 15169 (GOOGLE)
8 142.251.40.162 15169 (GOOGLE)
1 2600:9000:21d... 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 13.225.214.4 16509 (AMAZON-02)
1 18.217.60.34 16509 (AMAZON-02)
3 68.67.153.61 29990 (ASN-APPNEX)
7 15 68.67.160.25 29990 (ASN-APPNEX)
2 3.216.54.241 14618 (AMAZON-AES)
2 23.39.175.77 16625 (AKAMAI-AS)
5 35.244.159.8 15169 (GOOGLE)
2 3.92.156.8 14618 (AMAZON-AES)
14 136.243.66.182 24940 (HETZNER-AS)
1 5 8.43.72.98 26667 (RUBICONPR...)
1 17 209.54.180.144 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 69.166.1.10 27630 (AS-XFERNET)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:21e... 16509 (AMAZON-02)
3 3 52.116.221.248 36351 (SOFTLAYER)
2 27 23.208.217.6 16625 (AKAMAI-AS)
5 5 2001:678:cb4:... 56396 (AMOBEE)
2 9 104.16.190.66 13335 (CLOUDFLAR...)
5 10 18.204.50.126 14618 (AMAZON-AES)
5 23.208.216.212 16625 (AKAMAI-AS)
4 23.73.244.44 16625 (AKAMAI-AS)
1 2 23.92.190.74 29791 (VOXEL-DOT...)
4 185.162.95.70 41722 (MIRAN-AS ...)
6 6 151.101.2.49 54113 (FASTLY)
1 7 2600:1f18:4e9... 14618 (AMAZON-AES)
9 9 52.223.40.198 16509 (AMAZON-02)
5 18 34.98.64.218 15169 (GOOGLE)
14 17 142.251.40.194 15169 (GOOGLE)
5 5 68.67.179.87 29990 (ASN-APPNEX)
1 1 54.144.85.208 14618 (AMAZON-AES)
2 2 192.132.33.46 18568 (BIDTELLECT)
9 9 54.236.214.209 14618 (AMAZON-AES)
5 72.251.238.254 29791 (VOXEL-DOT...)
4 4 199.127.204.142 26120 (RHYTHMONE)
3 104.36.115.113 62713 (AS-PUBMATIC)
6 6 2001:438:65:1... 26762 (CNVR-US-EAST)
1 2 18.213.10.151 14618 (AMAZON-AES)
5 5 8.43.72.97 26667 (RUBICONPR...)
1 2 185.167.164.43 198622 (ADFORM)
9 104.36.115.109 62713 (AS-PUBMATIC)
4 8 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
7 7 216.200.232.249 30419 (MEDIAMATH...)
6 104.36.115.114 62713 (AS-PUBMATIC)
7 8.28.7.83 62713 (AS-PUBMATIC)
1 2001:4998:14:... 14777 (YAHOO)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 34.73.194.24 396982 (GOOGLE-PR...)
4 4 34.225.172.55 14618 (AMAZON-AES)
4 6 52.45.33.138 14618 (AMAZON-AES)
6 8 35.211.178.172 19527 (GOOGLE-2)
3 3 35.190.90.30 15169 (GOOGLE)
5 7 107.178.246.49 15169 (GOOGLE)
1 3 2600:9000:21e... 16509 (AMAZON-02)
1 104.16.68.69 13335 (CLOUDFLAR...)
6 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
14 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
6 9 2606:4700:303... 13335 (CLOUDFLAR...)
1 13.226.31.67 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 151.101.193.108 54113 (FASTLY)
6 2606:4700:303... 13335 (CLOUDFLAR...)
2 4 35.186.253.211 15169 (GOOGLE)
4 4 52.71.206.53 14618 (AMAZON-AES)
5 5 207.198.113.176 13768 (COGECO-PEER1)
2 2 34.194.166.233 14618 (AMAZON-AES)
2 4 52.4.54.89 14618 (AMAZON-AES)
2 2 3.221.247.3 14618 (AMAZON-AES)
4 2607:f8b0:400... 15169 (GOOGLE)
1 1 52.4.194.209 14618 (AMAZON-AES)
1 1 13.225.214.101 16509 (AMAZON-02)
2 2 34.229.3.43 14618 (AMAZON-AES)
4 35.201.65.119 15169 (GOOGLE)
1 172.105.13.95 63949 (LINODE-AP...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 198.148.27.139 19189 (PULSEPOINT)
2 2 132.226.41.106 31898 (ORACLE-BM...)
2 74.119.119.150 19750 (AS-CRITEO)
2 169.197.150.8 398989 (DEEPINTENT)
8 8 146.59.148.16 16276 (OVH)
2 2 52.0.156.250 14618 (AMAZON-AES)
1 1 76.13.32.147 26101 (YAHOO-BF1)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 4 35.201.96.126 15169 (GOOGLE)
2 8.28.7.109 62713 (AS-PUBMATIC)
2 4 52.200.167.170 14618 (AMAZON-AES)
2 54.84.55.94 14618 (AMAZON-AES)
1 173.223.56.123 16625 (AKAMAI-AS)
411 84
1    167.89.115.56 (Herndon, United States)

ASN11377 (SENDGRID, US)
PTR: o16789115x56.outbound-mail.sendgrid.net
url9334.thenewsprovider.com
1    34.107.238.87 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 87.238.107.34.bc.googleusercontent.com
trk.sharelink.email
53    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
www.theepochtimes.com
img.theepochtimes.com
36    35.244.243.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.243.244.35.bc.googleusercontent.com
subs.youmaker.com
5    54.192.160.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-160-42.ewr53.r.cloudfront.net
c.amazon-adsystem.com
3    2607:f8b0:4006:81f::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    54.230.162.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-78.ewr53.r.cloudfront.net
js.chargebee.com
13    34.120.33.89 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 89.33.120.34.bc.googleusercontent.com
comment.youmaker.com
3    2607:f8b0:4006:807::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    35.201.68.206 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 206.68.201.35.bc.googleusercontent.com
www.youmaker.com
2    34.120.97.157 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 157.97.120.34.bc.googleusercontent.com
sc.youmaker.com
4    4.7.168.73 (United States)

ASN3356 (LEVEL3, US)
ea.epochbase.com
3    2620:116:800b:21:9525:7e6a:be2b:3707 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
1    13.225.214.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-10.ewr50.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
4    13.226.31.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-3.ewr53.r.cloudfront.net
sb.scorecardresearch.com
1    2607:f8b0:4023:1404::9b (Columbus, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2600:9000:21dd:0:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
6    2607:f8b0:4006:81d::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    13.225.214.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-4.ewr50.r.cloudfront.net
certify.alexametrics.com
1    18.217.60.34 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-217-60-34.us-east-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
3    68.67.153.61 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.nym2.adnexus.net
prebid.adnxs.com
15    68.67.160.25 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 563.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    3.216.54.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-54-241.compute-1.amazonaws.com
g2.gumgum.com
2    23.39.175.77 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-175-77.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
epoch-times-d.openx.net
u.openx.net
us-u.openx.net
2    3.92.156.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-156-8.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
14    136.243.66.182 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mixi.media
mixi.media
static.mixi.media
target.mixi.media
static1.mixi.media
static2.mixi.media
static4.mixi.media
static6.mixi.media
static3.mixi.media
static5.mixi.media
static7.mixi.media
static8.mixi.media
5    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
17    209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
1    2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)
163ad3d3cef73823fb6ee7c8560a3ece.safeframe.googlesyndication.com
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
5    2607:f8b0:4006:817::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2600:9000:21ea:fc00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    52.116.221.248 (United States)

ASN36351 (SOFTLAYER, US)
PTR: f8.dd.7434.ip4.static.sl-reverse.com
um.simpli.fi
27    23.208.217.6 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-217-6.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
js-sec.indexww.com
5    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
9    104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.districtm.io
dmx.districtm.io
10    18.204.50.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-50-126.compute-1.amazonaws.com
match.sharethrough.com
5    23.208.216.212 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-216-212.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    23.73.244.44 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-244-44.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    23.92.190.74 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
4    185.162.95.70 (Russian Federation)

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: sm-server1-1.smir12.imcmdb.net
stat.media
6    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
7    2600:1f18:4e9:5a02:b6fc:4de6:8023:56cb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
9    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
18    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
17    142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
cm.g.doubleclick.net
5    68.67.179.87 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
1    54.144.85.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-85-208.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
9    54.236.214.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-214-209.compute-1.amazonaws.com
match.prod.bidr.io
5    72.251.238.254 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
4    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    2001:438:65:13::2330 (United States)

ASN26762 (CNVR-US-EAST, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
2    18.213.10.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-10-151.compute-1.amazonaws.com
um2.eqads.com
5    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
token.rubiconproject.com
2    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
9    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
8    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
7    216.200.232.249 (United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
7    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    2001:4998:14:800::1000 (Ashburn, United States)

ASN14777 (YAHOO, US)
ads.yahoo.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    34.73.194.24 (North Charleston, United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 24.194.73.34.bc.googleusercontent.com
dmx.us-east-34.districtm.io
4    34.225.172.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-172-55.compute-1.amazonaws.com
pixel.advertising.com
6    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
8    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
3    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
7    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
3    2600:9000:21ea:2600:1a:609a:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
aa.agkn.com
1    104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
6    2607:f8b0:4006:806::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
14    2606:4700:3038::6815:ea4e (United States)

ASN13335 (CLOUDFLARENET, US)
services.epoch.cloud
cdn.epoch.cloud
subsapi.epoch.cloud
1    2606:4700:20::681a:27a (United States)

ASN13335 (CLOUDFLARENET, US)
a.remarketstats.com
9    2606:4700:3039::6815:c074 (United States)

ASN13335 (CLOUDFLARENET, US)
a.clickcertain.com
1    13.226.31.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-67.ewr53.r.cloudfront.net
clientcdn.pushengage.com
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
6    2606:4700:3038::6815:ea4f (United States)

ASN13335 (CLOUDFLARENET, US)
subsapi.epoch.cloud
cdn.epoch.cloud
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    52.71.206.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-206-53.compute-1.amazonaws.com
sync.ipredictive.com
5    207.198.113.176 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    34.194.166.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-166-233.compute-1.amazonaws.com
i.liadm.com
4    52.4.54.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-54-89.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    3.221.247.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-247-3.compute-1.amazonaws.com
ads.creative-serving.com
4    2607:f8b0:4006:809::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    52.4.194.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-194-209.compute-1.amazonaws.com
d.adroll.com
1    13.225.214.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-101.ewr50.r.cloudfront.net
cm.smadex.com
2    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadm.exelator.com
4    35.201.65.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.65.201.35.bc.googleusercontent.com
auth.youmaker.com
1    172.105.13.95 (Toronto, Canada)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1968-95.members.linode.com
service.djywork.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    132.226.41.106 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
8    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh
pixel.onaudience.com
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loada.exelator.com
1    76.13.32.147 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
cms.analytics.yahoo.com
2    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
4    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
2    8.28.7.109 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
4    52.200.167.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-167-170.compute-1.amazonaws.com
io.narrative.io
2    54.84.55.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-55-94.compute-1.amazonaws.com
rtb.adentifi.com
1    173.223.56.123 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-123.deploy.static.akamaitechnologies.com
tags.bluekai.com
Apex Domain
Subdomains		 Transfer
56 youmaker.com
subs.youmaker.com — Cisco Umbrella Rank: 48678
comment.youmaker.com — Cisco Umbrella Rank: 50923
www.youmaker.com — Cisco Umbrella Rank: 51522
sc.youmaker.com — Cisco Umbrella Rank: 51026
auth.youmaker.com — Cisco Umbrella Rank: 88968
2 MB
53 theepochtimes.com
www.theepochtimes.com — Cisco Umbrella Rank: 39333
img.theepochtimes.com — Cisco Umbrella Rank: 26062
3 MB
32 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 473
image6.pubmatic.com — Cisco Umbrella Rank: 595
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image4.pubmatic.com — Cisco Umbrella Rank: 848
image2.pubmatic.com — Cisco Umbrella Rank: 1032
simage4.pubmatic.com — Cisco Umbrella Rank: 1179
aud.pubmatic.com — Cisco Umbrella Rank: 5343
67 KB
27 openx.net
epoch-times-d.openx.net — Cisco Umbrella Rank: 217104
u.openx.net — Cisco Umbrella Rank: 710
us-u.openx.net — Cisco Umbrella Rank: 359
rtb.openx.net — Cisco Umbrella Rank: 1548
4 KB
26 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
139 KB
25 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 461
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
dsum.casalemedia.com — Cisco Umbrella Rank: 1272
30 KB
25 adnxs.com
prebid.adnxs.com — Cisco Umbrella Rank: 1759
ib.adnxs.com — Cisco Umbrella Rank: 241
secure.adnxs.com — Cisco Umbrella Rank: 404
acdn.adnxs.com — Cisco Umbrella Rank: 565
55 KB
22 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 281
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
55 KB
20 epoch.cloud
services.epoch.cloud — Cisco Umbrella Rank: 70096
subsapi.epoch.cloud — Cisco Umbrella Rank: 73516
cdn.epoch.cloud — Cisco Umbrella Rank: 66200
159 KB
17 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 693
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
ads.yahoo.com — Cisco Umbrella Rank: 913
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1023
11 KB
14 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
eus.rubiconproject.com — Cisco Umbrella Rank: 541
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1135
token.rubiconproject.com — Cisco Umbrella Rank: 689
28 KB
14 mixi.media
mixi.media — Cisco Umbrella Rank: 45090
static.mixi.media — Cisco Umbrella Rank: 81687
target.mixi.media — Cisco Umbrella Rank: 54295
static1.mixi.media — Cisco Umbrella Rank: 71799
static2.mixi.media — Cisco Umbrella Rank: 71500
static4.mixi.media — Cisco Umbrella Rank: 96671
static6.mixi.media — Cisco Umbrella Rank: 86413
static3.mixi.media — Cisco Umbrella Rank: 74749
static5.mixi.media — Cisco Umbrella Rank: 146946
static7.mixi.media — Cisco Umbrella Rank: 77915
static8.mixi.media — Cisco Umbrella Rank: 95097
477 KB
12 googlesyndication.com
163ad3d3cef73823fb6ee7c8560a3ece.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
310 KB
11 districtm.io
cdn.districtm.io — Cisco Umbrella Rank: 2067
dmx.districtm.io — Cisco Umbrella Rank: 1407
dmx.us-east-34.districtm.io — Cisco Umbrella Rank: 18286
5 KB
10 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 637
2 KB
10 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
9 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 3750
7 KB
9 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 524
4 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
data.adsrvr.org — Cisco Umbrella Rank: 6192
5 KB
8 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1510
3 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
3 KB
8 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 316
id.rlcdn.com — Cisco Umbrella Rank: 738
1 KB
7 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 419
3 KB
7 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
4 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
ce.lijit.com — Cisco Umbrella Rank: 816
7 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 13
adservice.google.com — Cisco Umbrella Rank: 80
39 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
348 KB
6 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2733
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3523
2 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
1 KB
5 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
3 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
2 KB
4 narrative.io
io.narrative.io — Cisco Umbrella Rank: 2498
1 KB
4 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 4756
2 KB
4 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1077
loada.exelator.com — Cisco Umbrella Rank: 23037
4 KB
4 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 673
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
2 KB
4 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1187
2 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 636
4 KB
4 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 327
1 KB
4 stat.media
stat.media — Cisco Umbrella Rank: 20469
29 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 138
2 KB
4 epochbase.com
ea.epochbase.com — Cisco Umbrella Rank: 60812
850 B
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 442
2 KB
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 890
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 528
2 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 745
1 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1019
pixel.quantserve.com — Cisco Umbrella Rank: 424
11 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
101 KB
3 chargebee.com
js.chargebee.com — Cisco Umbrella Rank: 23847
68 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
164 KB
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1228
176 B
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1427
mwzeom.zeotap.com — Cisco Umbrella Rank: 1680
897 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 921
351 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 691
724 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1292
1 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2427
32 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3972
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 512
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
498 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
114 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 797
850 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 608
952 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 3893
563 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 746
1 KB
2 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1545
667 B
2 google.ca
www.google.ca — Cisco Umbrella Rank: 7861
adservice.google.ca — Cisco Umbrella Rank: 12419
1 KB
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 466
583 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 577
800 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
11 KB
1 djywork.com
service.djywork.com
1004 B
1 smadex.com
cm.smadex.com — Cisco Umbrella Rank: 3785
528 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1561
112 B
1 pushengage.com
clientcdn.pushengage.com — Cisco Umbrella Rank: 14672
18 KB
1 remarketstats.com
a.remarketstats.com — Cisco Umbrella Rank: 36771
691 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1208
606 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4739
360 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
584 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 973
657 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 707
238 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1044
773 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 alexametrics.com
certify.alexametrics.com — Cisco Umbrella Rank: 3682
552 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 898
429 B
1 cloudfront.net
d31qbv1cthcecs.cloudfront.net
5 KB
1 sharelink.email
trk.sharelink.email — Cisco Umbrella Rank: 655557
515 B
1 thenewsprovider.com
url9334.thenewsprovider.com
626 B
411 85
Domain Requested by
36 subs.youmaker.com www.theepochtimes.com
subs.youmaker.com
27 www.theepochtimes.com www.theepochtimes.com
subs.youmaker.com
26 img.theepochtimes.com www.theepochtimes.com
subs.youmaker.com
20 us-u.openx.net 5 redirects u.openx.net
www.theepochtimes.com
us-u.openx.net
17 cm.g.doubleclick.net 14 redirects u.openx.net
eus.rubiconproject.com
17 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
match.sharethrough.com
ap.lijit.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
ads.pubmatic.com
www.theepochtimes.com
us-u.openx.net
15 ib.adnxs.com 7 redirects www.theepochtimes.com
acdn.adnxs.com
13 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
um2.eqads.com
13 comment.youmaker.com www.theepochtimes.com
comment.youmaker.com
12 subsapi.epoch.cloud www.theepochtimes.com
subs.youmaker.com
10 match.sharethrough.com 5 redirects s.amazon-adsystem.com
match.sharethrough.com
10 www.google-analytics.com www.theepochtimes.com
www.google-analytics.com
9 a.clickcertain.com 6 redirects a.remarketstats.com
a.clickcertain.com
9 simage2.pubmatic.com ads.pubmatic.com
9 match.prod.bidr.io 9 redirects
8 pixel.onaudience.com 8 redirects
8 x.bidswitch.net 6 redirects www.theepochtimes.com
a.clickcertain.com
8 match.adsrvr.org 8 redirects
8 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.theepochtimes.com
7 pixel.tapad.com 5 redirects us-u.openx.net
7 image2.pubmatic.com ads.pubmatic.com
7 sync.mathtag.com 7 redirects
7 dmx.districtm.io 1 redirects cdn.districtm.io
s.amazon-adsystem.com
7 pr-bh.ybp.yahoo.com 1 redirects u.openx.net
ssum-sec.casalemedia.com
ads.pubmatic.com
6 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 ups.analytics.yahoo.com 4 redirects us-u.openx.net
6 sync-tm.everesttech.net 6 redirects
6 www.google.com www.theepochtimes.com
tpc.googlesyndication.com
subs.youmaker.com
www.gstatic.com
www.google.com
5 pixel-sync.sitescout.com 5 redirects
5 idsync.rlcdn.com 2 redirects ads.pubmatic.com
us-u.openx.net
5 dsum.casalemedia.com ssum-sec.casalemedia.com
5 ce.lijit.com ap.lijit.com
5 secure.adnxs.com 5 redirects
5 ads.pubmatic.com s.amazon-adsystem.com
www.theepochtimes.com
ads.pubmatic.com
5 ad.turn.com 5 redirects
5 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
5 c.amazon-adsystem.com www.theepochtimes.com
c.amazon-adsystem.com
4 pubmatic-match.dotomi.com 4 redirects
4 io.narrative.io 2 redirects
4 visitor.fiftyt.com 4 redirects
4 auth.youmaker.com subs.youmaker.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 sync.ipredictive.com 4 redirects
4 rtb.openx.net 2 redirects us-u.openx.net
4 cdn.epoch.cloud subs.youmaker.com
4 js-sec.indexww.com www.theepochtimes.com
ssum-sec.casalemedia.com
4 services.epoch.cloud www.theepochtimes.com
subs.youmaker.com
4 pixel.advertising.com 4 redirects
4 token.rubiconproject.com 4 redirects
4 stat.media mixi.media
stat.media
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
www.theepochtimes.com
4 sb.scorecardresearch.com 2 redirects www.theepochtimes.com
4 ea.epochbase.com www.googletagmanager.com
www.theepochtimes.com
3 simage4.pubmatic.com ads.pubmatic.com
3 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
3 aa.agkn.com 1 redirects ads.pubmatic.com
3 odr.mookie1.com 3 redirects
3 id.rlcdn.com 2 redirects eus.rubiconproject.com
3 image4.pubmatic.com ads.pubmatic.com
3 image6.pubmatic.com ads.pubmatic.com
3 sync.1rx.io 3 redirects
3 cdn.districtm.io 1 redirects s.amazon-adsystem.com
cdn.districtm.io
3 um.simpli.fi 3 redirects
3 mixi.media www.theepochtimes.com
static.mixi.media
3 prebid.adnxs.com www.theepochtimes.com
3 www.googletagservices.com www.theepochtimes.com
securepubads.g.doubleclick.net
3 js.chargebee.com subs.youmaker.com
js.chargebee.com
3 fonts.gstatic.com www.theepochtimes.com
www.google.com
3 www.googletagmanager.com www.theepochtimes.com
www.googletagmanager.com
2 rtb.adentifi.com ads.pubmatic.com
2 aud.pubmatic.com
2 loada.exelator.com 2 redirects
2 match.deepintent.com ads.pubmatic.com
2 dis.criteo.com ads.pubmatic.com
2 sync.technoratimedia.com 2 redirects
2 stackpath.bootstrapcdn.com subs.youmaker.com
2 loadm.exelator.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 i.liadm.com 2 redirects
2 acdn.adnxs.com www.theepochtimes.com
2 www.facebook.com
2 connect.facebook.net www.theepochtimes.com
connect.facebook.net
2 static4.mixi.media www.theepochtimes.com
2 pippio.com 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 bttrack.com 2 redirects
2 ap.lijit.com 1 redirects s.amazon-adsystem.com
2 pixel.quantserve.com 1 redirects www.theepochtimes.com
2 c2shb.ssp.yahoo.com www.theepochtimes.com
2 epoch-times-d.openx.net www.theepochtimes.com
2 htlb.casalemedia.com www.theepochtimes.com
2 g2.gumgum.com www.theepochtimes.com
2 sc.youmaker.com www.theepochtimes.com
1 tags.bluekai.com
1 mwzeom.zeotap.com
1 spl.zeotap.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 bh.contextweb.com 1 redirects
1 cdnjs.cloudflare.com subs.youmaker.com
1 service.djywork.com subs.youmaker.com
1 cm.smadex.com 1 redirects
1 d.adroll.com 1 redirects
1 clientcdn.pushengage.com www.theepochtimes.com
1 a.remarketstats.com 1 redirects
1 static8.mixi.media www.theepochtimes.com
1 static7.mixi.media www.theepochtimes.com
1 static5.mixi.media www.theepochtimes.com
1 static3.mixi.media www.theepochtimes.com
1 static6.mixi.media www.theepochtimes.com
1 static2.mixi.media www.theepochtimes.com
1 static1.mixi.media www.theepochtimes.com
1 dmx.us-east-34.districtm.io s.amazon-adsystem.com
1 ums.acuityplatform.com 1 redirects
1 ads.yahoo.com eus.rubiconproject.com
1 tags.rd.linksynergy.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 data.adsrvr.org 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 target.mixi.media www.theepochtimes.com
1 static.mixi.media mixi.media
1 u.openx.net s.amazon-adsystem.com
1 s.ad.smaato.net s.amazon-adsystem.com
1 sync.go.sonobi.com 1 redirects
1 163ad3d3cef73823fb6ee7c8560a3ece.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.ca securepubads.g.doubleclick.net
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.theepochtimes.com
1 certify.alexametrics.com www.theepochtimes.com
1 www.google.ca www.theepochtimes.com
1 rules.quantcount.com secure.quantserve.com
1 stats.g.doubleclick.net www.google-analytics.com
1 d31qbv1cthcecs.cloudfront.net www.theepochtimes.com
1 secure.quantserve.com www.theepochtimes.com
1 www.youmaker.com www.theepochtimes.com
1 trk.sharelink.email 1 redirects
1 url9334.thenewsprovider.com 1 redirects
411 142
Subject Issuer Validity Valid
*.theepochtimes.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2022-06-01		 2 years crt.sh
*.youmaker.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2022-06-01		 2 years crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
js.chargebee.com
Amazon		 2021-05-13 -
2022-06-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.epochbase.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-17 -
2022-12-18		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2021-10-12 -
2022-11-10		 a year crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2020-03-29 -
2022-03-29		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
mixi.media
R3		 2021-12-15 -
2022-03-15		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
static.mixi.media
R3		 2021-11-30 -
2022-02-28		 3 months crt.sh
stat.media
R3		 2021-11-29 -
2022-02-27		 3 months crt.sh
target.mixi.media
R3		 2021-12-15 -
2022-03-15		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-03 -
2022-02-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.pushengage.com
Amazon		 2021-01-27 -
2022-02-24		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
service.djywork.com
R3		 2022-01-08 -
2022-04-08		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh

This page contains 50 frames:

Primary Page: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Frame ID: 5C8FEC17A4960E96F0D412A39B1AAA13
Requests: 170 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&dcc=t
Frame ID: 58F7DC988B5924F13879D6FEAA18CFE9
Requests: 1 HTTP requests in this frame

Frame: https://163ad3d3cef73823fb6ee7c8560a3ece.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8EB52CBEAFF7CD2D9E89AF67AF801D4C
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Frame ID: 00EE038F0A8FD8D8BCAEF6AE5059955B
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0VZICoIVRR9UhsSCC44-9QNPVtxCG5AHwjiagUul9bGwkZnByRX3C4FSeyuXpPvDmlfM8Vcot37hnEHtAEKeLtZYIKgarTIC2bG8kJxqGAWFTwv0FKiSM0cRZWNup1SjbXmVGsqSVAuR4bGSjThJfSWRdJumEFmuwsQf9fQOvGMVuxqITyvfQHq7QIoB0C6VehQfW1p5aZElaHPers5bEfZ7oTGk1E3suN-4Cz3l16XxxJecHuNEjzeGuvZd3ATZiJSWGyyIV8q1wo_pcvxHPQhsdMyZbdV3Cm50m63JfYWZj3tCQJEUUXrhdsdzfA3EKxWzem9wbX22DIn7pTo92m2Uz&sai=AMfl-YTV496uwGQboEuyfwyfRz-5Ib1rd6C6Zo-IDp62kIUUAJU2etbkLSlqdif8-W4NPQUgAPhuyaz7Ku0i3-h-NnqIgKuWCSMZGXwERHEreIIuHhRSRVgrnXb2ycqeOvo&sig=Cg0ArKJSzJe9ZVQsVzViEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 54D73DA053FF064D1DA426FBF0E8F193
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 93008C643E6822A496715512F0D11149
Requests: 9 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 2E0A3710BF5D85ECF79B7FC0ACAD3CBB
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=5777866265742787551&ex=districtm
Frame ID: 48D3FC770BFF44835379572B312305EA
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=2903322898862673848
Frame ID: 8B02AA01246CEE062CEBA9DE15C32EA9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Frame ID: 6F93A8DA8EA7DE67876294CCCBA485F0
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: E569D4C19B37C47E084A34A5B2B4B08C
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 19836F6AC4E0A878AC944246C0D0BB07
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 0D7BA77BBC02A66568717A7722E166A0
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=5777866265742787551&ex=appnexus.com
Frame ID: EA8784B4674B670881177A694A856475
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: A88C675F0EB1960A376FB770CF542842
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslk61N0KuE1niWCwlr9jcJeWMGyrKAGf7VKXHBrEHZpthdaBi4Tp4QcCqa2bK1eJRqS7c5Aw-HVJiGo_9klUkibFbQBsy-iYTxq2vJFoiK-5C4tW5XQ6Yb-4zTuPsuVTt1BRj5ROIqVD5xpEvIU2RKSOk2zf53Oi2--sQAQQlaDAkHAgvu1-Vc8D-3WasqsjBah_axP2XHTRiFanf1VW4ZPhwktWq3yP84SdyZXB0w4FGUtsOlNyScwBEjky6YJnRXRljrJf0fz5NvmWdyD37GzFj51z5D8VJaOXacvm77ee4_JHFqGldDJreDG1Nzsqx8QMp_c_M&sai=AMfl-YRxWCJsFdl-qxEIvCERfp1r5Wl-_OM04-HeAcsvEoIXQdsKQuEsxRsP9rfO9HahRvMfzPZOFkjrQ-RLIb6ABArpxrXOYtmWADqMMtpGGsVCJmgJBFm-1munajHTbv8&sig=Cg0ArKJSzKxKDa3CyPO-EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5D2BC72D07C5CA1ED2810BB9847CCF0E
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Frame ID: E1FBCA7AB29B967030F46EB8095FF0FD
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 54CFB6B9ECE75FB8748DB8AFA4F3A250
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
Frame ID: EDE62B0EEB50B900041D70E3F972477F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfAKxAABNO_fwQAy&gdpr=0&gdpr_consent=
Frame ID: 8D5F6CAFE8B052D252BE10DAB07C818A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&ex=pubmatic.com
Frame ID: 6A167AA24A1B2D987B9BE03151ABD271
Requests: 1 HTTP requests in this frame

Frame: https://subs.youmaker.com/template/show?tid=signin&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Frame ID: 59CEF0CB477407F7F34AF4912EDA09A8
Requests: 3 HTTP requests in this frame

Frame: https://subs.youmaker.com/template/show?tid=signin&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Frame ID: D4D3D3C8021AFC184DB3D2EDA6B6BA1B
Requests: 2 HTTP requests in this frame

Frame: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
Frame ID: 2ED450FAD3A666060A358813F83A74F3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FAE9D5EBE088BE7C5F40B4908645DF60
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 79E5B511EDA0D605B721F210DA866D7A
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F58292FB28A982CA4F1940D221661513
Requests: 13 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 95C17FE0F65C56B892013E4FBA3D21EA
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Frame ID: E3307755C7CEF94D22892925EDC40BF6
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 182789EC921BA38D6ECECF70E3A7DA0C
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Frame ID: 55C7EAA4588BBFC378480F2B16F84038
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 32D570D39F2B7845543914AAAC1B6892
Requests: 13 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8D976603A90828BFDECCAA2DB38B160E
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2AC9D5E5ACF6849A93E541DB973330AE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DC40D54294F18FCAFC2E34B78506D3AF
Requests: 2 HTTP requests in this frame

Frame: https://subs.youmaker.com/template/show?tid=6502e8a1-259e-4f71-8efa-fe8ba77cec38&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=InstaAccount%20Plus&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Frame ID: 8E249EAB2E605FF5A1802572F2D56564
Requests: 13 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=d21ca467-778c-4114-9040-756b0af16e31&cn=CA
Frame ID: 7716AB5A873B65E580292B4D89781571
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 8555A78461C130588550D168D2613EE2
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: AB7D590211DFF46C38D38C77C3160CC2
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcmJLkZAAAAAMziOnaFrJkOV4ClF_H8OvcqvlyE&co=aHR0cHM6Ly9zdWJzLnlvdW1ha2VyLmNvbTo0NDM.&hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=po9z8ymhlgcc
Frame ID: EC082A304B39B8AF561D5C33FF68B497
Requests: 8 HTTP requests in this frame

Frame: https://subs.youmaker.com/template/show?tid=user-info&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20User%20Info%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Frame ID: 3C14D81AC0A593EA3BA6E7C1E8D4C211
Requests: 13 HTTP requests in this frame

Frame: https://subs.youmaker.com/template/show?tid=3d34fba6-6f17-4d55-98cc-b7986e944a3c&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=InstaAccount%20Plus%20Sticky%20(copy)&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Frame ID: 59281F05C181C02F10C59F835CA08406
Requests: 6 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1dd561f0-0ac4-4e00-a579-6844ede89535&gdpr=0&gdpr_consent=
Frame ID: 6BED88BCE8A3702F7D54F188E1C1427C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABBR07D4BYAAEXIdhbVsw
Frame ID: A78A9FA1DEE6A28C5A28EC41F31C04E7
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: A2341F25DB2A611EE061C2A091D0CA4E
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: C1455B46615A128C7298975C548C6835
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1dd561f0-0ac4-4e00-a579-6844ede89535&gdpr=0&gdpr_consent=
Frame ID: 1225660DA893A05C5297FCED016A1DA7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABBR07D4BYAAEXIdhbVsw
Frame ID: 877DCBC286588D10AEF2016A6357D2A2
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 0BE19514810FA8F9559379524E1C57C2
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 45172B140BEFC07F9675AEBD55EF1F13
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1,200 Fake American Driver’s Licenses from Hong Kong Seized in Indiana

Page URL History Show full URLs

  1. http://url9334.thenewsprovider.com/ls/click?upn=0vDAPwGqck0IuJsyrwqTOt1wf90RZzgsX-2FjBraNGhK-2BQXVI2oBrBc2uCy4y... HTTP 302
    https://trk.sharelink.email/redirect/Y2FtaWxsZS5wYXBhbmVrQGNpYy5nYy5jYQ==/www.theepochtimes.com/1200-fak... HTTP 302
    https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • js\.chargebee\.com/v([\d.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • clientcdn\.pushengage\.\w+/core
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

411
Requests

77 %
HTTPS

26 %
IPv6

85
Domains

142
Subdomains

84
IPs

8
Countries

7127 kB
Transfer

10313 kB
Size

172
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://url9334.thenewsprovider.com/ls/click?upn=0vDAPwGqck0IuJsyrwqTOt1wf90RZzgsX-2FjBraNGhK-2BQXVI2oBrBc2uCy4y-2FtPiPLzcmDBTnyXTEQOQ4IfjAtSIkVY0wVWEgsT-2FeKzmqYNcenQ5-2F4Wd0kXB-2F9muYQnRjSEwEfua6nHim5cq0s3InABRcc0SdoRNBNntBpQggKr571yoOxUx1TPJYp8KaNDk3AzlC8DBJxCaJ0RRy2lzd1AhiiUc1RjBgFqCgXT8soVM66hZUxdIUrdVsh-2B3H0l-2FehusL158FdORLQhQGngGIv8qL2F6M3vb2ctg1ADHCSpC9DmTTniMLsRXgmfyFOLqfJIjsq5z31mofdfTB3-2FeQWK7UfPz9MMBEYWvVU3J0Um2LJIKuwe4z34t3f-2BiR09OcS6pw0ymFSkBLxxSOuS5vDiPb-2BdsrYrLGsA7bS5-2B8zPq9Tu3YSGdES3bQJiiDzN3uvuHezLuBW2x6L6cspCMtzC4y-2B-2FJIyVczK9s2eohs6f-2FBEOKZxbUoEhTrGaEdE4zHPQCpK5r9DJ9buBirgHhcsiT7wzoGb-2B9HlUB6-2BkjkOrEezN6pBolosknJ-2BQJY8SkoQaTZ_-2FKzr9JiAfWfvOJHE2oetfDWgOZoNZ6ia1TAq-2FGM4ODnuZb2gWbkzaKcOl2k83nMhN5FuouDLy2vdQAwEEnRj0ZOnbW6-2BPpuImHiB61X-2BOHnqRccfTG7abcJml8ntXDJPhaJ0DKGlUjPvJOKB9U-2BAQS68zLFGalBnjhnKMi61h6Ka-2FY9CRpa0Ayei1nqj1SlAz-2FMbKXDGa6KfluoJ-2FsETsEGBRiZwtQlLyZyV9yi-2BaCx-2FkEtFHM7XmSg7ZxJtAVQrNObFJkm1Umc2kYB4PWyzybBta8YyVOa4t4iqJax6w5o-3D HTTP 302
    https://trk.sharelink.email/redirect/Y2FtaWxsZS5wYXBhbmVrQGNpYy5nYy5jYQ==/www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek@cic.gc.ca&__meta[email]=camille.papanek@cic.gc.ca&__meta[id]=vUUAJzZpLk&__meta[pid]=EO&__meta[list_id]=PoYfsMvFyO HTTP 302
    https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1643121347151&ns_c=UTF-8&c8=1%2C200%20Fake%20American%20Driver%E2%80%99s%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana&c7=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1643121347151&ns_c=UTF-8&c8=1%2C200%20Fake%20American%20Driver%E2%80%99s%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana&c7=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&c9=
Request Chain 101
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=KYU80Y06-1O-9ZO6
Request Chain 102
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&dcc=t
Request Chain 107
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26consent_string%3D%26gdpr%3D%26uid%3D%5BUID%5D HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=sonobi&consent_string=&gdpr=&uid=fe8d767e-3086-4e45-b815-594394f30980
Request Chain 114
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=B22330297A8044C9BDB050E0BAF9B9E8&ex=simpli.fi&status=ok
Request Chain 115
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 117
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=5777866265742787551&ex=districtm
Request Chain 118
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=2903322898862673848
Request Chain 119
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D HTTP 301
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Request Chain 123
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=5777866265742787551&ex=appnexus.com
Request Chain 124
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 133
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YfAKxAABNO_fwQAy HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YfAKxAABNO_fwQAy&_test=YfAKxAABNO_fwQAy
Request Chain 135
  • https://match.adsrvr.org/track/cmf/openx?oxid=a5faecf3-3f76-7f4d-f3f3-20a5b0848dc8&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=a5faecf3-3f76-7f4d-f3f3-20a5b0848dc8&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=068d0648-e8ef-420b-97fe-f96435b39fb6&ttd_puid=a5faecf3-3f76-7f4d-f3f3-20a5b0848dc8
Request Chain 137
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFNeq9KemMylBVbayhCjngE&google_cver=1
Request Chain 144
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=068d0648-e8ef-420b-97fe-f96435b39fb6&gdpr=0&gdpr_consent=
Request Chain 145
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=5777866265742787551
Request Chain 146
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=15 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-dd2d9c16-e875-4ba2-5cde-25c9a247245a$ip$149.56.153.186
Request Chain 147
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=60e7e5db-e273-4b92-8528-1498ffb8f6f1
Request Chain 149
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AABBR07D4BYAAEXIdhbVsw&gdpr=0
Request Chain 150
  • https://um.simpli.fi/lj_match?r=1643121347998&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=B22330297A8044C9BDB050E0BAF9B9E8
Request Chain 151
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=5777866265742787551&gdpr=0&gdpr_consent=
Request Chain 152
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=068d0648-e8ef-420b-97fe-f96435b39fb6&gdpr=0&gdpr_consent=
Request Chain 153
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1643121348354 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8893284062 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/068d0648-e8ef-420b-97fe-f96435b39fb6 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-faeab479-548a-4f19-88a9-06ef1608f6ed-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-faeab479-548a-4f19-88a9-06ef1608f6ed-005 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=RX-faeab479-548a-4f19-88a9-06ef1608f6ed-005
Request Chain 155
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=068d0648-e8ef-420b-97fe-f96435b39fb6&expiration=1645713348&gdpr=0&gdpr_consent=
Request Chain 157
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YfAKw803CFEzQ5mRasth1wAAAhcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAVdjlSebDP_zJ2b4PN4l4U&google_cver=1
Request Chain 158
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YfAKw803CFEzQ5mRasth1wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOmViyQi03SDhYaPx8H6DX4&google_cver=1
Request Chain 159
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=33a683bb-301d-4dfb-934b-06f4541fae34
Request Chain 160
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5777866265742787551
Request Chain 161
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=72ff1f5ace111235&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGeQIdTyv0VgM4SB6EAAAAAAA&expiration=1643207748&is_secure=true
Request Chain 164
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 165
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KYU80Y06-1O-9ZO6 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=KYU80Y06-1O-9ZO6&ex=d-rubiconproject.com&status=ok
Request Chain 167
  • https://c1.adform.net/serving/cookie/match?party=14&cid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
Request Chain 168
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfAKxAABNO_fwQAy&gdpr=0&gdpr_consent=
Request Chain 170
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=q75PV8xsTEyzzhXPm2wD8A%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 171
  • https://idsync.rlcdn.com/420486.gif?partner_uid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEFCQkU0RjU3LUNDNkMtNEM0Qy1CM0NFLTE1Q0Y5QjZDMDNGMBAAGg0IxJXAjwYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=1797ff090cc9e0c3fec599bef2fe1e0347b6f5da0a4a9421d439c2090984e5ec791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAxNzk3ZmYwOTBjYzllMGMzZmVjNTk5YmVmMmZlMWUwMzQ3YjZmNWRhMGE0YTk0MjFkNDM5YzIwOTA5ODRlNWVjNzkxNDI2YjU0MTdkY2UyMRAAGgwIxJXAjwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAxNzk3ZmYwOTBjYzllMGMzZmVjNTk5YmVmMmZlMWUwMzQ3YjZmNWRhMGE0YTk0MjFkNDM5YzIwOTA5ODRlNWVjNzkxNDI2YjU0MTdkY2UyMRAAGgwIxJXAjwYSBAgCEABCAEoA&google_gid=CAESEMC9v7djfjx8ZYGUMW7j7_U&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=bcfdcd57-efcc-4c6b-a848-bbd2d01da066
Request Chain 172
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2dac61f0-0ac4-4b00-addd-4e96bfeb78fa
Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUJCRTRGNTctQ0M2Qy00QzRDLUIzQ0UtMTVDRjlCNkMwM0Yw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 174
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC8l9gPvGLY13KCg1YPLJ1E&google_cver=1
Request Chain 175
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B22330297A8044C9BDB050E0BAF9B9E8
Request Chain 176
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9172333580162404280&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 177
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=068d0648-e8ef-420b-97fe-f96435b39fb6
Request Chain 178
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzA0Y2ZkODhiZGNkNjk0OThiNjA2ODM0MDA2YmYxNWZlZDYwNmNiMA
Request Chain 179
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1dd561f0-0ac4-4e00-a579-6844ede89535
Request Chain 180
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lVODBZMDYtMU8tOVpPNg==
Request Chain 181
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/fBZkzrd-G_t7FIKWg9sbe8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4179027087190984429
Request Chain 182
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYU80Y06-1O-9ZO6&sigv=1&esig=2~5a89622f3cc366c1f6563b0ac426ca88e49d77c5
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKUDmXflIhcQgW2HlGx9NoY&google_cver=1
Request Chain 185
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfAKxAABNO_fwQAy
Request Chain 186
  • https://match.sharethrough.com/1PQ8qgv7/v1/ HTTP 302
  • https://dmx.districtm.io/s/10059/c18073f8-cbe4-459f-adf5-002ca6e99b53
Request Chain 187
  • https://ums.acuityplatform.com/tum?umid=137&rurl=https%3A%2F%2Fdmx.districtm.io%2Fs%2F10022%2F___AUID___ HTTP 302
  • https://dmx.districtm.io/s/10022/642510547937
Request Chain 188
  • https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-34.districtm.io/s/10016/$%7BTM_USER_ID%7D HTTP 302
  • https://dmx.us-east-34.districtm.io/s/10016/YfAKxAABNO_fwQAy
Request Chain 189
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP167c6eb3-7dec-11ec-81cf-0ac457200283 HTTP 302
  • https://dmx.districtm.io/s/10051/y-.jG4huZE2uEIbZX8K3jfPlUKy4ZcVX.z~A~UP167c6eb3-7dec-11ec-81cf-0ac457200283
Request Chain 190
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=24C4goFBnZGfevlsFK4aHMHDJ05 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=districtm&user_id=24C4goFBnZGfevlsFK4aHMHDJ05 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f4877bed-f4bd-400b-a2f2-0cadc535107e&ssp=districtm&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10596829188241621043&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Ddistrictm%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10596829188241621043&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Ddistrictm%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=576bd1b0-8af1-4421-9592-52cce04a3e47&ssp=districtm&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=163850504042006528580&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10596829188241621043&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Request Chain 208
  • https://dmx.districtm.io/s/v1/users/10002 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUkROR2R2UmtKdVdrZG1aWFpzYzBaTE5HRklUVWhFU2pBMSJ9.Zrb4NxObcNEmMk7UFe_up-LXQeuKaL3xLopPbFMV_5u8v-FJ8V29ii6rrGwmpiuNm3zlXzk60Htx5qo-g7uxWQ
Request Chain 215
  • https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html HTTP 302
  • https://a.clickcertain.com/px/smart/a/?c=244b81b94c69796&seg=1200%2dfake%2damerican%2ddrivers%2dlicenses%2dfrom%2dhong%2dkong%2dseized%2din%2dindiana_4233039%2ehtml HTTP 302
  • https://a.clickcertain.com/px/?c=244b81b94c69796
Request Chain 216
  • https://sb.scorecardresearch.com/c2/24003086/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 262
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=eqxmz5bwxmMVh2wSY523cg==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 263
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=1dd561f0-0ac4-4e00-a579-6844ede89535
Request Chain 264
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=1773039e-7dec-11ec-8eae-b573dd4f8469
Request Chain 265
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&gdpr=0&gdpr_consent=
Request Chain 267
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=8b3e6f7a-e71c-4504-a0d4-e1af272779a1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=8b3e6f7a-e71c-4504-a0d4-e1af272779a1&apid=UP167c6eb3-7dec-11ec-81cf-0ac457200283
Request Chain 268
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=f03c9395-f231-492d-ac8a-a056891fec10 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f03c9395-f231-492d-ac8a-a056891fec10
Request Chain 269
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=5777866265742787551
Request Chain 271
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=9172333580162404280&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 273
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=eqxmz5bwxmMVh2wSY523cg==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 274
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=1dd561f0-0ac4-4e00-a579-6844ede89535
Request Chain 275
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=1774d832-7dec-11ec-84bb-535f241a7d24
Request Chain 276
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&gdpr=0&gdpr_consent=
Request Chain 278
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=8b3e6f7a-e71c-4504-a0d4-e1af272779a1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=8b3e6f7a-e71c-4504-a0d4-e1af272779a1&apid=UP167c6eb3-7dec-11ec-81cf-0ac457200283
Request Chain 279
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=f03c9395-f231-492d-ac8a-a056891fec10 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEK8YvJ4pbhaiiZl0fyQPPz4&google_cver=1
Request Chain 280
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=5777866265742787551
Request Chain 282
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=9172333580162404280&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 297
  • https://a.clickcertain.com/px/ta/?ccid=d21ca467-778c-4114-9040-756b0af16e31 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=d21ca467-778c-4114-9040-756b0af16e31&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=576bd1b0-8af1-4421-9592-52cce04a3e47%252Chttps%253A%252F%252Fa.clickcertain.com%252Fpx%252Fta%252F%253Fdone%253Dtrue%2526ta_id%253D576bd1b0-8af1-4421-9592-52cce04a3e47&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=068d0648-e8ef-420b-97fe-f96435b39fb6&ttd_puid=576bd1b0-8af1-4421-9592-52cce04a3e47%2Chttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fta%2F%3Fdone%3Dtrue%26ta_id%3D576bd1b0-8af1-4421-9592-52cce04a3e47 HTTP 302
  • https://a.clickcertain.com/px/ta/?done=true&ta_id=576bd1b0-8af1-4421-9592-52cce04a3e47
Request Chain 298
  • https://a.clickcertain.com/px/r/?ccid=d21ca467-778c-4114-9040-756b0af16e31 HTTP 302
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=d21ca467-778c-4114-9040-756b0af16e31&ccid=d21ca467-778c-4114-9040-756b0af16e31&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dd21ca467%25252d778c%25252d4114%25252d9040%25252d756b0af16e31%252526anx_uId%25253d%252524UID HTTP 303
  • https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dd21ca467%25252d778c%25252d4114%25252d9040%25252d756b0af16e31%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=d21ca467-778c-4114-9040-756b0af16e31&_li_chk=true&ccid=d21ca467-778c-4114-9040-756b0af16e31&previous_uuid=bcbab6e2c1da4d9dadb358751996d1f4 HTTP 303
  • https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253dd21ca467%252d778c%252d4114%252d9040%252d756b0af16e31%2526anx_uId%253d%2524UID&ccid=d21ca467-778c-4114-9040-756b0af16e31 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3dd21ca467%2d778c%2d4114%2d9040%2d756b0af16e31%26anx_uId%3d%24UID HTTP 302
  • https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dd21ca467%2D778c%2D4114%2D9040%2D756b0af16e31%26anx_uId%3D%24UID&google_gid=CAESEIY_0XsR-RXf_EWOlgYTnuY&google_cver=1 HTTP 302
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=d21ca467-778c-4114-9040-756b0af16e31&anx_uId=$UID HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=d21ca467-778c-4114-9040-756b0af16e31&anx_uId=5777866265742787551 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=d21ca467-778c-4114-9040-756b0af16e31&expires=5&user_group=0
Request Chain 299
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5777866265742787551
Request Chain 301
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9172333580162404280
Request Chain 302
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1dd561f0-0ac4-4e00-a579-6844ede89535
Request Chain 303
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=7DODBepjhgb3NYRWvmDIBe4x0wX3YNYG6meTbTs7
Request Chain 304
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YfAKw803CFEzQ5mRasth1wAA%26535?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YfAKw803CFEzQ5mRasth1wAA%26535?gdpr_consent=&us_privacy=&gdpr=
Request Chain 305
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=f4877bed-f4bd-400b-a2f2-0cadc535107e HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=f4877bed-f4bd-400b-a2f2-0cadc535107e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=66fbb369-9ed8-47f3-8e94-0120bf627a3e&ssp=index&expires=30&user_group=5&bsw_param=f4877bed-f4bd-400b-a2f2-0cadc535107e HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f4877bed-f4bd-400b-a2f2-0cadc535107e
Request Chain 306
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YfAKxAABNO_fwQAy
Request Chain 310
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5777866265742787551
Request Chain 312
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABBR07D4BYAAEXIdhbVsw&expiration=1644330950
Request Chain 313
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YfAKw803CFEzQ5mRasth1wAAAhcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YfAKw803CFEzQ5mRasth1wAAAhcAAAIB
Request Chain 314
  • https://d.adroll.com/cm/index/ssp HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 316
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=index&bds_param=f4877bed-f4bd-400b-a2f2-0cadc535107e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=579626ed-eb30-45a5-9078-f05f5c983d57&expires=10&ssp=index&bsw_param=f4877bed-f4bd-400b-a2f2-0cadc535107e HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f4877bed-f4bd-400b-a2f2-0cadc535107e
Request Chain 317
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341%26partner_url%3Dhttps%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341%2526expiration%253D1645713350 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341%26partner_url%3Dhttps%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341%2526expiration%253D1645713350&xl8blockcheck=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341%26expiration%3D1645713350 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&expiration=1645713350
Request Chain 384
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1dd561f0-0ac4-4e00-a579-6844ede89535&gdpr=0&gdpr_consent=
Request Chain 385
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCQlIwN0Q0QllBQUVYSWRoYlZzdw&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABBR07D4BYAAEXIdhbVsw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABBR07D4BYAAEXIdhbVsw&pid=558502&do=add HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABBR07D4BYAAEXIdhbVsw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABBR07D4BYAAEXIdhbVsw
Request Chain 388
  • https://pixel.onaudience.com/?partner=214&mapped=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=d5ed9a8bff9a8eb8a73ebe98be9e38b8 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=e62266c8f906ca76433ca81f92d483fd HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=068d0648-e8ef-420b-97fe-f96435b39fb6&icm HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=252&mapped=y-rgGHZfZE2pSNWuf3ytlMz87uupMMWsu.UQ--~A&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=8be217bcde5f5b62 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8cbe2115-82a8-4ae2-5b47-cf58e3b044ad&reqId=55cdea85-b8f5-41c0-4d68-0d3791552deb&zcluid=8be217bcde5f5b62&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAgJ9E4G-dNI2VcPrihEUnw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8cbe2115-82a8-4ae2-5b47-cf58e3b044ad&reqId=55cdea85-b8f5-41c0-4d68-0d3791552deb&zcluid=8be217bcde5f5b62&zdid=1332
Request Chain 389
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&addseg=10,33,39
Request Chain 391
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=19426be0-7dec-11ec-b070-0a4515f2e365&companyId=673&id=pubmatic_id:ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
Request Chain 393
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_eMKGaJE2uUgEqNfbc6fKA62Yl9QfyY-~A&gdpr=0&gdpr_consent=
Request Chain 394
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5777866265742787551&gdpr=0&gdpr_consent=
Request Chain 395
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1774d832-7dec-11ec-84bb-535f241a7d24&gdpr=0&gdpr_consent=
Request Chain 397
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=572ca787ef091237&is_secure=true&networkId=17100&version=1&nuid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGeKcqG5PYhANgmrrlAAAAAAA&expiration=1643207753&nuid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 398
  • https://pixel.onaudience.com/?partner=214&mapped=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=d5ed9a8bff9a8eb8a73ebe98be9e38b8 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=4a63207fa5d2011e
Request Chain 399
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&addseg=10,33,39
Request Chain 401
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=19432f30-7dec-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
Request Chain 402
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1dd561f0-0ac4-4e00-a579-6844ede89535&gdpr=0&gdpr_consent=
Request Chain 404
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_eMKGaJE2uUgEqNfbc6fKA62Yl9QfyY-~A&gdpr=0&gdpr_consent=
Request Chain 405
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABBR07D4BYAAEXIdhbVsw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp,sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABBR07D4BYAAEXIdhbVsw
Request Chain 407
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5777866265742787551&gdpr=0&gdpr_consent=
Request Chain 408
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1774d832-7dec-11ec-84bb-535f241a7d24&gdpr=0&gdpr_consent=
Request Chain 410
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5bd1a25942e51235&is_secure=true&networkId=17100&version=1&nuid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGd_FD_oxULAMFNEb0AAAAAAA&expiration=1643207753&nuid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&is_secure=true&gdpr_consent=&gdpr=0

411 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html
www.theepochtimes.com/
Redirect Chain
  • http://url9334.thenewsprovider.com/ls/click?upn=0vDAPwGqck0IuJsyrwqTOt1wf90RZzgsX-2FjBraNGhK-2BQXVI2oBrBc2uCy4y-2FtPiPLzcmDBTnyXTEQOQ4IfjAtSIkVY0wVWEgsT-2FeKzmqYNcenQ5-2F4Wd0kXB-2F9muYQnRjSEwEfua6n...
  • https://trk.sharelink.email/redirect/Y2FtaWxsZS5wYXBhbmVrQGNpYy5nYy5jYQ==/www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&...
  • https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm...
54 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
53e27c0582b14ea503859df9f06237da3e1612358dcf59aa96f592d7ddb3a649
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
accept-ranges
bytes
cache-control
max-age=600
content-encoding
gzip
content-type
text/html; charset=UTF-8
x-hw
1643121346.cds061.dc2.hn,1643121346.cds009.dc2.sc,1643121346.cds009.dc2.p
server
nginx
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-device
desktop
x-cache-status
MISS

Redirect headers

x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
access-control-allow-origin
*
allow
GET,POST,PATCH,PUT,DELETE
location
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
vary
Accept, Accept-Encoding
content-type
text/html; charset=utf-8
content-length
666
date
Tue, 25 Jan 2022 14:35:46 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
template.css
subs.youmaker.com/lib/ 		8 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/lib/template.css?ver=20200716
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2175730887f2860b1352661d0c04d24ca087d75a4423be44aad5012344c9e70c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
via
1.1 google
last-modified
Mon, Jan 24 2022 15:10:08 GMT
server
nginx/1.20.1
content-type
text/css; charset=utf-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
8659
single-merge.min.css
www.theepochtimes.com/assets/themes/eet/css/ 		105 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
d640124fbc5a916f391cb5e878ee4da7d83945e35f1fa10f1414756a671d58ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 14 Jan 2022 22:26:22 GMT
server
nginx
x-microcachable
0
etag
W/"61e1f88e-1a492"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds094.dc2.c
content-type
text/css
cache-control
max-age=1800
content-length
44334
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
slick.css
www.theepochtimes.com/assets/themes/eet/css/ 		2 KB
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/css/slick.css?ver=20170224
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5f2c630eac683a05568f1ee415d990cc19cab5335b20d43dc89a808cc6a2b18d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Sep 2017 20:15:25 GMT
server
nginx
x-microcachable
0
etag
W/"59bae35d-69d"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds055.dc2.c
content-type
text/css
cache-control
max-age=1800
content-length
569
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
c7360a9b46fde11845b3090ca0034fb409d92398a71f3ae15fac3a2fa29ae6cc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 20:40:01 GMT
content-encoding
gzip
age
64544
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
1P82GB3D3B5865XXN4X4
etag
a89a0f9aa62d9c46ee287cd1f0b6423d
vary
Accept-Encoding
x-amz-version-id
GzCVpXkwVbKPnWWiNgpDCABi9Jbs4BMI
via
1.1 9dcf1f784090d97aac2d38aa49e628e2.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
tVUBQmimO6DQRSgoeN0d2yDoHMNGDD_7bjDKVvua__O6_5Lw9K7NfA==
prebid.js
www.theepochtimes.com/assets/themes/eet/js/ 		290 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
6165bc0b09f74c0b44ce163f3d7e87ab0b6be6f5f9299762cc98aed634c0eea3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 23:01:12 GMT
server
nginx
etag
W/"60494fb8-48619"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds179.dc2.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
109413
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0c7155e64271313ec192a2fa8ba4b2ab8ad3928c4c3c99e1f6f2f0d7ca0103f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62321
x-xss-protection
0
expires
Tue, 25 Jan 2022 14:35:46 GMT
logo_eet.svg
www.theepochtimes.com/assets/themes/eet/images/ 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/logo_eet.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
867f5a29853ddd710b7c6485ff7c0f294d6dde33817c68e84535fb68572ffe8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Aug 2018 21:43:01 GMT
server
nginx
etag
"5b807be5-3f5c"
x-cache-status
MISS
x-hw
1643121346.cds061.dc2.hn,1643121346.cds168.dc2.c
content-type
image/svg+xml
cache-control
max-age=315360000
content-length
5932
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
logo_vertical.png
www.theepochtimes.com/assets/themes/eet/images/ 		939 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/logo_vertical.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
9248ef5db07daf1037b001b1ea7ffdba722f041064f30555795fdb12a4dcf1b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Oct 2021 17:21:44 GMT
server
nginx
x-microcachable
0
etag
"617adc28-3ab"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds088.dc2.c
content-type
image/png
cache-control
max-age=315360000
content-length
939
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
ny-testing-site-1200x800-300x180.jpg
img.theepochtimes.com/assets/uploads/2022/01/20/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/01/20/ny-testing-site-1200x800-300x180.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
cc4a24343453dade693425b91011387b5fd283d8ebee5618ed2b45994bfc4324

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Thu, 20 Jan 2022 14:39:13 GMT
server
nginx
etag
"61e97411-a302"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds045.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
41730
Crowd-gathers-at-Lincoln-Memorial-for-the-Defeat-the-Mandates-rally-6-300x180.jpg
img.theepochtimes.com/assets/uploads/2022/01/23/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/01/23/Crowd-gathers-at-Lincoln-Memorial-for-the-Defeat-the-Mandates-rally-6-300x180.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
9497fc65b292e54f32dd938045eb47c215ad2d18d340a7b951507cd78847230d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Sun, 23 Jan 2022 19:15:38 GMT
server
nginx
etag
"61eda95a-3cf2"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds082.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15602
Ruby-Princess-in-the-waters-of-Manila-Bay-1200x800-300x180.jpg
img.theepochtimes.com/assets/uploads/2022/01/25/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/01/25/Ruby-Princess-in-the-waters-of-Manila-Bay-1200x800-300x180.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f111c56dca71d8cd8a56558a01e25405ebb715ee51460296ace34cf362fa7e58

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Tue, 25 Jan 2022 13:18:10 GMT
server
nginx
etag
"61eff892-7619"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds090.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30233
GettyImages-74938063-ssdasdasd-700x420.jpg
img.theepochtimes.com/assets/uploads/2022/01/24/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/01/24/GettyImages-74938063-ssdasdasd-700x420.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
29245cf4444bae6a40ce773c4e90fa12d5fae5064af12c8879679822c0b9677f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Mon, 24 Jan 2022 20:06:43 GMT
server
nginx
etag
"61ef06d3-16c2b"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds191.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
93227
Jack-Phillips.jpg
img.theepochtimes.com/assets/uploads/2019/06/13/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2019/06/13/Jack-Phillips.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
7522e73eed19718737730ddbbf027080615b679be449ac1fd0728c45d9fe9c67

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Thu, 13 Jun 2019 15:14:10 GMT
server
nginx
etag
"5d026842-19c2"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds045.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6594
white.png
www.theepochtimes.com/assets/themes/eet/images/ 		95 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/white.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Sep 2017 20:15:25 GMT
server
nginx
etag
"59bae35d-5f"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds208.dc2.c
content-type
image/png
cache-control
max-age=315360000
content-length
95
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
EpochTV_Gold_Home.png
www.theepochtimes.com/assets/themes/eet/images/premium/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/premium/EpochTV_Gold_Home.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
7e26854636676991f1d950121ab8e5e484ede7d67dc896dd2d6a9d4d607d8e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 14:55:20 GMT
server
nginx
etag
"607853d8-5c01"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds190.dc2.c
content-type
image/png
cache-control
max-age=315360000
content-length
23553
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
ATL.jpg
img.theepochtimes.com/assets/uploads/2021/04/28/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/04/28/ATL.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
3141a74d2f7f0278ee1196c2dfeb013807d737c3adc0eeecaaca36495a76bc63

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Wed, 28 Apr 2021 19:37:31 GMT
server
nginx
etag
"6089b97b-162a8"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds083.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
90792
Surname_update_600x1200-1.jpg
img.theepochtimes.com/assets/uploads/2021/07/02/ 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/07/02/Surname_update_600x1200-1.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
fb957c9ca9d9aef155343aa1f0d4c6e4f47e722932a48e5a85048e4f7492b51b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Fri, 02 Jul 2021 15:25:57 GMT
server
nginx
etag
"60df3005-37626"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds005.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
226854
fm-oold.jpg
img.theepochtimes.com/assets/uploads/2021/04/28/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/04/28/fm-oold.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
503f24dc990e977e49bba6e6bd5f531369ed113dee1f5709bbfcafdf218cd564

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Wed, 28 Apr 2021 19:37:35 GMT
server
nginx
etag
"6089b97f-12c75"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds187.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
76917
AmericanCrossroads_HomePoster_BW_600x1200.jpg
img.theepochtimes.com/assets/uploads/2021/09/10/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/09/10/AmericanCrossroads_HomePoster_BW_600x1200.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
9f4440116c1058bd77df3d46c84e0e807731b5302cda5c190dfd233e8de516a5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Fri, 10 Sep 2021 15:20:17 GMT
server
nginx
etag
"613b77b1-18679"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds204.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
99961
larry-440x880.jpeg
img.theepochtimes.com/assets/uploads/2021/05/26/ 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/05/26/larry-440x880.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
1ad886d5daed57a89ccce0cb2d34b21c2ff6cc109a8e2ed40635516d939c0456

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Wed, 26 May 2021 17:34:55 GMT
server
nginx
etag
"60ae86bf-2bc03"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds041.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
179203
CR-Jan-16-600x338.jpg
img.theepochtimes.com/assets/uploads/2022/01/17/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/01/17/CR-Jan-16-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
90f8bcb4f8f636d81651fff2070a14e8edd24a36b5ebf6ddaec4cccd86d23f99

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Mon, 17 Jan 2022 02:43:36 GMT
server
nginx
etag
"61e4d7d8-a5f5"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds192.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
42485
CR-Jan-21-600x338.jpg
img.theepochtimes.com/assets/uploads/2022/01/22/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/01/22/CR-Jan-21-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
42a36d658f3e81dafa362584d85f18e498a807e28ade7d246f748d6e00033490

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Sat, 22 Jan 2022 00:42:54 GMT
server
nginx
etag
"61eb530e-99cd"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds192.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
39373
Sharyl-Attkisson-updated-nnnnnn-600x338.jpg
img.theepochtimes.com/assets/uploads/2022/01/20/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/01/20/Sharyl-Attkisson-updated-nnnnnn-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
744737619718dfd26556ef57c89ed6dce918dec58a95cba9e81c8596c383c016

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Thu, 20 Jan 2022 17:16:31 GMT
server
nginx
etag
"61e998ef-edc3"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds001.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
60867
Leaked-Fauci-Financials-Expose-How-He-Profited-From-Pandemic-Invested-in-Chinese-Companies-600x338.png
img.theepochtimes.com/assets/uploads/2022/01/19/ 		291 KB
292 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/01/19/Leaked-Fauci-Financials-Expose-How-He-Profited-From-Pandemic-Invested-in-Chinese-Companies-600x338.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5a7d04c17380fd90e3a151c2fc86abbc511315602131ddbad36e2cfe19e16be2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Wed, 19 Jan 2022 01:36:38 GMT
server
nginx
etag
"61e76b26-48d90"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds031.dc2.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
298384
Walter-Kirn-TNTNTN-600x338.jpg
img.theepochtimes.com/assets/uploads/2022/01/22/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/01/22/Walter-Kirn-TNTNTN-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
05fbb80397868ff4785505e77d654b5aef5e4fa5ddffbfc6b6af49ec02f29967

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Sun, 23 Jan 2022 00:30:49 GMT
server
nginx
etag
"61eca1b9-103c9"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds002.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
66505
1-600x338.jpeg
img.theepochtimes.com/assets/uploads/2022/01/18/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/01/18/1-600x338.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
72c422538317d07ee3db85b7228df2caae94ef74575548415c9a82c039e8521a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Tue, 18 Jan 2022 23:16:52 GMT
server
nginx
etag
"61e74a64-badb"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds068.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
47835
Thomas-Harrington-TNTNTN-600x338.jpg
img.theepochtimes.com/assets/uploads/2022/01/20/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/01/20/Thomas-Harrington-TNTNTN-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
012008122e40c3630be1e4d197774128008e2900a5b8c225af61645166a5417d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Fri, 21 Jan 2022 00:20:20 GMT
server
nginx
etag
"61e9fc44-c84d"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds175.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
51277
Bethany-Mandel-FINAL-600x338.jpg
img.theepochtimes.com/assets/uploads/2022/01/15/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/01/15/Bethany-Mandel-FINAL-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
7b39e3eb65c88e981b8c0bc61a178170b86e379d7b1352a26b3715061a376cc1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Sun, 16 Jan 2022 00:20:25 GMT
server
nginx
etag
"61e364c9-12599"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds168.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
75161
CC-Jan-23-SQ-600x338.jpeg
img.theepochtimes.com/assets/uploads/2022/01/23/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/01/23/CC-Jan-23-SQ-600x338.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
6dbc3ef5fce61dc527014036064c57d9b689feba149d0702d2266493bec48dd6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Mon, 24 Jan 2022 00:02:22 GMT
server
nginx
etag
"61edec8e-c136"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds189.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
49462
CIF0118WEB_v1-600x338.jpg
img.theepochtimes.com/assets/uploads/2022/01/19/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/01/19/CIF0118WEB_v1-600x338.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
e7b362f3c21e01a037dcf460a48574584284b724727b887ddd0845eeda2c5dd9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Wed, 19 Jan 2022 15:54:39 GMT
server
nginx
etag
"61e8343f-108cd"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds057.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
67789
EET_footer.png
www.theepochtimes.com/assets/themes/eet/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/EET_footer.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
38f915335fe629f2736910592b999a5cc13138f931118f5d67026b072c37d6b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 22 Aug 2018 19:13:08 GMT
server
nginx
etag
"5b7db5c4-1d36"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds091.dc2.c
content-type
image/png
cache-control
max-age=1800
content-length
7478
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
jquery-all.min.js
www.theepochtimes.com/assets/themes/eet/js/ 		98 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
25cad5d9e016ff8fc766034922a6ec515d37461b4ae089bd58d5ac964b85f247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Nov 2021 15:48:53 GMT
server
nginx
x-microcachable
0
etag
W/"618d3b65-188fe"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds044.dc2.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
40721
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
bottom.min.js
www.theepochtimes.com/assets/themes/eet/js/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/bottom.min.js?ver=20220124
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
6545d11bfc11d99e07568ae19dfa405b5356e4ccafa9553bc764a7cb35685247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 25 Jan 2022 14:33:44 GMT
server
nginx
x-microcachable
0
etag
W/"61f00a48-16a5d"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds051.dc2.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
29091
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
api.bundle.js
subs.youmaker.com/lib/ 		240 KB
240 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
8470e402e199aa8900f6790a3f009342fa473487270699025d9ffc03eb681a47

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
via
1.1 google
last-modified
Mon, Jan 24 2022 15:10:08 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
245558
remark.min.js
www.theepochtimes.com/assets/themes/eet/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/remark.min.js?ver=20211118
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
6e9f4b8e81c33a622095b626423f95e59b69982a489d0e3715f2b72689cc12e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 03 Jan 2022 22:26:03 GMT
server
nginx
etag
W/"61d377fb-17c2"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds034.dc2.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
2034
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
slick.js
www.theepochtimes.com/assets/themes/eet/js/ 		82 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/slick.js?ver=20170324
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
430f384b0fc496d9650c747cca458a7eae062530c718aa7a896d99031fbbae8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Sep 2017 20:15:26 GMT
server
nginx
x-microcachable
0
etag
W/"59bae35e-14929"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds031.dc2.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
18949
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
aplayer.js
www.theepochtimes.com/assets/themes/eet/js/ 		154 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/aplayer.js?ver=20220118
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
fe044d6dfebeebc4596d2368689904ee2618d0ac4180d9dcf008c218d6fa8089
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Jan 2022 22:53:42 GMT
server
nginx
etag
W/"61e744f6-26997"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds206.dc2.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
56799
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
article_ads_prebid.js
www.theepochtimes.com/assets/themes/eet/js/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/js/article_ads_prebid.js?ver=20220119
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
b582241ffa7014cc1eeeaa9535d51a9bc1c90d301aa54da3e6bb24158942abf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 15 Jan 2022 15:53:02 GMT
server
nginx
x-microcachable
0
etag
W/"61e2edde-bdea"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds004.dc2.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
13743
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
835
date
Tue, 25 Jan 2022 14:21:51 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 25 Jan 2022 16:21:51 GMT
gtm.js
www.googletagmanager.com/ 		189 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b263c88d66eaf36f4c24455566d6c95dc1f89046f96857b524347af85f0df8a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68829
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 Jan 2022 14:35:46 GMT
telegram-icon.png
www.theepochtimes.com/assets/themes/eet/images/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/telegram-icon.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
1256909b9562b779225969eeb95c0f5b1a93fba5775ee2f78dbdb98724feef07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 18:28:17 GMT
server
nginx
etag
"601aeb41-cbf6"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds096.dc2.c
content-type
image/png
cache-control
max-age=315360000
content-length
52214
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
tell-icon.svg
www.theepochtimes.com/assets/themes/eet/images/ 		721 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/tell-icon.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
383ae4a979b3d1e40f26ca3043d625fed9d449cecb76b3b30af4c3d0db7c7b92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Feb 2021 20:21:26 GMT
server
nginx
etag
"60341246-2d1"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds073.dc2.c
content-type
image/svg+xml
cache-control
max-age=315360000
content-length
346
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
mewe-icon.png
www.theepochtimes.com/assets/themes/eet/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/mewe-icon.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
243342401a389aea3c4eb3d79678310870768f96807bd5af44d1452b8c674f9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 18:28:18 GMT
server
nginx
etag
"601aeb42-772"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds047.dc2.c
content-type
image/png
cache-control
max-age=1800
content-length
1906
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
plus-icon.png
www.theepochtimes.com/assets/themes/eet/images/ 		465 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/plus-icon.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
7dae96a685aa637f08f3fbf32cf31f40c4118c19915468f44156492e8e5eb5d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 18:28:17 GMT
server
nginx
etag
"601aeb41-1d1"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds002.dc2.c
content-type
image/png
cache-control
max-age=315360000
content-length
465
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
backtotop.svg
www.theepochtimes.com/assets/themes/eet/images/ 		1 KB
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/backtotop.svg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
8da32af77026023e902dd9fe5612041380d371b1703ca79f49fadd43091f28d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Sep 2017 20:15:25 GMT
server
nginx
etag
"59bae35d-498"
x-cache-status
HIT
x-hw
1643121346.cds061.dc2.hn,1643121346.cds075.dc2.c
content-type
image/svg+xml
cache-control
max-age=315360000
content-length
579
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
D-DINCondensed-Bold.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/fonts/D-DINCondensed-Bold.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
872f4fde8b21d5105a83ba13988aa60224eae251b1708dec3062160b72d30736
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
Origin
https://www.theepochtimes.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 15:47:56 GMT
server
nginx
etag
"5b8ffaac-e454"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds048.dc2.c
content-type
application/octet-stream
cache-control
max-age=315360000
content-length
58452
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
D-DIN.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/fonts/D-DIN.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
6d67834e2a76646c456c087ce42a6bd6b6b0c85c88dd9918618a8b4c563c2bdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
Origin
https://www.theepochtimes.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 15:47:56 GMT
server
nginx
etag
"5b8ffaac-e9d4"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds080.dc2.c
content-type
font/opentype
cache-control
max-age=315360000
content-length
59860
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
D-DIN-Bold.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/themes/eet/fonts/D-DIN-Bold.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
b0f96a3730041605b139ca2d15e29a36c55e49058ba2b72ee4d09b5e4ca210c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
Origin
https://www.theepochtimes.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 Sep 2018 15:47:56 GMT
server
nginx
etag
"5b8ffaac-eb1c"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds205.dc2.c
content-type
font/opentype
cache-control
max-age=315360000
content-length
60188
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
RingsideCondensed-Bold.otf
img.theepochtimes.com/fonts/ 		122 KB
122 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/RingsideCondensed-Bold.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b

Request headers

Referer
https://www.theepochtimes.com/
Origin
https://www.theepochtimes.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Mon, 15 Nov 2021 18:18:30 GMT
server
nginx
etag
"6192a476-1e6ec"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds193.dc2.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
124652
0yb9GDoxxrvAnPhYGxkkaE0Urhg0xTY.woff2
fonts.gstatic.com/s/vollkorn/v10/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/vollkorn/v10/0yb9GDoxxrvAnPhYGxkkaE0Urhg0xTY.woff2
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8af85ef87938ad7700489d3cd359313ff3d80516be01ddc83d7aebf22e4b51c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theepochtimes.com/
Origin
https://www.theepochtimes.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 06:32:10 GMT
x-content-type-options
nosniff
age
374616
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14200
x-xss-protection
0
last-modified
Wed, 17 Jul 2019 00:00:46 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 21 Jan 2023 06:32:10 GMT
RingsideCondensed-Book.otf
img.theepochtimes.com/fonts/ 		122 KB
122 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/RingsideCondensed-Book.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
eff8407713a4db64425aa277a1cf6b097b72cc3b1b0fbafb04a1cb24066ec61f

Request headers

Referer
https://www.theepochtimes.com/
Origin
https://www.theepochtimes.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Thu, 18 Nov 2021 18:20:53 GMT
server
nginx
etag
"61969985-1e604"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds077.dc2.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
124420
Acta-Book.otf
img.theepochtimes.com/fonts/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/Acta-Book.otf
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-merge.min.css?ver=20220114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
b363b21bc03d5188a43ede2219616eaade9819d6b10f395ad66c7ee60c71ace2

Request headers

Referer
https://www.theepochtimes.com/
Origin
https://www.theepochtimes.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Fri, 19 Nov 2021 20:22:11 GMT
server
nginx
etag
"61980773-a7ac"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds175.dc2.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
42924
truncated
/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4adb8463ef46189ad0d99ff804fe3269e998acaa7bb29a73c2e2d361a06a7d7

Request headers

Referer
Origin
https://www.theepochtimes.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
chargebee.js
js.chargebee.com/v2/ 		148 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.chargebee.com/v2/chargebee.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-78.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c870b2ffb5eb2572888daa52f04694f3ab9360a22fd2364205f70f2c56e823e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
IR2GyUk2PGP9rWISNbaMNYJWcBfKSZtw
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 24 Jan 2022 11:09:22 GMT
server
AmazonS3
age
99
etag
W/"f0121e2882c17dda841e84b0a329ccdb"
strict-transport-security
max-age=300; includeSubdomains; preload
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 4ce15cd7013298653f4333aa57416c80.cloudfront.net (CloudFront)
cache-control
max-age=300,public
date
Tue, 25 Jan 2022 14:34:07 GMT
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
5m_m6F49AW9krS9Uq0zuMMMAKR_-R_1-xPCDr2_CavjjTjtUOT0uUg==
geo
subs.youmaker.com/rules/ 		119 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/rules/geo?siteid=&uid=d8139bf7-5915-437a-b1c1-cbde5ab110af
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
9247384795a7d8bc08e536e1ce19afdae3816203a25d5b18686732c684de2cbc

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
119
counts
comment.youmaker.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/counts?site=remark
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Tue, 25 Jan 2022 14:35:47 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
app-name
remark
app-version
0.1.2
author
EMG
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-robots-tag
noindex
via
1.1 google
alt-svc
clear
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/article_ads_prebid.js?ver=20220119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e5b0d7b5d78eac3d3f6eae2c714bf7fdbca187893ffb605361e37501501e2bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27049
x-xss-protection
0
server
sffe
etag
"1112 / 571 of 1000 / last-modified: 1643112392"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Jan 2022 14:35:46 GMT
test
www.youmaker.com/g/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youmaker.com/g/test
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.68.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
206.68.201.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e127b3ec8c4e1c29379b4a9dd0d0e825c55aee6d1238afe1afc8852b77bd0999

Request headers

Accept
*/*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
via
1.1 google
server
nginx/1.20.1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
counts
comment.youmaker.com/api/v1/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/counts?site=remark
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
f04080438e4ceab5f8376ee585870361b54e9069e6fd51af7366533203650bcd

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:47 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
app-version
0.1.2
app-name
remark
x-robots-tag
noindex
alt-svc
clear
expires
Thu, 01 Jan 1970 00:00:00 UTC
count
sc.youmaker.com/site/article/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sc.youmaker.com/site/article/count?site=www.theepochtimes.com&user=f2279cd8-9f22-1756-517c-579ef20f45f1&postid=4233039,4232896,4230872,4231061,4215836,4231272,4221562,4217111,4228928,4221537,4221232,4230039,4220764,4224349,4215836,4231272,4221562,4217111,4228928,4221537
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.97.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
157.97.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
63983442de9f5d4f00b100db3a312dd4e51f06c47fb8016a3bc45e0ef4c96c10

Request headers

Accept
*/*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 25 Jan 2022 14:35:47 GMT
via
1.1 google
server
nginx/1.20.1
alt-svc
clear
content-type
application/json;charset=UTF-8
chevron_left.png
www.theepochtimes.com/assets/themes/eet/images/ 		982 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/chevron_left.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
af463b25ee108e48338456299a263e94b53b302b4524916661513e22dd773850
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Nov 2021 17:04:32 GMT
server
nginx
etag
"618958a0-3d6"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds056.dc2.c
content-type
image/png
cache-control
max-age=315360000
content-length
982
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
chevron_right.png
www.theepochtimes.com/assets/themes/eet/images/ 		980 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/themes/eet/images/chevron_right.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
44be04ca10e45131b3040fd10ab82ba4792b1da6c66f6c0bbeb343e3ea01f6bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Nov 2021 17:04:32 GMT
server
nginx
x-microcachable
0
etag
"618958a0-3d4"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds093.dc2.c
content-type
image/png
cache-control
max-age=315360000
content-length
980
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
s9das0a0sd0asd0as0dsad0-600x320.jpg
img.theepochtimes.com/assets/uploads/2022/01/24/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2022/01/24/s9das0a0sd0asd0as0dsad0-600x320.jpg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
4e07bb6e96fa838f7ba559933a5babee266b5a4707d97c1087d7f684fc1aebb7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:46 GMT
last-modified
Mon, 24 Jan 2022 20:07:53 GMT
server
nginx
etag
"61ef0719-6002"
x-hw
1643121346.cds061.dc2.hn,1643121346.cds175.dc2.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
24578
collect
www.google-analytics.com/j/ 		4 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=389676576&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&dp=%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html&ul=en-us&de=UTF-8&dt=1%2C200%20Fake%20American%20Driver%E2%80%99s%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1294320481&gjid=1680871292&cid=1669070802.1643121347&uid=anona372-b500-4bf9-91b6-ac22075c90ff&tid=UA-10465455-30&_gid=1683775218.1643121347&_r=1&_slc=1&cd1=31994&cd3=%3Bcrime-us-31994%3Bhuman-trafficking-138037%3Bus-13%3Bus-news-14%3B&cd4=%3Btodays-headlines-98892%3Bpremium-116266%3Bpremium-news-123405%3Btop-stories-98893%3B&cd5=%3Bcrime-us-31994%3Bhuman-trafficking-138037%3Bus-13%3Bus-news-14%3Btodays-headlines-98892%3Bpremium-116266%3Bpremium-news-123405%3Btop-stories-98893%3B&cd21=4233039&cd23=Jack%20Phillips&cd26=Crime%20and%20Incidents&cd28=%3BCrime%20and%20Incidents%3BHuman%20Trafficking%3BUS%3BUS%20News%3B&cd29=%3BUSA%3BIndiana%3B&cd30=20220124&cd31=20220124&cd33=413&cd42=%3Busa%3Bindiana%3B&cd43=post&cd18=anona372-b500-4bf9-91b6-ac22075c90ff&z=1597169113
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.theepochtimes.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 13:02:10 GMT
via
1.1 9dcf1f784090d97aac2d38aa49e628e2.cloudfront.net (CloudFront)
server
Server
age
5617
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.theepochtimes.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
hnyb00_S-RyyTTiC1UfRwFTXO3aIHgFuul-KwkrdHqY417RQ2bvxIA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 02:56:15 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
41973
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
via
1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-C3
content-type
application/javascript
x-amz-cf-id
8CmsdRriQ-jFHYl8Rs3zK599oCi5ykHbo9MIqnqm4Bk48gRil4sb2Q==
collect
ea.epochbase.com/api/analytics/g/ 		0
213 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/analytics/g/collect?v=2&tid=G-RD0QM5H02Q&gtm=2oe1o0&_p=389676576&sr=1600x1200&ul=en-us&cid=1669070802.1643121347&_fplc=0&_s=1&dl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&dt=1%2C200%20Fake%20American%20Driver%E2%80%99s%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana&sid=1643121347&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.page_path=%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html&ep.post_id=4233039&ep.primary_category_name=Crime%20and%20Incidents&ep.eet_tags=USA%3BIndiana&ep.all_term_ids=crime-us-31994%3Bhuman-trafficking-138037%3Bus-13%3Bus-news-14%3Btodays-headlines-98892%3Bpremium-116266%3Bpremium-news-123405%3Btop-stories-98893
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.73 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 25 Jan 2022 14:35:48 GMT
server
nginx/1.16.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
js
www.googletagmanager.com/gtag/ 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-10465455-30&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7637f429971134fe246556fa82e83f59df54dcfea721fa1af379f039b0dbacbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35996
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 Jan 2022 14:35:47 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:9525:7e6a:be2b:3707 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:47 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Tue, 01 Feb 2022 14:35:47 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-10.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 30 Dec 2021 16:42:24 GMT
Via
1.1 7608da25eb5aed0ce7cca5fc0587c650.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
2238804
ETag
"d89453438fbf10dcf4c13265c40d5160"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=26920000
X-Amz-Cf-Pop
EWR50-C1
Accept-Ranges
bytes
Content-Length
4255
X-Amz-Cf-Id
Rt_q2Av6mGH_qe-iuIJLy_eWHNlM8u7yRUT4a4OtWSBE5UP9aNnkAQ==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1643121347151&ns_c=UTF-8&c8=1%2C200%20Fake%20American%20Driver%E2%80%99s%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana&c7=https%3...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1643121347151&ns_c=UTF-8&c8=1%2C200%20Fake%20American%20Driver%E2%80%99s%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana&c7=https%...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1643121347151&ns_c=UTF-8&c8=1%2C200%20Fake%20American%20Driver%E2%80%99s%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana&c7=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&c9=
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Server
13.226.31.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-3.ewr53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:47 GMT
via
1.1 ea5efad48fd2ca3e2050f885ef5ad57c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
1gMvIC4Cxqu9FtwTVP4JdPQhw6-HyvVLcCHnhRd5Ry-Ch8unfPqAew==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 25 Jan 2022 14:35:47 GMT
via
1.1 ea5efad48fd2ca3e2050f885ef5ad57c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1643121347151&ns_c=UTF-8&c8=1%2C200%20Fake%20American%20Driver%E2%80%99s%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana&c7=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&c9=
content-length
544
x-amz-cf-id
0KRlwF8ISlI8Y0zMAVmwIZCLDejW5m4uoNavvGnZOneHQnJQtl7G8w==
0-d0d07a1ccb393c1835b4.js
js.chargebee.com/v2/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.chargebee.com/v2/0-d0d07a1ccb393c1835b4.js
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-78.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24debe1a54d5c3e03a19488a253b5019df02e8123774a2741ab89135cf99427e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
.1ZgAMRBUK0NnOjZfaRBLGGD6RpyXsqn
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 13 Jan 2022 02:40:31 GMT
server
AmazonS3
age
289
etag
W/"c4630576340873667c3aab4a9a1de919"
strict-transport-security
max-age=300; includeSubdomains; preload
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 4ce15cd7013298653f4333aa57416c80.cloudfront.net (CloudFront)
cache-control
max-age=300,public
date
Tue, 25 Jan 2022 14:30:58 GMT
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
_h7oTbDgCcxNCJ9gPvac4SuemX_75YoJ9swffZgsQlCbfAOhJxqPBA==
60-ebf05957172d9ca297d4.js
js.chargebee.com/v2/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.chargebee.com/v2/60-ebf05957172d9ca297d4.js
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-78.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
feeaec1e1a67cf2c7c1f92e98b8b8be38d1dff9a6eb52f4453f7fc692e94cb09
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
44netkEqQ_gBOXRhwfBlEFq7vyXFxiUe
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 24 Jan 2022 11:09:22 GMT
server
AmazonS3
age
54
etag
W/"258f3db71519d4d8d69355399bdaa5a3"
strict-transport-security
max-age=300; includeSubdomains; preload
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 4ce15cd7013298653f4333aa57416c80.cloudfront.net (CloudFront)
cache-control
max-age=300,public
date
Tue, 25 Jan 2022 14:35:35 GMT
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
rE-R_Coen2t66jVB8PSQu-b6O0_iOZaRsR5Yq1tIKL3XUcZIb-w0oQ==
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-10465455-30&cid=1669070802.1643121347&jid=1294320481&uid=anona372-b500-4bf9-91b6-ac22075c90ff&gjid=1680871292&_gid=1683775218.1643121347&_u=YGBACEAABAAAAC~&z=806439218
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1404::9b Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 25 Jan 2022 14:35:47 GMT
content-type
text/plain
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022011002.js
securepubads.g.doubleclick.net/gpt/ 		352 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
sffe /
Resource Hash
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 04:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35933
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121009
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 21:10:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 Jan 2023 04:36:54 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		119 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.theepochtimes.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
70fbd157f02619ebe2855feece0c0ad7790d532005d08d8180423892e89a1a54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 14:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99
x-xss-protection
0
expires
Tue, 25 Jan 2022 14:35:47 GMT
collect
ea.epochbase.com/api/analytics/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/analytics/collect?tid=G-RD0QM5H02Q&site_id=www.theepochtimes.com&v=1&en=readactivity&percent_scrolled=0&v=1&em=camille.papanek%40cic.gc.ca&post_id=4233039&read_duration=5&dl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&dr=&cid=1669070802.1643121347
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.73 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 25 Jan 2022 14:35:48 GMT
server
nginx/1.16.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
collect
ea.epochbase.com/api/analytics/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/analytics/collect?tid=G-RD0QM5H02Q&site_id=www.theepochtimes.com&v=1&en=instaAccount&percent_scrolled=0&v=1&em=camille.papanek%40cic.gc.ca&post_id=4233039&read_duration=5&dl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&dr=&cid=1669070802.1643121347
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.73 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 25 Jan 2022 14:35:48 GMT
server
nginx/1.16.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
rules-p-a128V7tctPVtT.js
rules.quantcount.com/ 		3 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-a128V7tctPVtT.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:0:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 22:58:25 GMT
via
1.1 343d70dd2c23b73057116d47a342c588.cloudfront.net (CloudFront)
age
56243
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 20:44:26 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
EWR53-C2
accept-ranges
bytes
x-amz-cf-id
rdequcJWfINJAWE5TXnC5fHBNwDDPDuXhBKbdyha02lTaR91nMQT7Q==
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10465455-30&cid=1669070802.1643121347&jid=1294320481&_u=YGBACEAABAAAAC~&z=2086068048
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10465455-30&cid=1669070802.1643121347&jid=1294320481&_u=YGBACEAABAAAAC~&z=2086068048
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=1%2C200%20Fake%20American%20Driver%E2%80%99s%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana&time=1643121347343&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&random_number=4799997100&sess_cookie=a73c926417e91aa0b0ff87016b7&sess_cookie_flag=1&user_cookie=a73c926417e91aa0b0ff87016b7&user_cookie_flag=1&dynamic=true&domain=theepochtimes.com&account=Tmrwl1aYizr0uP&jsv=20130128&user_lang=en-US
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-4.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 01:20:53 GMT
Via
1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
47695
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
EWR50-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
3ADsJ1sup_Km09-JpH8qvwL8DbH1JmrRX2rCRKx2U9XCxPdx1bkhog==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.217.60.34 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-217-60-34.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:47 GMT
server
Server
bid
c.amazon-adsystem.com/e/dtb/ 		205 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&pid=F3aLZHGlNniTU&cb=0&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22sticky_ad_top%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5965368%2FEET_article_top_728x90%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
f3bc3507d77b34a48e817723a451b72bc74574c79d7a2a18a8f7585b1ff8f407
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:47 GMT
via
1.1 9dcf1f784090d97aac2d38aa49e628e2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
9XHF073YXBRPXVDBEKFB
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
205
x-amz-cf-id
Bp8-wI5CpfD1c3SUFLhT9pN0nISIweBTe0JF2tGMjuSGFma2sb7V0w==
cookie_sync
prebid.adnxs.com/pbs/v1/ 		708 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
c70027927288db02a742e9cb0e86209ff579e22d57b86c28c8575e68b81bf547

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:47 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.theepochtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		260 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
71d2368ab8b35de74dd6c95e2943e3bac445d016b06aad36d8f751c717ab73f1

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:47 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.theepochtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.25 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
563.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0eebd0b4dab6cf3eac098b468c3e75c2468a4b20b33f0a7d517b564ea3f5fd59
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:47 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
ff61d376-2cc2-43d4-aada-efc3dae820c1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.theepochtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
g2.gumgum.com/hbid/ 		2 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=32025&pi=3&bf=970x250%2C970x90%2C728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.29.0%22%7D&ogu=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html&ns=10240
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.54.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-54-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:47 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=299835&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211090a67398bf12%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212cac80c0eb26c2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299835%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2213a18c7cc49cec4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299835%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221410c6daf7053f6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299835%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.175.77 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-175-77.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
95b4cc7d218e5c13e0978dd270e96ace119028dd04f6ee9d8654e1aed2b17055

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:47 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.186], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
19
expires
Tue, 25 Jan 2022 14:35:47 GMT
arj
epoch-times-d.openx.net/w/1.0/ 		173 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://epoch-times-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5d7dbe23-2bde-42ae-9b52-a45c477333a6&nocache=1643121347422&pubcid=7656d3aa-96f1-40ba-a925-e84dd4a3be35&aus=970x250%2C970x90%2C728x90&divIds=sticky_ad_top&auid=538813617
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
0a4b126ff99827d3143c2478acd604f067be471e7a7ad808f13ff57e2450ca17

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:47 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.theepochtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89f77c02f6&pos=eet_article_top_728x90&cmd=bid&secure=1
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
c8dcadd2d21c984aa60a8a3b0a86ccb2f83e05511a73504003e545a843c47dfc

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Jan 2022 14:35:47 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
content-length
62
bid
c.amazon-adsystem.com/e/dtb/ 		205 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&pid=F3aLZHGlNniTU&cb=1&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22ad_right_top_300x250_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5965368%2Feet_article_right_top_300x250_v3%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
f0f7c6efc47f17526221e7762fe332cd35fe5502681fe660c6ea099a99b5dbb7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:47 GMT
via
1.1 9dcf1f784090d97aac2d38aa49e628e2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
3HZMCRHDXBCYZ141CJAV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
205
x-amz-cf-id
pD5My1TRXbciM6AG4HYweHJ--5xGgfAyNRDGuEYcUIid1nduDgGS7w==
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		259 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
b1d49815df7a850995ec645f00d86538b42ce60183891c700f2ccda62865b586

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:47 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.theepochtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
imp
g2.gumgum.com/hbid/ 		2 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=32023&pi=3&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.29.0%22%7D&ogu=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html&ns=10240
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.54.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-54-241.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:47 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
arj
epoch-times-d.openx.net/w/1.0/ 		173 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://epoch-times-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5293dc84-91a8-4be3-ab18-9f17aaf1990e&nocache=1643121347437&pubcid=7656d3aa-96f1-40ba-a925-e84dd4a3be35&aus=300x250&divIds=ad_right_top_300x250_1&auid=538813611
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
6110a5ecff3c0385ba2075033cb9c5ed2af475fb8e744a2e14ef0b0b358f0b4e

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:47 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.theepochtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.25 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
563.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ad29d581f66dca4c419fe6db02d4e1d8fcb7d5ba8e622cd1efcd34fb549ba410
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:47 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
ede234f2-4b7f-47d8-aed0-a1442bc2691f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.theepochtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=299842&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2231f08b364e6bcf8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2232e87bb4edb375a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22299842%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.175.77 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-175-77.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5936f1e9aa3fb341b78037f22cd73f336ca17ebdee77939721b7077c6f877384

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:47 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.186], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.theepochtimes.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
19
expires
Tue, 25 Jan 2022 14:35:47 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89f77c02f6&pos=eet_article_right_top_300x250_v3&cmd=bid&secure=1
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
75ac4e028f831bac0f5c334229d0ea0008dd3578d2608bb7c289618e2fadbb6c

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Jan 2022 14:35:47 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-credentials
true
content-length
62
breaking-bar.html
www.theepochtimes.com/assets/uploads/html/breakingnews-bar/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.theepochtimes.com/assets/uploads/html/breakingnews-bar/breaking-bar.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 25 Jan 2022 15:07:36 GMT
server
nginx
etag
"61f01238-0"
x-cache-status
HIT
x-hw
1643121347.cds061.dc2.hn,1643121347.cds012.dc2.sc,1643121347.cds012.dc2.p
content-type
text/html; charset=utf-8
cache-control
max-age=600
content-length
0
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
94729.js
mixi.media/data/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mixi.media/data/js/94729.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/bottom.min.js?ver=20220124
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
5a2a478dc89a1366c81fe6243501ccab9894e6c1ea7910fbe4fdac2ddaf91399

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:47 GMT
Content-Encoding
gzip
Last-Modified
Tuesday, 25-Jan-2022 14:35:47 GMT
Server
nginx
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript;charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
pixel;r=253052752;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_sou...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=253052752;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca;uht=2;fpan=1;fpa=P0-126226592-1643121347457;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=theepochtimes.com;je=0;sr=1600x1200x24;dst=0;et=1643121347457;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.1%252C200%20Fake%20American%20Driver's%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana%2Cdescription.The%20Customs%20and%20Border%20Protection%20(CBP)%20seized%20more%20than%201%252C000%20counterfeit%20drive%2Curl.https%3A%2F%2Fwww%252Etheepochtimes%252Ecom%2F1200-fake-american-drivers-licenses-from-hong-kong%2Csite_name.www%252Etheepochtimes%252Ecom%2Cimage.https%3A%2F%2Fimg%252Etheepochtimes%252Ecom%2Fassets%2Fuploads%2F2022%2F01%2F24%2FGettyImages-74938063-ssd
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:9525:7e6a:be2b:3707 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=KYU80Y06-1O-9ZO6
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=KYU80Y06-1O-9ZO6
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
HTTP/1.1
Server
68.67.160.25 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
563.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:47 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
ab8f10e3-141c-46ed-bdfc-9b1750109551
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=KYU80Y06-1O-9ZO6
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Expires
0
iu3
s.amazon-adsystem.com/ Frame 58F7
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&dcc=t
327 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2dfd42678c80a09a558b4e72e4378552a8792b1343aeddede994471f92606ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

Server
Server
Date
Tue, 25 Jan 2022 14:35:47 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
327
Connection
keep-alive
x-amz-rid
EFYD4TCF7QFF6GJXQ9H2
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
Server
Date
Tue, 25 Jan 2022 14:35:47 GMT
Content-Length
0
Connection
keep-alive
x-amz-rid
84HDB0X99YJ4RTFQMBNA
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&dcc=t
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.theepochtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 14:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.theepochtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 14:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1207402431981013&correlator=3961803513432000&output=ldjh&impl=fifs&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220125&iu_parts=5965368%2Ceet_article_right_top_300x250_v3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=EET_category%3Deet_crime-us-31994%252Ceet_human-trafficking-138037%252Ceet_us-13%252Ceet_us-news-14%252Ceet_todays-headlines-98892%252Ceet_premium-116266%252Ceet_premium-news-123405%252Ceet_top-stories-98893%26EET_post%3D4233039%26site%3Dwww.theepochtimes.com%252Ctheepochtimes.com%26article_ads_version%3Dprebid%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&dt=1643121347688&lmt=1643121347&dlt=1643121346509&idt=869&frm=20&biw=1600&bih=1200&oid=2&adxs=1100&adys=192&adks=2786340635&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=1669070802.1643121347&ga_sid=1643121348&ga_hid=389676576&ga_fc=true&ga_cid=1683775218.1643121347&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
20fa0be460325f324d17bbcb28283b3dad1ba0a099ddca391f17760801ba238f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9218
x-xss-protection
0
google-lineitem-id
5399633405
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138349980478
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
163ad3d3cef73823fb6ee7c8560a3ece.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8EB5 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://163ad3d3cef73823fb6ee7c8560a3ece.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 25 Jan 2022 14:35:47 GMT
expires
Wed, 25 Jan 2023 14:35:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26consent_string%3D%26gdpr%3D%26uid%3D%5BUID%5D
  • https://ib.adnxs.com/prebid/setuid?bidder=sonobi&consent_string=&gdpr=&uid=fe8d767e-3086-4e45-b815-594394f30980
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=sonobi&consent_string=&gdpr=&uid=fe8d767e-3086-4e45-b815-594394f30980
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
HTTP/1.1
Server
68.67.160.25 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
563.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:47 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
f8a3aac4-9e37-42ad-a918-40768def2b2f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:47 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-79
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ib.adnxs.com/prebid/setuid?bidder=sonobi&consent_string=&gdpr=&uid=fe8d767e-3086-4e45-b815-594394f30980
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1207402431981013&correlator=3961803513432000&output=ldjh&impl=fifs&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220125&iu_parts=5965368%2CEET_article_top_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=EET_category%3Deet_crime-us-31994%252Ceet_human-trafficking-138037%252Ceet_us-13%252Ceet_us-news-14%252Ceet_todays-headlines-98892%252Ceet_premium-116266%252Ceet_premium-news-123405%252Ceet_top-stories-98893%26EET_post%3D4233039%26site%3Dwww.theepochtimes.com%252Ctheepochtimes.com%26article_ads_version%3Dprebid%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&dt=1643121347812&lmt=1643121347&dlt=1643121346509&idt=869&frm=20&biw=1600&bih=1200&oid=2&adxs=300&adys=126&adks=3587454004&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&vis=1&scr_x=0&scr_y=0&psz=1000x30&msz=1000x0&ga_vid=1669070802.1643121347&ga_sid=1643121348&ga_hid=389676576&ga_fc=true&ga_cid=1683775218.1643121347&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
c8e1c6b1e9b3ed63415f431645a5c779d0ba94f6f4c19a9cf6ee46b394214888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9174
x-xss-protection
0
google-lineitem-id
5399633405
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138349601181
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame 00EE 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
20636e496c24a62ca1ea3fbeb71855f8be39b01e8cd42987d45b231937d5d386
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&dcc=t

Response headers

Server
Server
Date
Tue, 25 Jan 2022 14:35:47 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
2561
Connection
keep-alive
x-amz-rid
A3K5C8Q1E3XWGVNYR4JR
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
view
securepubads.g.doubleclick.net/pcs/ Frame 54D7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0VZICoIVRR9UhsSCC44-9QNPVtxCG5AHwjiagUul9bGwkZnByRX3C4FSeyuXpPvDmlfM8Vcot37hnEHtAEKeLtZYIKgarTIC2bG8kJxqGAWFTwv0FKiSM0cRZWNup1SjbXmVGsqSVAuR4bGSjThJfSWRdJumEFmuwsQf9fQOvGMVuxqITyvfQHq7QIoB0C6VehQfW1p5aZElaHPers5bEfZ7oTGk1E3suN-4Cz3l16XxxJecHuNEjzeGuvZd3ATZiJSWGyyIV8q1wo_pcvxHPQhsdMyZbdV3Cm50m63JfYWZj3tCQJEUUXrhdsdzfA3EKxWzem9wbX22DIn7pTo92m2Uz&sai=AMfl-YTV496uwGQboEuyfwyfRz-5Ib1rd6C6Zo-IDp62kIUUAJU2etbkLSlqdif8-W4NPQUgAPhuyaz7Ku0i3-h-NnqIgKuWCSMZGXwERHEreIIuHhRSRVgrnXb2ycqeOvo&sig=Cg0ArKJSzJe9ZVQsVzViEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 14:35:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 25 Jan 2022 14:35:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 54D7 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Jan 2022 14:35:47 GMT
7139125845117574952
tpc.googlesyndication.com/simgad/ Frame 54D7 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7139125845117574952?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b27bb8d4b5e0f19de5a5351b6414c68acf6e77af3c835af37abf05a278af431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 20:07:08 GMT
x-content-type-options
nosniff
age
152919
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33776
x-xss-protection
0
last-modified
Fri, 14 May 2021 19:51:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 23 Jan 2023 20:07:08 GMT
/
s.ad.smaato.net/c/ Frame 00EE 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:fc00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
via
1.1 110142bfecf028552c3361846a29130a.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
1MQTCqYsDs1N0K-tCB9MEe_tYU6ZD9FH4JibnqevMPx0d6eMinF3_g==
x-cache
FunctionGeneratedResponse from cloudfront
ecm3
s.amazon-adsystem.com/ Frame 00EE
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=B22330297A8044C9BDB050E0BAF9B9E8&ex=simpli.fi&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=B22330297A8044C9BDB050E0BAF9B9E8&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FJ9GJT3FYEJ1CYZE6MK7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 25 Jan 2022 14:35:48 GMT
x-content-type-options
nosniff
server
nginx
location
https://s.amazon-adsystem.com/ecm3?id=B22330297A8044C9BDB050E0BAF9B9E8&ex=simpli.fi&status=ok
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 24 Jan 2022 14:35:48 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 9300
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b3508f28ad80feb576703721d40432fc14481c442e325f934308be70071c566

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|230|45|40|156|190|65
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Tue, 25 Jan 2022 14:35:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Content-Length
1645
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
324
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 25 Jan 2022 14:35:47 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:47 GMT
Connection
keep-alive
cm
u.openx.net/w/1.0/ Frame 2E0A 		722 B
770 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
f78c876275e6f1e882e7c513e0de8150c1e8cdd223c41f4a5aa6a3b865631134

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 25 Jan 2022 14:35:47 GMT
content-type
text/html
content-length
458
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame 48D3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm
  • https://s.amazon-adsystem.com/ecm3?id=5777866265742787551&ex=districtm
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=5777866265742787551&ex=districtm
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Tue, 25 Jan 2022 14:35:48 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
273GKRBD9EKQW69EMBZW
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Tue, 25 Jan 2022 14:35:47 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=5777866265742787551&ex=districtm
AN-X-Request-Uuid
67c746a6-890a-4336-bbb6-544a81dbddc2
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
ecm3
s.amazon-adsystem.com/ Frame 8B02
Redirect Chain
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
  • https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=2903322898862673848
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=2903322898862673848
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Tue, 25 Jan 2022 14:35:48 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
HQYKTJ3JCWK96DHDQRBY
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
location
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=2903322898862673848
content-length
0
date
Tue, 25 Jan 2022 14:35:48 GMT
index.html
cdn.districtm.io/ids/ Frame 6F93
Redirect Chain
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
116 B
351 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
content-type
text/html
cf-ray
6d323ae9195d5473-YYZ
age
24456
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 7a818cb34d4f96c0d6b48a1a51f766d0.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
w-tkQMLcmZqgc47qr1cbrr6HFH1RHGWxXvjMCOAiac_v-EkP423rLg==
x-amz-cf-pop
YTO50-C3
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br

Redirect headers

date
Tue, 25 Jan 2022 14:35:48 GMT
location
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
cf-ray
6d323ae8e8e55473-YYZ
cache-control
max-age=3600
expires
Tue, 25 Jan 2022 15:35:47 GMT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
/
match.sharethrough.com/jwumXNuB/v1/ Frame E569 		427 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.50.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-50-126.compute-1.amazonaws.com
Software
/
Resource Hash
efcc1d34612d16e693d220906dc11cb47cc4a11b1516bd64f1ff50ed3d149098

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Tue, 25 Jan 2022 14:35:47 GMT
content-length
427
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1983 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.216.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=86976
expires
Wed, 26 Jan 2022 14:45:23 GMT
date
Tue, 25 Jan 2022 14:35:47 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0D7B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 25 Jan 2022 14:35:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame EA87
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=5777866265742787551&ex=appnexus.com
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=5777866265742787551&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Tue, 25 Jan 2022 14:35:48 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
R8BABE34X8M6NE8SNEN0
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Tue, 25 Jan 2022 14:35:47 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=5777866265742787551&ex=appnexus.com
AN-X-Request-Uuid
cae4d0e1-2297-4cf6-92bb-a08b42dd8cdf
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
amazon
ap.lijit.com/beacon/ Frame A88C
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
1b752cbf3c7c93a43eff14707080ff850efb502c0d842cecd9fbaae7ecf85ec3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
nginx
Date
Tue, 25 Jan 2022 14:35:47 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap4ewr1

Redirect headers

Server
nginx
Date
Tue, 25 Jan 2022 14:35:47 GMT
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap4ewr1
view
securepubads.g.doubleclick.net/pcs/ Frame 5D2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslk61N0KuE1niWCwlr9jcJeWMGyrKAGf7VKXHBrEHZpthdaBi4Tp4QcCqa2bK1eJRqS7c5Aw-HVJiGo_9klUkibFbQBsy-iYTxq2vJFoiK-5C4tW5XQ6Yb-4zTuPsuVTt1BRj5ROIqVD5xpEvIU2RKSOk2zf53Oi2--sQAQQlaDAkHAgvu1-Vc8D-3WasqsjBah_axP2XHTRiFanf1VW4ZPhwktWq3yP84SdyZXB0w4FGUtsOlNyScwBEjky6YJnRXRljrJf0fz5NvmWdyD37GzFj51z5D8VJaOXacvm77ee4_JHFqGldDJreDG1Nzsqx8QMp_c_M&sai=AMfl-YRxWCJsFdl-qxEIvCERfp1r5Wl-_OM04-HeAcsvEoIXQdsKQuEsxRsP9rfO9HahRvMfzPZOFkjrQ-RLIb6ABArpxrXOYtmWADqMMtpGGsVCJmgJBFm-1munajHTbv8&sig=Cg0ArKJSzKxKDa3CyPO-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 14:35:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 25 Jan 2022 14:35:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5D2B 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Jan 2022 14:35:47 GMT
6788252281517452913
tpc.googlesyndication.com/simgad/ Frame 5D2B 		239 KB
239 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6788252281517452913?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a950c8f077e3743e3a26ca51d7cb1cafaf516db1c0675c118dc4e88d5683ccdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 12:25:33 GMT
x-content-type-options
nosniff
age
94214
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244365
x-xss-protection
0
last-modified
Fri, 14 May 2021 19:46:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 24 Jan 2023 12:25:33 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E1FB 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.216.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=86976
expires
Wed, 26 Jan 2022 14:45:23 GMT
date
Tue, 25 Jan 2022 14:35:47 GMT
vary
Accept-Encoding
jsapi.v5.7.1.en_US.js
static.mixi.media/static/jsapi/ 		248 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.mixi.media/static/jsapi/jsapi.v5.7.1.en_US.js
Requested by
Host: mixi.media
URL: https://mixi.media/data/js/94729.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
d761cb302ae0fe615a51d476ca388877e78917a2aa90f0681721eae3ce36d49a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Jan 2022 11:46:07 GMT
Server
nginx
ETag
W/"61ee917f-3e0d5"
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
sm.js
stat.media/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.media/sm.js
Requested by
Host: mixi.media
URL: https://mixi.media/data/js/94729.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.162.95.70 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
sm-server1-1.smir12.imcmdb.net
Software
nginx /
Resource Hash
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Dec 2021 13:53:02 GMT
Server
nginx
ETag
W/"61a8cfbe-13481"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
/
target.mixi.media/init/ 		95 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://target.mixi.media/init/?blockid=94729&siteid=49188&bw=1600&bh=1200&rnd=8513944944502
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx / HHVM/3.9.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Target-Version
2
Date
Tue, 25 Jan 2022 14:35:48 GMT
X-Target-Final
20220125173548-0
Server
nginx
X-Target-Host
target2-1.ssel21
X-Powered-By
HHVM/3.9.1
X-Time-Request
0.00033
Content-Type
image/png
Cache-Control
no-cache, private
Connection
keep-alive
Content-Length
95
Expires
Tue, 25 Jan 2022 14:35:47 GMT
ecm3
s.amazon-adsystem.com/ Frame 2E0A 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=fd2c908e-23dc-c4b7-33fd-a232d8b74628
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
B0TCSDM73J76CHHG7M7J
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2E0A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YfAKxAABNO_fwQAy
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YfAKxAABNO_fwQAy&_test=YfAKxAABNO_fwQAy
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YfAKxAABNO_fwQAy&_test=YfAKxAABNO_fwQAy
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643121348.133204,VS0,VE0
x-served-by
cache-yul12831-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YfAKxAABNO_fwQAy&_test=YfAKxAABNO_fwQAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
313d8ab7-afda-ed04-c224-36504fd34081
pr-bh.ybp.yahoo.com/sync/openx/ Frame 2E0A 		43 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/313d8ab7-afda-ed04-c224-36504fd34081?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:b6fc:4de6:8023:56cb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 2E0A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=a5faecf3-3f76-7f4d-f3f3-20a5b0848dc8&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=a5faecf3-3f76-7f4d-f3f3-20a5b0848dc8&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=068d0648-e8ef-420b-97fe-f96435b39fb6&ttd_puid=a5faecf3-3f76-7f4d-f3f3-20a5b0848dc8
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=068d0648-e8ef-420b-97fe-f96435b39fb6&ttd_puid=a5faecf3-3f76-7f4d-f3f3-20a5b0848dc8
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=068d0648-e8ef-420b-97fe-f96435b39fb6&ttd_puid=a5faecf3-3f76-7f4d-f3f3-20a5b0848dc8
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
293
pixel
cm.g.doubleclick.net/ Frame 2E0A 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODk5NTNmMzktZjYwMS0yMWU5LWU2MTMtN2ExYzdhNjY0M2E4
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2E0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFNeq9KemMylBVbayhCjngE&google_cver=1
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFNeq9KemMylBVbayhCjngE&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFNeq9KemMylBVbayhCjngE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 54D7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9ZGFpx5qOp_wiGRxb6QvRVYWb5133gn1ONACNR1fgBO12_kJDHDCJ9d7rscB6nkS8aVhvv1tu3zwh-7yxiJ5WcwGiLQOxcY_OVIwQOGerN5PImxgaSz1-XOPuDsVHxZkzVee8R8G4IYS9zxDo1wDOGrxarP2V9_2547am-Bh9HT3VtI4o_edLKZAno9FB4ISoQHmOwRlhzZq9FO8gg4UFbt_PqxmqZob90gy9L7n1WUy1un62z3wo1pfpeDEsPvOE3cU6-IXoH54TuNUzW7xHI0JEFazD863O3L6mopnrxtXJ1TJHFhydsHu2fCOSO9L_17fYGM_lRDh6eG4D6cOSdYhd578&sai=AMfl-YSxVnsTjUMSgjNg9Z09tvBqa7tYAYBwUkC0pnWH2JkfIkVag-BzGjSWOQceazGkrarMADyIXFgSxaKhTP2ZgrjgCOJSbb18RLj43qunATgrTUIKKhQSMItNMW2ZaEU&sig=Cg0ArKJSzCCCD4FV0XltEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 14:35:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 25 Jan 2022 14:35:48 GMT
truncated
/ Frame 54D7 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5610744cd9813aaf6449d2d370b836504250a4a5ed72e33c13aea0d8c076fe55

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 5D2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCyKDJT-trq8BcBFn0o9HuJ9fPtjoUBV0LEt7WxVA5TxpH9AMTmBF_forcUVkChVGbjzkYdIX_d2aerlRZIwSxvLK9E9ERLuml-xusmN8EJs-zz4J-gjcYTDbESIDHQU7NbP8ycKPOTJLlMWwmQW5f5B56Emn5zUAiV4k28hz2YBLIFjvhS5waKa8kFG3_S1B_rTBrfaObfYtZjowaVLjxD7fnEG03ZufLKm8y8jjNi16uEl5_2l2S8wV3zeAgIZ_jbHSidRB-XnqT_-k0Xx1PYf5KyFIRKVjzUAbHzlaJ-lN9wsreZdSDHEBFfyA4BO4jN1DJvItvdw&sai=AMfl-YScug43D1qmrZ85S0bi73dkWliWt1KGzs_nP9qngMk3odu3To_F8XH03QSRz2e8FGwMHZveAgpKN9Gbibi4kQV_wVq3ebfqg10jTttfDWtiLR_0KtH1oV1fccxyrQY&sig=Cg0ArKJSzO1_sGiV8HDSEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 14:35:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 25 Jan 2022 14:35:48 GMT
truncated
/ Frame 5D2B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c2f732d37a047e83532ed4b2153d0d96ccfaa4bb89562ca4695a6cc92128544

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 0D7B 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
dfaa9b38b6961e041aa90677d76e0ea5a4fd7ac176ba83694b18d57d809fd57e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:48 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52872
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Wed, 26 Jan 2022 05:17:00 GMT
ecm3
s.amazon-adsystem.com/ Frame E569 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=c18073f8-cbe4-459f-adf5-002ca6e99b53
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
AVAT5RWMK9F63KRNNJAQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame E569
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=068d0648-e8ef-420b-97fe-f96435b39fb6&gdpr=0&gdpr_consent=
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=068d0648-e8ef-420b-97fe-f96435b39fb6&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.204.50.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-50-126.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=068d0648-e8ef-420b-97fe-f96435b39fb6&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame E569
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=5777866265742787551
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=5777866265742787551
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.204.50.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-50-126.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 585.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
29086df5-6355-4e36-8624-a62afaa78d56
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=5777866265742787551
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame E569
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://sync.srv.stackadapt.com/sync?nid=15
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-dd2d9c16-e875-4ba2-5cde-25c9a247245a$ip$149.56.153.186
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-dd2d9c16-e875-4ba2-5cde-25c9a247245a$ip$149.56.153.186
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.204.50.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-50-126.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
content-length
68
content-type
image/png

Redirect headers

Location
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-dd2d9c16-e875-4ba2-5cde-25c9a247245a$ip$149.56.153.186
Date
Tue, 25 Jan 2022 14:35:48 GMT
Connection
keep-alive
Content-Length
172
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame E569
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1
  • https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=60e7e5db-e273-4b92-8528-1498ffb8f6f1
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=60e7e5db-e273-4b92-8528-1498ffb8f6f1
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.204.50.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-50-126.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
content-length
68
content-type
image/png

Redirect headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:47 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=60e7e5db-e273-4b92-8528-1498ffb8f6f1
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
246
Expires
-1
ecm3
s.amazon-adsystem.com/ Frame A88C 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=43d3a598888a0b71b98a1c11&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9MR8ECXSMRZB0XAB4KFD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame A88C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AABBR07D4BYAAEXIdhbVsw&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AABBR07D4BYAAEXIdhbVsw&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AABBR07D4BYAAEXIdhbVsw&gdpr=0
Date
Tue, 25 Jan 2022 14:35:48 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
merge
ce.lijit.com/ Frame A88C
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1643121347998&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=B22330297A8044C9BDB050E0BAF9B9E8
43 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=B22330297A8044C9BDB050E0BAF9B9E8
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 25 Jan 2022 14:35:48 GMT
x-content-type-options
nosniff
server
nginx
location
https://ce.lijit.com/merge?pid=2&3pid=B22330297A8044C9BDB050E0BAF9B9E8
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 24 Jan 2022 14:35:48 GMT
merge
ce.lijit.com/ Frame A88C
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=5777866265742787551&gdpr=0&gdpr_consent=
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=5777866265742787551&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 585.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
80ce87d2-3407-4a43-af01-fcbe7bd8ebb3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ce.lijit.com/merge?pid=12&3pid=5777866265742787551&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame A88C
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=068d0648-e8ef-420b-97fe-f96435b39fb6&gdpr=0&gdpr_consent=
43 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=068d0648-e8ef-420b-97fe-f96435b39fb6&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ce.lijit.com/merge?pid=27&3pid=068d0648-e8ef-420b-97fe-f96435b39fb6&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
223
merge
ce.lijit.com/ Frame A88C
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1643121348354
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8893284062
  • https://sync.1rx.io/usersync/tradedesk/068d0648-e8ef-420b-97fe-f96435b39fb6
  • https://sync.targeting.unrulymedia.com/csync/RX-faeab479-548a-4f19-88a9-06ef1608f6ed-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-faeab479-548a-4f19-88a9-06ef1608f6ed-005
  • https://ce.lijit.com/merge?pid=56&3pid=RX-faeab479-548a-4f19-88a9-06ef1608f6ed-005
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-faeab479-548a-4f19-88a9-06ef1608f6ed-005
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Tue, 25 Jan 2022 14:35:48 GMT
Server
Tengine
ETag
RXfaeab479548a4f1988a906ef1608f6ed005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ce.lijit.com/merge?pid=56&3pid=RX-faeab479-548a-4f19-88a9-06ef1608f6ed-005
Connection
keep-alive
Content-Type
text/html
PugMaster
image6.pubmatic.com/AdServer/ Frame 1983 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82676575&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c7713b8d21a05ea3955dc90bc5324656a0ee6e17d1fc62cfdefab257233ddc59

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1569
content-type
text/html; charset=UTF-8
rum
dsum-sec.casalemedia.com/ Frame 9300
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=068d0648-e8ef-420b-97fe-f96435b39fb6&expiration=1645713348&gdpr=0&gdpr_consent=
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=068d0648-e8ef-420b-97fe-f96435b39fb6&expiration=1645713348&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=068d0648-e8ef-420b-97fe-f96435b39fb6&expiration=1645713348&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
dcm
s.amazon-adsystem.com/ Frame 9300 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YfAKw803CFEzQ5mRasth1wAAAhcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
E8SPWZATB6Z5J0CFFCX5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 9300
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YfAKw803CFEzQ5mRasth1wAAAhcAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAVdjlSebDP_zJ2b4PN4l4U&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAVdjlSebDP_zJ2b4PN4l4U&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAVdjlSebDP_zJ2b4PN4l4U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9300
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YfAKw803CFEzQ5mRasth1wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOmViyQi03SDhYaPx8H6DX4&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOmViyQi03SDhYaPx8H6DX4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOmViyQi03SDhYaPx8H6DX4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 9300
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=33a683bb-301d-4dfb-934b-06f4541fae34
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=33a683bb-301d-4dfb-934b-06f4541fae34
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:48 GMT

Redirect headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:47 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=33a683bb-301d-4dfb-934b-06f4541fae34
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
222
Expires
-1
crum
dsum.casalemedia.com/ Frame 9300
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5777866265742787551
43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5777866265742787551
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:48 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
ea4ada13-d497-4c04-bef9-8345637f2b27
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5777866265742787551
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum.casalemedia.com/ Frame 9300
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=72ff1f5ace111235&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGeQIdTyv0VgM4SB6EAAAAAAA&expiration=1643207748&is_secure=true
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGeQIdTyv0VgM4SB6EAAAAAAA&expiration=1643207748&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGeQIdTyv0VgM4SB6EAAAAAAA&expiration=1643207748&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame 9300 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YfAKw803CFEzQ5mRasth1wAAAhcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
C5XDR3J8XP8D6NBK6C42
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 6F93 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
via
1.1 a20436c6d109fe9002d093f519ad4399.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
43204
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
IAD89-C2
cf-ray
6d323aea6bcf5473-YYZ
x-amz-cf-id
1eRSpWhdVAkBadFJp4F5rFN7MnzWD6LrYuBkp7TuCOeRux1TRVDlcg==
expires
Thu, 27 Jan 2022 14:35:48 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 54CF
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.10.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-10-151.compute-1.amazonaws.com
Software
/
Resource Hash
4c7737989e9c7e31a0d1a45a015617434917f5a5391de57bcfe9c8e65884f6f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Tue, 25 Jan 2022 14:35:48 GMT
pragma
no-cache

Redirect headers

date
Tue, 25 Jan 2022 14:35:48 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
ecm3
s.amazon-adsystem.com/ Frame 0D7B
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KYU80Y06-1O-9ZO6
  • https://s.amazon-adsystem.com/ecm3?id=KYU80Y06-1O-9ZO6&ex=d-rubiconproject.com&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=KYU80Y06-1O-9ZO6&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
N34KQNBB0P8XZ61QTEJS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=KYU80Y06-1O-9ZO6&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
buyers
dmx.districtm.io/s/v1/ Frame 6F93 		586 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb5d470368b7f780c16825e9b6eceb6ffd9d9fc900280a66b7889af614cb0b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d323aeadc9b5473-YYZ
access-control-allow-headers
Origin, Content-Type
match
c1.adform.net/serving/cookie/ Frame EDE6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 25 Jan 2022 14:35:48 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Tue, 25 Jan 2022 14:35:48 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 8D5F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfAKxAABNO_fwQAy&gdpr=0&gdpr_consent=
1 B
549 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfAKxAABNO_fwQAy&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 25 Jan 2022 10:34:46 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
njrpug021:0:533
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfAKxAABNO_fwQAy&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Tue, 25 Jan 2022 14:35:48 GMT
via
1.1 varnish
x-served-by
cache-yul12831-YUL
x-cache
HIT
x-cache-hits
0
x-timer
S1643121348.310610,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 6A16 		43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Tue, 25 Jan 2022 14:35:48 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
RJT8BB9V3HTFQYWWPW0P
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1983
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=q75PV8xsTEyzzhXPm2wD8A%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
23.208.216.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=86975
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Wed, 26 Jan 2022 14:45:23 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 1983
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEFCQkU0RjU3LUNDNkMtNEM0Qy1CM0NFLTE1Q0Y5QjZDMDNGMBAAGg0IxJXAjwYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=1797ff090cc9e0c3fec599bef2fe1e0347b6f5da0a4a9421d439c2090984e5ec791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAxNzk3ZmYwOTBjYzllMGMzZmVjNTk5YmVmMmZlMWUwMzQ3YjZmNWRhMGE0YTk0MjFkNDM5YzIwOTA5ODRlNWVjNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAxNzk3ZmYwOTBjYzllMGMzZmVjNTk5YmVmMmZlMWUwMzQ3YjZmNWRhMGE0YTk0MjFkNDM5YzIwOTA5ODRlNWVjNzkxNDI2YjU0MTdkY2UyMRAAGgwIxJXAjwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=bcfdcd57-efcc-4c6b-a848-bbd2d01da066
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=bcfdcd57-efcc-4c6b-a848-bbd2d01da066
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 14:35:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=bcfdcd57-efcc-4c6b-a848-bbd2d01da066
date
Tue, 25 Jan 2022 14:35:48 GMT
via
1.1 google
x-samesite
secure
alt-svc
clear
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 1983
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2dac61f0-0ac4-4b00-addd-4e96bfeb78fa
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2dac61f0-0ac4-4b00-addd-4e96bfeb78fa
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 25 Jan 2022 14:35:48 GMT
Server
MT3 4133 baa842e master ord-pixel-x27 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2dac61f0-0ac4-4b00-addd-4e96bfeb78fa
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 25 Jan 2022 14:35:47 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1983
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUJCRTRGNTctQ0M2Qy00QzRDLUIzQ0UtMTVDRjlCNkMwM0Yw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug002:0:411
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1983
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC8l9gPvGLY13KCg1YPLJ1E&google_cver=1
42 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC8l9gPvGLY13KCg1YPLJ1E&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug003:0:1419
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC8l9gPvGLY13KCg1YPLJ1E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1983
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B22330297A8044C9BDB050E0BAF9B9E8
42 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B22330297A8044C9BDB050E0BAF9B9E8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug005:0:632
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 25 Jan 2022 14:35:48 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B22330297A8044C9BDB050E0BAF9B9E8
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 24 Jan 2022 14:35:48 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1983
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9172333580162404280&gdpr=0&gdpr_consent=&us_privacy=
1 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9172333580162404280&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug006:0:407
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9172333580162404280&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 1983
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=068d0648-e8ef-420b-97fe-f96435b39fb6
42 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=068d0648-e8ef-420b-97fe-f96435b39fb6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug004:0:556
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=068d0648-e8ef-420b-97fe-f96435b39fb6
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
pixel
cm.g.doubleclick.net/ Frame 0D7B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzA0Y2ZkODhiZGNkNjk0OThiNjA2ODM0MDA2YmYxNWZlZDYwNmNiMA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzA0Y2ZkODhiZGNkNjk0OThiNjA2ODM0MDA2YmYxNWZlZDYwNmNiMA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzA0Y2ZkODhiZGNkNjk0OThiNjA2ODM0MDA2YmYxNWZlZDYwNmNiMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0D7B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1dd561f0-0ac4-4e00-a579-6844ede89535
42 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1dd561f0-0ac4-4e00-a579-6844ede89535
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Content-Type
image/gif

Redirect headers

Date
Tue, 25 Jan 2022 14:35:48 GMT
Server
MT3 4133 baa842e master ord-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1dd561f0-0ac4-4e00-a579-6844ede89535
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 25 Jan 2022 14:35:47 GMT
pixel
cm.g.doubleclick.net/ Frame 0D7B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lVODBZMDYtMU8tOVpPNg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lVODBZMDYtMU8tOVpPNg==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lVODBZMDYtMU8tOVpPNg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0D7B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/fBZkzrd-G_t7FIKWg9sbe8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4179027087190984429
42 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4179027087190984429
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Content-Type
image/gif

Redirect headers

date
Tue, 25 Jan 2022 14:35:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4179027087190984429
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
v1
ads.yahoo.com/cms/ Frame 0D7B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYU80Y06-1O-9ZO6&sigv=1&esig=2~5a89622f3cc366c1f6563b0ac426ca88e49d77c5
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYU80Y06-1O-9ZO6&sigv=1&esig=2~5a89622f3cc366c1f6563b0ac426ca88e49d77c5
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYU80Y06-1O-9ZO6&sigv=1&esig=2~5a89622f3cc366c1f6563b0ac426ca88e49d77c5
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 0D7B 		42 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 14:35:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
tap.php
pixel.rubiconproject.com/ Frame 0D7B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKUDmXflIhcQgW2HlGx9NoY&google_cver=1
42 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKUDmXflIhcQgW2HlGx9NoY&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKUDmXflIhcQgW2HlGx9NoY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0D7B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfAKxAABNO_fwQAy
42 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfAKxAABNO_fwQAy
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643121348.350075,VS0,VE0
x-served-by
cache-yul12831-YUL
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfAKxAABNO_fwQAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
c18073f8-cbe4-459f-adf5-002ca6e99b53
dmx.districtm.io/s/10059/ Frame 6F93
Redirect Chain
  • https://match.sharethrough.com/1PQ8qgv7/v1/
  • https://dmx.districtm.io/s/10059/c18073f8-cbe4-459f-adf5-002ca6e99b53
92 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10059/c18073f8-cbe4-459f-adf5-002ca6e99b53
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f4725cf0a1ee21d592ec0b6b38e529186f0ca47dc05cd7bd1a16e16519577f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Tue, 25 Jan 2022 14:35:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d323aeb9e0b5473-YYZ

Redirect headers

location
https://dmx.districtm.io/s/10059/c18073f8-cbe4-459f-adf5-002ca6e99b53
date
Tue, 25 Jan 2022 14:35:48 GMT
content-length
0
642510547937
dmx.districtm.io/s/10022/ Frame 6F93
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=137&rurl=https%3A%2F%2Fdmx.districtm.io%2Fs%2F10022%2F___AUID___
  • https://dmx.districtm.io/s/10022/642510547937
68 B
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10022/642510547937
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e4a37605d230b2579041a9557f1f231274756f1e8aad0af0d5f54579180dbbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Tue, 25 Jan 2022 14:35:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d323aec3f765473-YYZ

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://dmx.districtm.io/s/10022/642510547937
YfAKxAABNO_fwQAy
dmx.us-east-34.districtm.io/s/10016/ Frame 6F93
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-34.districtm.io/s/10016/$%7BTM_USER_ID%7D
  • https://dmx.us-east-34.districtm.io/s/10016/YfAKxAABNO_fwQAy
72 B
209 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.us-east-34.districtm.io/s/10016/YfAKxAABNO_fwQAy
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Server
34.73.194.24 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
24.194.73.34.bc.googleusercontent.com
Software
/
Resource Hash
8a2bde25893b4b6a6a58ff029186a928a9a4a94c492de067f9258527ee68c090
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
content-length
72
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643121348.383497,VS0,VE0
x-served-by
cache-yul12831-YUL
x-cache
HIT
location
https://dmx.us-east-34.districtm.io/s/10016/YfAKxAABNO_fwQAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
y-.jG4huZE2uEIbZX8K3jfPlUKy4ZcVX.z~A~UP167c6eb3-7dec-11ec-81cf-0ac457200283
dmx.districtm.io/s/10051/ Frame 6F93
Redirect Chain
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP167c6eb3-7dec-11ec-81cf-0ac457200283
  • https://dmx.districtm.io/s/10051/y-.jG4huZE2uEIbZX8K3jfPlUKy4ZcVX.z~A~UP167c6eb3-7dec-11ec-81cf-0ac457200283
131 B
176 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10051/y-.jG4huZE2uEIbZX8K3jfPlUKy4ZcVX.z~A~UP167c6eb3-7dec-11ec-81cf-0ac457200283
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_ox-db5_dm_n-amobee_dmx_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321783dd73440ab6dc2bdc33e0312fcb706d26ee8ed316fbb58c03e650ff34e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Tue, 25 Jan 2022 14:35:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d323aecd88e5473-YYZ

Redirect headers

location
https://dmx.districtm.io/s/10051/y-.jG4huZE2uEIbZX8K3jfPlUKy4ZcVX.z~A~UP167c6eb3-7dec-11ec-81cf-0ac457200283
date
Tue, 25 Jan 2022 14:35:48 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame 6F93
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=24C4goFBnZGfevlsFK4aHMHDJ05
  • https://x.bidswitch.net/ul_cb/sync?ssp=districtm&user_id=24C4goFBnZGfevlsFK4aHMHDJ05
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f4877bed-f4bd-400b-a2f2-0cadc535107e&ssp=districtm&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10596829188241621043&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10596829188241621043&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26s...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=576bd1b0-8af1-4421-9592-52cce04a3e47&ssp=districtm&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=163850504042006528580&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10596829188241621043&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
43 B
235 B 		Script
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10596829188241621043&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e2d868f56353cfa8f98f458b5bb7edf7585e67750a7dc681947d86c10f680499

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:48 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10596829188241621043&ssp=<SSP_VALUE>&gdpr=&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 54CF 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=96a956e7-7e4a-4194-9f5a-8ae13a557c94&expiration=1650897348
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:48 GMT
jsapi
mixi.media/newdata/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mixi.media/newdata/jsapi?action=news
Requested by
Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.7.1.en_US.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
be4935421aadaaba628730107485dca2d34b7202b66be0a570f304c9ad3f9ebf

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Content-Encoding
gzip
Last-Modified
Tuesday, 25-Jan-2022 14:35:48 GMT
Server
nginx
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.theepochtimes.com
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
X-Node
ads5-3ssel30
settings
stat.media/counter/ 		450 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/settings?payload=CKSAAxIkMzcwM2E0OWQtNjFiNS00MWViLTk4NmUtNzYwYWM2Nzk5Yzg5GOKZqI3pLyIkNDQ1MDRkYjktODEzZS00NDc5LWI2YWEtMTRlZjFlZTliM2Uy&cb=_callbacks____0kyu80yqd
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.162.95.70 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
sm-server1-1.smir12.imcmdb.net
Software
nginx /
Resource Hash
ca091135c3c6f3fe1ed86d64a0732d54ea8e64360d647fae2c11489e8b982781

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:48 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/javascript
/
mixi.media/cookiematching/ 		43 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJDM3MDNhNDlkLTYxYjUtNDFlYi05ODZlLTc2MGFjNjc5OWM4ORoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNjQzMTIxMzQ3ODEwGgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJDQ0NTA0ZGI5LTgxM2UtNDQ3OS1iNmFhLTE0ZWYxZWU5YjNlMhoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1643121348715
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Date
Tue, 25 Jan 2022 14:35:48 GMT
Last-Modified
Tuesday, 25-Jan-2022 14:35:48 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:48 GMT
view
stat.media/counter/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/view
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.162.95.70 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
sm-server1-1.smir12.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Tue, 25 Jan 2022 14:35:49 GMT
Server
nginx
Connection
keep-alive
9829614.jpeg
static1.mixi.media/img/400x300/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.mixi.media/img/400x300/9829614.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
13981d4e36dfbd16a201c7dfe2b9a4082b2b33b6485002d1c5eddac4bd984ac0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:49 GMT
Last-Modified
Mon, 24 Jan 2022 19:29:11 GMT
Server
nginx
ETag
W/"61eefe07-13e86"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46533
Expires
Wed, 24 Jan 2024 19:29:36 GMT
9802944.jpeg
static2.mixi.media/img/400x300/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static2.mixi.media/img/400x300/9802944.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
a18428bfc3bfe377da6f59024d3652e01d251f6db172dc26f1ce079ec3d785fd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:49 GMT
Last-Modified
Sun, 16 Jan 2022 20:01:05 GMT
Server
nginx
ETag
W/"61e47981-10e9e"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38569
Expires
Tue, 16 Jan 2024 20:01:38 GMT
9825993.jpeg
static4.mixi.media/img/400x300/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static4.mixi.media/img/400x300/9825993.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
52b820ec8aeb3a3c3bea398dd48a7528f7c5f947bec8358bd8184ff1d6364eb9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:49 GMT
Last-Modified
Sun, 23 Jan 2022 20:06:36 GMT
Server
nginx
ETag
W/"61edb54c-16200"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
60116
Expires
Tue, 23 Jan 2024 20:07:09 GMT
9816601.jpeg
static6.mixi.media/img/400x300/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static6.mixi.media/img/400x300/9816601.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
9dd794fdd1f42542b9d2b7dbaf47eb311b127ffecfc750b63b98f6e253deb2ac

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:49 GMT
Last-Modified
Thu, 20 Jan 2022 14:38:09 GMT
Server
nginx
ETag
W/"61e973d1-16881"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48496
Expires
Sat, 20 Jan 2024 14:38:39 GMT
9829585.jpeg
static3.mixi.media/img/400x300/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.mixi.media/img/400x300/9829585.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
be20ed92daf4ecc810431c4ffd9ce86dbf16b6419b6598fd0f1360891a99bed7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:49 GMT
Last-Modified
Mon, 24 Jan 2022 19:14:04 GMT
Server
nginx
ETag
W/"61eefa7c-1579d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52091
Expires
Wed, 24 Jan 2024 19:14:37 GMT
9803820.jpeg
static4.mixi.media/img/400x300/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static4.mixi.media/img/400x300/9803820.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
f9368b3b0e25ba234c55fde374503f196f6a17b9d6bb8812512acd81512735ee

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:49 GMT
Last-Modified
Mon, 17 Jan 2022 06:04:35 GMT
Server
nginx
ETag
W/"61e506f3-1770c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49001
Expires
Wed, 17 Jan 2024 06:05:10 GMT
9825994.jpeg
static5.mixi.media/img/400x300/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static5.mixi.media/img/400x300/9825994.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
0a843d78310a11fa13722c90ac8f56074d997f232b64443f7a10cff16dda93ad

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:49 GMT
Last-Modified
Sun, 23 Jan 2022 20:08:42 GMT
Server
nginx
ETag
W/"61edb5ca-1c2b1"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41981
Expires
Tue, 23 Jan 2024 20:09:11 GMT
9806103.jpeg
static7.mixi.media/img/400x300/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static7.mixi.media/img/400x300/9806103.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
2f8a9a8f44f78097ceb022d0e1c7a140c154b58a3f9544113f684eb20335f9c0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:49 GMT
Last-Modified
Mon, 17 Jan 2022 15:20:02 GMT
Server
nginx
ETag
W/"61e58922-e9b1"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31475
Expires
Wed, 17 Jan 2024 15:20:35 GMT
9814263.jpeg
static8.mixi.media/img/400x300/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static8.mixi.media/img/400x300/9814263.jpeg
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
362b2e9a812487ebfdc11b68fbba4491bdf704804c107678ebe11e901c4f4c3b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:49 GMT
Last-Modified
Wed, 19 Jan 2022 23:31:20 GMT
Server
nginx
ETag
W/"61e89f48-ce44"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32694
Expires
Fri, 19 Jan 2024 23:31:48 GMT
users
dmx.districtm.io/s/v1/ Frame 6F93 		0
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d323aee7b3c5473-YYZ
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 25 Jan 2022 14:35:48 GMT
cf-ray
6d323aee2eaf18b4-EWR
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
getcity
sc.youmaker.com/ 		118 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sc.youmaker.com/getcity
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.97.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
157.97.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
fcdebe4cae587dd02b16b1ec7eea1c94a78d4751eaf0a384c407cd738bf56cd1

Request headers

Accept
*/*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 25 Jan 2022 14:35:48 GMT
via
1.1 google
server
nginx/1.20.1
alt-svc
clear
content-length
118
content-type
application/json;charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame 6F93
Redirect Chain
  • https://dmx.districtm.io/s/v1/users/10002
  • https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUkROR2R2UmtKdVdrZG1aWFpzYzBaTE5HRklUVWhFU2pBMSJ9.Zrb4NxObcNEmMk7UFe_up-...
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUkROR2R2UmtKdVdrZG1aWFpzYzBaTE5HRklUVWhFU2pBMSJ9.Zrb4NxObcNEmMk7UFe_up-LXQeuKaL3xLopPbFMV_5u8v-FJ8V29ii6rrGwmpiuNm3zlXzk60Htx5qo-g7uxWQ
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1A2KSZ0W5EXM6A59WGVK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 25 Jan 2022 14:35:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUkROR2R2UmtKdVdrZG1aWFpzYzBaTE5HRklUVWhFU2pBMSJ9.Zrb4NxObcNEmMk7UFe_up-LXQeuKaL3xLopPbFMV_5u8v-FJ8V29ii6rrGwmpiuNm3zlXzk60Htx5qo-g7uxWQ
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d323aeefc575473-YYZ
access-control-allow-headers
Origin, Content-Type
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 54D7 		42 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFhfWPqij8qKE1PYgDtbuHkjQ8XvWnZ-sADRiI0s3tUOlDh4Cy5HgRlHuniR-wmaNxiNEN5AiJoHUdIH7ArLQS5YTKfPPEEczOkfJiTHJk2n8q73hD&sig=Cg0ArKJSzBpEVOIbjQLTEAE&id=lidar2&mcvt=1000&p=442,1100,692,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220119&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2786340635&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643121347847&rpt=166&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5D2B 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6hGeh_Ldq3JWyXNoCvvtB-QjKr6N6j9nF1EXa64wyZxjJy27nkN0bFJ3sZ61SBfBYt18Ma2SCMEcknpUPshjQnWDhXqq3yq8NoHacuEWAraRgJjAU&sig=Cg0ArKJSzLxz0NZY7hcDEAE&id=lidar2&mcvt=1000&p=126,315,376,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220119&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3587454004&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643121347911&rpt=199&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011002&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d656ddc68b09d81785c259c5a5908e72b23fe1073f8caad117b93148d942b29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 14:35:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9282
x-xss-protection
0
view
stat.media/counter/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/view
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.162.95.70 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
sm-server1-1.smir12.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Tue, 25 Jan 2022 14:35:49 GMT
Server
nginx
Connection
keep-alive
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26237
x-xss-protection
0
pragma
public
x-fb-debug
x4VsRD+HQN6NdYUAVA3fZsFrWlaXNcogYW+UTh+gQTbLjeUwdW1drRIuZ+vWAvpRwe6FPGgbzrrCQBvJbvXopw==
x-fb-trip-id
1512268381
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 25 Jan 2022 14:35:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
push_notif.js
services.epoch.cloud//public-labs/src/push_notifications/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud//public-labs/src/push_notifications/push_notif.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0523c13750f634735ff97f98cc6b2d0100bc0aab4d8f703ad3b6952731d7a545

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Sep 2020 15:46:03 GMT
server
cloudflare
age
3517
etag
W/"5f6384bb-18fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysG%2FDyngMLUmESRk%2F5w6mPLjaXPGbAX76YzzO0ycRQB4ApeV4L4gxG1NXBINqzhjr8JRMmsyPvMg0zjb9AfnG6a81ydeP%2FL%2BY0ttbHx8zTKRwI4CYcOkSvKp1xvvllPE6zRC3nu96gSoGcj%2BV2bG1qbigQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d323af1d9deecee-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
a.clickcertain.com/px/
Redirect Chain
  • https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html
  • https://a.clickcertain.com/px/smart/a/?c=244b81b94c69796&seg=1200%2dfake%2damerican%2ddrivers%2dlicenses%2dfrom%2dhong%2dkong%2dseized%2din%2dindiana_4233039%2ehtml
  • https://a.clickcertain.com/px/?c=244b81b94c69796
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.clickcertain.com/px/?c=244b81b94c69796
Protocol
H2
Server
2606:4700:3039::6815:c074 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fb4c4a2c82b150fe85cb124f6e62f13cbd8e9e6f31b07c8326ff21b2b649c9d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
content-encoding
br
x-frontend
cc-nginx-588445b6b9-smdg5:cc-nginx-588445b6b9-smdg5
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
6f110e2f-4424-97a3-9eb6-c7771502b48f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkD3OOHHo4LacQBYsnSX9KH34OI7HtLJO8licW%2FubnByK4K%2FLfmsRNGTf%2FkPeFCxYqg9tEPB5lwnBJKId1D1S7qv0vMxSNvp%2BLmGB9bjJJsFU%2Bw%2BwdjqM6zJYZTo1F9ww6GsfUCg2hATdBvEtaKveQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
x-envoy-upstream-service-time
62
cf-ray
6d323af368c74bd6-YUL

Redirect headers

date
Tue, 25 Jan 2022 14:35:49 GMT
x-frontend
cc-nginx-588445b6b9-rkjj5:cc-nginx-588445b6b9-rkjj5
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
f3f6fd6a-acaf-9e44-b357-d0d23b9e3baf
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3ety3DCoVu%2FAOoR%2FSROGqNssxLWV%2BKIsMlmkv09KbMipkRQ4BY5VIdEORDH7sxhYTIGfRwisEp5gjMrR4E%2Be%2FhBpkxjefdykxkYk3%2FHTGVAq9R7Qz8ljq%2BoTlPSVnm050JUFw5y7UkF9n2iVRz8BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://a.clickcertain.com/px/?c=244b81b94c69796
x-envoy-upstream-service-time
34
cf-ray
6d323af29fe44bd6-YUL
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/24003086/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.226.31.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-3.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:06:03 GMT
via
1.1 ea5efad48fd2ca3e2050f885ef5ad57c.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
1787
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
EWR53-C2
accept-ranges
bytes
content-length
0
x-amz-cf-id
PO8BM_2qAWXZ1Rfg18q-1GWYbXc0zcw5ZQ9QdJIgry13XR_yzSlJhA==

Redirect headers

date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 ea5efad48fd2ca3e2050f885ef5ad57c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
hF34VuNKUXAmc5dGWWV2SYLGm04JDtO_6o4w928LJmKoNQeFQg178Q==
embed.js
comment.youmaker.com/web/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/embed.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/remark.min.js?ver=20211118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
20b33eb0d3404a30fd13269c9b6b3cb6a1a91668a4e284dd9e1b3ec78ca7d479

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
last-modified
Fri, 21 Jan 2022 16:22:36 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
7611
app-version
0.1.2
counter.js
comment.youmaker.com/web/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/counter.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/remark.min.js?ver=20211118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
13160f1ceb7467feed0eb33c0b4d0862d3a6b7150826c0123a56ee7bb314439e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
last-modified
Fri, 21 Jan 2022 16:22:36 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
2305
app-version
0.1.2
get
subs.youmaker.com/template/ 		186 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/template/get?tid=signin&sid=ca.theepochtimes.com&siteid=ca.theepochtimes.com&planid=429f36fb-d585-414e-8e4c-5d09f5cbdca0&uid=d8139bf7-5915-437a-b1c1-cbde5ab110af
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
4bfe479613043ab7e6c069b9d58ed5d0d7067ece841ed6ee251eabc18bc84a8b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
186
get
subs.youmaker.com/template/ 		186 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/template/get?tid=signin&sid=ca.theepochtimes.com&siteid=ca.theepochtimes.com&planid=429f36fb-d585-414e-8e4c-5d09f5cbdca0&uid=d8139bf7-5915-437a-b1c1-cbde5ab110af
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
4bfe479613043ab7e6c069b9d58ed5d0d7067ece841ed6ee251eabc18bc84a8b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
186
get
subs.youmaker.com/rules/ 		412 KB
412 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/rules/get?siteid=ca.theepochtimes.com&planid=429f36fb-d585-414e-8e4c-5d09f5cbdca0&uid=d8139bf7-5915-437a-b1c1-cbde5ab110af
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3a3d2b4f1177e49276cc59600440ea66c607b6fecee5013888bf97715b7f4217

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
alt-svc
clear
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Jan 2022 14:35:49 GMT
179006610034452
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/179006610034452?v=2.9.51&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fa9391fe5fc500124fc0aca209ae569b3678607a370ac47979cbb14d637a6882
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89227
x-xss-protection
0
pragma
public
x-fb-debug
QbssJsCW9Ggu9KlWY4NtWkfX+bl/oue7Nz7cBPFjyBuy5OSInMfYUs2hjlDagIRPVFEm2zt0+3Kt6jniLObcfg==
x-frame-options
DENY
date
Tue, 25 Jan 2022 14:35:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
b413bf4fa936cc351ac6476e0df69b50.js
clientcdn.pushengage.com/core/ 		74 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientcdn.pushengage.com/core/b413bf4fa936cc351ac6476e0df69b50.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.31.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-67.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
096a7caacb4e844a1d4a5bad9b9145784a9f5b5d7e9397bbbb6e83f646c46505

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:34:57 GMT
content-encoding
gzip
server
nginx
age
52
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=120
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
UKcTMNear7ACdnc4CN9v41LhTIwCq_J66LAyLp-D3IXfGHuBRSpv-A==
via
1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
show
subs.youmaker.com/template/ Frame 59CE 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/template/show?tid=signin&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
c0e75d516d2a49e0010b6fbac09d57500dc1100950ccb87cec49723b8b2a13eb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

server
nginx/1.20.1
date
Tue, 25 Jan 2022 14:35:49 GMT
content-type
text/html; charset=utf-8
x-robots-tag
noindex
via
1.1 google
alt-svc
clear
show
subs.youmaker.com/template/ Frame D4D3 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/template/show?tid=signin&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
c0e75d516d2a49e0010b6fbac09d57500dc1100950ccb87cec49723b8b2a13eb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

server
nginx/1.20.1
date
Tue, 25 Jan 2022 14:35:49 GMT
content-type
text/html; charset=utf-8
x-robots-tag
noindex
via
1.1 google
alt-svc
clear
counts
comment.youmaker.com/api/v1/ 		202 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/counts?site=remark
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
1b80a55ff16814678fd8009946e3fcd679b67bf5a28436bd8ff99985b299336b

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
vary
Origin
alt-svc
clear
content-length
202
pragma
no-cache
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theepochtimes.com
expires
Thu, 01 Jan 1970 00:00:00 UTC
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
app-version
0.1.2
counts
comment.youmaker.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/counts?site=remark
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Tue, 25 Jan 2022 14:35:49 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.theepochtimes.com
app-name
remark
app-version
0.1.2
author
EMG
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-robots-tag
noindex
via
1.1 google
alt-svc
clear
iframe.html
comment.youmaker.com/web/ Frame 2ED4 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2e7af9d06c2f1d015d55605ba6c6e4bf8cfa39ea69f1ccbef54c271cc2bdda06

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

server
nginx/1.20.1
date
Tue, 25 Jan 2022 14:35:49 GMT
content-type
text/html; charset=utf-8
content-length
4155
accept-ranges
bytes
app-name
remark
app-version
0.1.2
author
EMG
last-modified
Fri, 21 Jan 2022 16:22:14 GMT
x-robots-tag
noindex
via
1.1 google
alt-svc
clear
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FAE9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 23 Jan 2022 00:55:22 GMT
expires
Mon, 23 Jan 2023 00:55:22 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
222027
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 79E5 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3a333d850190c5ffe95865198a4b35846a7036ed1cbef3978502a17b7bd9aee8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-F7Cf9mETLhAfJX+pqqkTNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 25 Jan 2022 14:35:49 GMT
date
Tue, 25 Jan 2022 14:35:49 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-F7Cf9mETLhAfJX+pqqkTNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/tr/ 		44 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=179006610034452&ev=PageView&dl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3D_removed_%26__ve%3Dcamille.papanek%2540cic.gc.ca%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522instaaccount%2522%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1643121349557&sw=1600&sh=1200&v=2.9.51&r=stable&ec=0&o=30&fbp=fb.1.1643121349555.210969827&it=1643121349443&coo=false&exp=p1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 25 Jan 2022 14:35:49 GMT
userId.bundle.js
subs.youmaker.com/lib/ Frame 59CE 		200 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/lib/userId.bundle.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=signin&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
c454e9ab422a8d322d36521d9a675279c9b2dcf9e69190afa80a214a071a943e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://subs.youmaker.com/template/show?tid=signin&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
last-modified
Mon, Jan 24 2022 15:10:08 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
204540
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=3200&siteid=ca.theepochtimes.com&planid=429f36fb-d585-414e-8e4c-5d09f5cbdca0&uid=d8139bf7-5915-437a-b1c1-cbde5ab110af
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Tue, 25 Jan 2022 14:35:49 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=7200&siteid=ca.theepochtimes.com&planid=429f36fb-d585-414e-8e4c-5d09f5cbdca0&uid=d8139bf7-5915-437a-b1c1-cbde5ab110af
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Tue, 25 Jan 2022 14:35:49 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=13202&siteid=ca.theepochtimes.com&planid=429f36fb-d585-414e-8e4c-5d09f5cbdca0&uid=d8139bf7-5915-437a-b1c1-cbde5ab110af
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Tue, 25 Jan 2022 14:35:49 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=13207&siteid=ca.theepochtimes.com&planid=429f36fb-d585-414e-8e4c-5d09f5cbdca0&uid=d8139bf7-5915-437a-b1c1-cbde5ab110af
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Tue, 25 Jan 2022 14:35:49 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=13208&siteid=ca.theepochtimes.com&planid=429f36fb-d585-414e-8e4c-5d09f5cbdca0&uid=d8139bf7-5915-437a-b1c1-cbde5ab110af
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.theepochtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Tue, 25 Jan 2022 14:35:49 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.theepochtimes.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/ 		69 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=3200&siteid=ca.theepochtimes.com&planid=429f36fb-d585-414e-8e4c-5d09f5cbdca0&uid=d8139bf7-5915-437a-b1c1-cbde5ab110af
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
69
auth
subs.youmaker.com/subs/ 		69 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=7200&siteid=ca.theepochtimes.com&planid=429f36fb-d585-414e-8e4c-5d09f5cbdca0&uid=d8139bf7-5915-437a-b1c1-cbde5ab110af
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
69
auth
subs.youmaker.com/subs/ 		68 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=13202&siteid=ca.theepochtimes.com&planid=429f36fb-d585-414e-8e4c-5d09f5cbdca0&uid=d8139bf7-5915-437a-b1c1-cbde5ab110af
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e10411a43ed1dd792677b99a20c9c846da6b650a2829cd5b217e5c68f8e7c00b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
68
auth
subs.youmaker.com/subs/ 		68 B
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=13207&siteid=ca.theepochtimes.com&planid=429f36fb-d585-414e-8e4c-5d09f5cbdca0&uid=d8139bf7-5915-437a-b1c1-cbde5ab110af
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e10411a43ed1dd792677b99a20c9c846da6b650a2829cd5b217e5c68f8e7c00b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
68
auth
subs.youmaker.com/subs/ 		69 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=13208&siteid=ca.theepochtimes.com&planid=429f36fb-d585-414e-8e4c-5d09f5cbdca0&uid=d8139bf7-5915-437a-b1c1-cbde5ab110af
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
69
userId.bundle.js
subs.youmaker.com/lib/ Frame D4D3 		200 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/lib/userId.bundle.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=signin&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
c454e9ab422a8d322d36521d9a675279c9b2dcf9e69190afa80a214a071a943e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://subs.youmaker.com/template/show?tid=signin&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20Responsive%20Signin%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
last-modified
Mon, Jan 24 2022 15:10:08 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
204540
showad.js
ads.pubmatic.com/AdServer/js/ Frame F582 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.216.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

last-modified
Tue, 11 Jan 2022 05:13:08 GMT
etag
"1302647-9687-5d547824a78f1"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13928
content-type
text/html; charset=UTF-8
cache-control
public, max-age=17796
expires
Tue, 25 Jan 2022 19:32:25 GMT
date
Tue, 25 Jan 2022 14:35:49 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 95C1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Tue, 25 Jan 2022 14:35:49 GMT
Content-Length
1151
Connection
keep-alive
pd
us-u.openx.net/w/1.0/ Frame E330 		1 KB
637 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
dd7165cf2226a424245aa77c1d64e421ecfe5b0efb6dd7ce433970ad18886994

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 25 Jan 2022 14:35:49 GMT
content-type
text/html
content-length
618
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1827 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sun, 16 Jan 2022 02:32:47 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 25 Jan 2022 14:35:49 GMT
Age
43365
X-Served-By
cache-lga21969-LGA, cache-yul12829-YUL
X-Cache
HIT, HIT
X-Cache-Hits
183792, 147202
X-Timer
S1643121350.759933,VS0,VE0
Vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame 55C7 		1 KB
637 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
dd7165cf2226a424245aa77c1d64e421ecfe5b0efb6dd7ce433970ad18886994

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 25 Jan 2022 14:35:49 GMT
content-type
text/html
content-length
618
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
showad.js
ads.pubmatic.com/AdServer/js/ Frame 32D5 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.216.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

last-modified
Tue, 11 Jan 2022 05:13:08 GMT
etag
"1302647-9687-5d547824a78f1"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13928
content-type
text/html; charset=UTF-8
cache-control
public, max-age=17796
expires
Tue, 25 Jan 2022 19:32:25 GMT
date
Tue, 25 Jan 2022 14:35:49 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8D97 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sun, 16 Jan 2022 02:32:47 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 25 Jan 2022 14:35:49 GMT
Age
43365
X-Served-By
cache-lga21969-LGA, cache-yul12820-YUL
X-Cache
HIT, HIT
X-Cache-Hits
183792, 147525
X-Timer
S1643121350.761218,VS0,VE0
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 2AC9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Tue, 25 Jan 2022 14:35:49 GMT
Content-Length
1151
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame DC40 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 25 Jan 2022 14:35:49 GMT
Connection
keep-alive
Vary
Accept-Encoding
remark.css
comment.youmaker.com/web/ Frame 2ED4 		82 KB
82 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/remark.css?v=2022012111
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0eaa98d99ffd85f27787798b06fb8b7b62a5c25710e7dc3868fcf893044110d3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
last-modified
Fri, 21 Jan 2022 16:22:36 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
text/css; charset=utf-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
84183
app-version
0.1.2
remark.js
comment.youmaker.com/web/ Frame 2ED4 		314 KB
314 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/remark.js?v=2022012111
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
5a4c618ffded08a9f7158c3feb92caf7ab70bc26a6bc2daecdffc2b62bd989eb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
last-modified
Fri, 21 Jan 2022 16:22:14 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
321564
app-version
0.1.2
get_share_token
subsapi.epoch.cloud/referral/ 		77 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/referral/get_share_token?userid=undefined
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcecd4d2840be48a76a5e7a25407e50d2cb0bf1dfbcd8fb2b2df5673acf1c499

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OTrL2W98HzeEIVuSBglbN6JiYUFTLYUqk%2FPZRXSV%2B7lXNinzabJTztHUXy5hXIF0tD%2BuCqMQRH%2Bn7JhqGJ0oYqG6qMjigQ%2Bru0Q5GQFdFNjn51es5Dv%2BKd8%2BodKQFdKcusO%2FJ7c8Gn50vXuegIGzOm0"}],"group":"cf-nel","max_age":604800}
cf-ray
6d323af43b5a4bbf-YUL
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sharered.png
cdn.epoch.cloud/assets/static_assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.epoch.cloud/assets/static_assets/sharered.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e909e7516aa32244e3cd4aada2e3c562c6541c1980b34578aa43429bc7eb8c7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3191
last-modified
Sat, 07 Nov 2020 20:13:25 GMT
server
cloudflare
etag
"5fa6ffe5-c77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SRogrGiCiN3O7SDhsaLkF0jE4Hnha4SEv1srZRsihlfeq2RIi9egimxmplRRnsQ3Sbm5%2B0c%2BQH8Fiqzwalcj8jr1dTz2RPMogccSATuGfPiFknaUF3SLKp8UiamMWvYpqzv64zvzEOlFKctcmv8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, no-transform
accept-ranges
bytes
cf-ray
6d323af3eb79ecee-YUL
expires
Tue, 25 Jan 2022 14:44:28 GMT
get
subs.youmaker.com/template/ 		204 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/template/get?tid=6502e8a1-259e-4f71-8efa-fe8ba77cec38&sid=ca.theepochtimes.com&version=1&siteid=ca.theepochtimes.com&planid=429f36fb-d585-414e-8e4c-5d09f5cbdca0&uid=d8139bf7-5915-437a-b1c1-cbde5ab110af
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
ef766e866b578d232c41912d71d6201031d7c4ce2187bf33a8e235691508277e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
204
D-DINCondensed-Bold.otf
img.theepochtimes.com/fonts/ Frame 59CE 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.theepochtimes.com/fonts/D-DINCondensed-Bold.otf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
872f4fde8b21d5105a83ba13988aa60224eae251b1708dec3062160b72d30736

Request headers

Referer
https://subs.youmaker.com/
Origin
https://subs.youmaker.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
last-modified
Wed, 05 Sep 2018 15:47:56 GMT
server
nginx
etag
"5b8ffaac-e454"
x-hw
1643121349.cds061.dc2.hn,1643121349.cds197.dc2.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
58452
show
subs.youmaker.com/template/ Frame 8E24 		27 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/template/show?tid=6502e8a1-259e-4f71-8efa-fe8ba77cec38&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=InstaAccount%20Plus&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
adeecdb7e0d39a26f32484b32e44031de09a26aae5468623f7763121e3134ff9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

server
nginx/1.20.1
date
Tue, 25 Jan 2022 14:35:49 GMT
content-type
text/html; charset=utf-8
x-robots-tag
noindex
via
1.1 google
alt-svc
clear
sodar
pagead2.googlesyndication.com/pagead/ Frame 79E5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011002&jk=1207402431981013&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
dds
rtb.openx.net/sync/ Frame E330
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=eqxmz5bwxmMVh2wSY523cg==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
f3stgc4k8ljbp12f195632sdimg0pap9

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E330
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=1dd561f0-0ac4-4e00-a579-6844ede89535
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=1dd561f0-0ac4-4e00-a579-6844ede89535
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 25 Jan 2022 14:35:49 GMT
Server
MT3 4133 baa842e master ord-pixel-x53 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=1dd561f0-0ac4-4e00-a579-6844ede89535
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 25 Jan 2022 14:35:48 GMT
sd
us-u.openx.net/w/1.0/ Frame E330
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=1773039e-7dec-11ec-8eae-b573dd4f8469
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=1773039e-7dec-11ec-8eae-b573dd4f8469
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=1773039e-7dec-11ec-8eae-b573dd4f8469
Date
Tue, 25 Jan 2022 14:35:49 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
1773039f-7dec-11ec-8eae-b573dd4f8469
sd
us-u.openx.net/w/1.0/ Frame E330
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:49 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame E330 		95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=a3849f0f-6471-42ca-b912-b87383084cc4
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame E330
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=8b3e6f7a-e71c-4504-a0d4-e1af272779a1
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=8b3e6f7a-e71c-4504-a0d4-e1af272779a1&apid=UP167c6eb3-7dec-11ec-81cf-0ac457200283
0
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=8b3e6f7a-e71c-4504-a0d4-e1af272779a1&apid=UP167c6eb3-7dec-11ec-81cf-0ac457200283
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
H2
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:50 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=8b3e6f7a-e71c-4504-a0d4-e1af272779a1&apid=UP167c6eb3-7dec-11ec-81cf-0ac457200283
date
Tue, 25 Jan 2022 14:35:50 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame E330
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=f03c9395-f231-492d-ac8a-a056891fec10
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f03c9395-f231-492d-ac8a-a056891fec10
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f03c9395-f231-492d-ac8a-a056891fec10
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 25 Jan 2022 14:35:50 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f03c9395-f231-492d-ac8a-a056891fec10
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
sd
us-u.openx.net/w/1.0/ Frame E330
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=5777866265742787551
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=5777866265742787551
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
1bf23afc-7828-44e7-92d8-dee917a80185
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=5777866265742787551
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E330 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=fd2c908e-23dc-c4b7-33fd-a232d8b74628
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PSW56Y2YSRK4VN3JWFP0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E330
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=9172333580162404280&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=9172333580162404280&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=9172333580162404280&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 25 Jan 2022 14:35:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
usync.js
eus.rubiconproject.com/ Frame DC40 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
dfaa9b38b6961e041aa90677d76e0ea5a4fd7ac176ba83694b18d57d809fd57e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52871
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Wed, 26 Jan 2022 05:17:00 GMT
dds
rtb.openx.net/sync/ Frame 55C7
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=eqxmz5bwxmMVh2wSY523cg==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
hn52p4lm424kncqfrr7skng5rj5habam

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 55C7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=1dd561f0-0ac4-4e00-a579-6844ede89535
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=1dd561f0-0ac4-4e00-a579-6844ede89535
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 25 Jan 2022 14:35:49 GMT
Server
MT3 4133 baa842e master ord-pixel-x3 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=1dd561f0-0ac4-4e00-a579-6844ede89535
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 25 Jan 2022 14:35:48 GMT
sd
us-u.openx.net/w/1.0/ Frame 55C7
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=1774d832-7dec-11ec-84bb-535f241a7d24
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=1774d832-7dec-11ec-84bb-535f241a7d24
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=1774d832-7dec-11ec-84bb-535f241a7d24
Date
Tue, 25 Jan 2022 14:35:49 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
1774d833-7dec-11ec-84bb-535f241a7d24
sd
us-u.openx.net/w/1.0/ Frame 55C7
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:49 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 55C7 		95 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=a3849f0f-6471-42ca-b912-b87383084cc4
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame 55C7
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=8b3e6f7a-e71c-4504-a0d4-e1af272779a1
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=8b3e6f7a-e71c-4504-a0d4-e1af272779a1&apid=UP167c6eb3-7dec-11ec-81cf-0ac457200283
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=8b3e6f7a-e71c-4504-a0d4-e1af272779a1&apid=UP167c6eb3-7dec-11ec-81cf-0ac457200283
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
H2
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:50 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=8b3e6f7a-e71c-4504-a0d4-e1af272779a1&apid=UP167c6eb3-7dec-11ec-81cf-0ac457200283
date
Tue, 25 Jan 2022 14:35:50 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
362358.gif
idsync.rlcdn.com/ Frame 55C7
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=f03c9395-f231-492d-ac8a-a056891fec10
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEK8YvJ4pbhaiiZl0fyQPPz4&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEK8YvJ4pbhaiiZl0fyQPPz4&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEK8YvJ4pbhaiiZl0fyQPPz4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 55C7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=5777866265742787551
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=5777866265742787551
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
7ed95ff7-3503-4f8b-b1cb-3f5ea030ebb2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=5777866265742787551
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 55C7 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=fd2c908e-23dc-c4b7-33fd-a232d8b74628
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4FB9KFKTEGZWDCAD7X4C
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 55C7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=9172333580162404280&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=9172333580162404280&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=db852951-a926-4ffc-b276-77dd3fb28d81&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=9172333580162404280&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 25 Jan 2022 14:35:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
config
comment.youmaker.com/api/v1/ Frame 2ED4 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/config?site=remark
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022012111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
9963485ccb8a760a4dd0df41b5e63c36f28bd143313de3f9c09b096ebdbb8ee0

Request headers

x-provider-token
youmaker
x-xsrf-token
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
x-access-token
x-site-id
remark

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:49 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version
0.1.2
x-robots-tag
noindex
alt-svc
clear
content-length
1914
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
a.clickcertain.com/px/cont/ Frame 7716 		942 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=d21ca467-778c-4114-9040-756b0af16e31&cn=CA
Requested by
Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c074 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73bbec0fbcb91740b1cf134b658933ae20b42b05b6adb3eaa0a1517e0610a4c7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
content-type
text/html
etag
W/"ZDIxY2E0NjdnNzc4Y2c0MTE0ZzkwNDBnNzU2YjBhZjE2ZTMxLXow"
x-frontend
cc-nginx-588445b6b9-8nnnf:cc-nginx-588445b6b9-8nnnf
x-requestid
487d9e47-831d-95d1-a5dc-138e9405d39f
x-envoy-upstream-service-time
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXvBXG4nKcJ%2FRVwh1lv87OE4NMtfI14zclmnsPKpsWzKt0RlW1%2F3b2qVgEzGf2q5hVyGEhSm9zOyBkN77vTNENAKbUwSbxSEvpIpH2JzLf0myOtf3KfHbtC2WBRFTEw6i1AC1OTK6t2gQBlN%2FlXjTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d323af54ad94bd6-YUL
content-encoding
br
async_usersync
ib.adnxs.com/ Frame 1827 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.25 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
563.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
075c8e09-4c2a-4c0b-af30-86762214a63c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8D97 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.25 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
563.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
efe83fd0-2a25-4903-83f3-8bbb2ad6eec9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 8555 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11af457ec0f7feedbb1721da7e5ffd4ebd8689c8fcbff1760246f202d76187c7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|4|3|81|221|51|88
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Tue, 25 Jan 2022 14:35:50 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
Content-Length
1551
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame AB7D 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2c0460785cc22b67a7efb498a1c12d0e6b3ec58946b6c7d51f0d5a751a0688e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|130|206|105|221|51|64
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Tue, 25 Jan 2022 14:35:50 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
Content-Length
1416
Connection
keep-alive
VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
pagead2.googlesyndication.com/bg/ Frame FAE9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 00:55:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
222027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 00:55:23 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=179006610034452&ev=Microdata&dl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&rl=&if=false&ts=1643121350076&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%221%2C200%20Fake%20American%20Driver%E2%80%99s%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana%22%2C%22meta%3Adescription%22%3A%22The%20Customs%20and%20Border%20Protection%20(CBP)%20seized%20more%20than%201%2C000%20counterfeit%20driver%E2%80%99s%20licenses%20in%20Indianapolis%2C%20Indiana%2C%20that%20were%20...%22%2C%22meta%3Akeywords%22%3A%22Indiana%2CUSA%2CTHE%20EPOCH%20TIMES%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%221%2C200%20Fake%20American%20Driver%27s%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana%22%2C%22og%3Adescription%22%3A%22The%20Customs%20and%20Border%20Protection%20(CBP)%20seized%20more%20than%201%2C000%20counterfeit%20driver%E2%80%99s%20licenses%20in%20Indianapolis%2C%20Indiana%2C%20that%20were%20...%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%22%2C%22og%3Asite_name%22%3A%22www.theepochtimes.com%22%2C%22article%3Atag%22%3A%22USA%2CIndiana%22%2C%22article%3Asection%22%3A%22Crime%20and%20Incidents%22%2C%22article%3Apublished_time%22%3A%222022-01-24T14%3A51%3A41-05%3A00%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimg.theepochtimes.com%2Fassets%2Fuploads%2F2022%2F01%2F24%2FGettyImages-74938063-ssdasdasd-1200x761.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.51&r=stable&ec=1&o=30&fbp=fb.1.1643121349555.210969827&it=1643121349443&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 25 Jan 2022 14:35:50 GMT
userId.bundle.js
subs.youmaker.com/lib/ Frame 8E24 		200 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/lib/userId.bundle.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=6502e8a1-259e-4f71-8efa-fe8ba77cec38&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=InstaAccount%20Plus&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
c454e9ab422a8d322d36521d9a675279c9b2dcf9e69190afa80a214a071a943e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://subs.youmaker.com/template/show?tid=6502e8a1-259e-4f71-8efa-fe8ba77cec38&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=InstaAccount%20Plus&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
last-modified
Mon, Jan 24 2022 15:10:08 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
204540
et_utils.js
services.epoch.cloud/public-labs/epoch-ai/ Frame 8E24 		72 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud/public-labs/epoch-ai/et_utils.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=6502e8a1-259e-4f71-8efa-fe8ba77cec38&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=InstaAccount%20Plus&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fd778afdf05a4f971f690a7f02c9ab7c4ad0a68f671db34d01205e849f8e998

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Jan 2022 16:35:06 GMT
server
cloudflare
age
3136
etag
W/"61d5c8ba-12075"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A6JFi9Q4JMY%2BvVPDy09Y8vHgL7eKVH59XzoXF48EV83inP50116Lh09XjuLK7ePBh015W0dwea3%2FeySp3XUzDdDDIGoJQem1zFEG8rObxDdeqEj03oqbv84k3OuDTQ3EBVXJHpr%2FSlZVK84KBOPCeAFcRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d323af63dfc4bc5-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
api.js
www.google.com/recaptcha/ Frame 8E24 		884 B
604 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LcmJLkZAAAAAMziOnaFrJkOV4ClF_H8OvcqvlyE
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=6502e8a1-259e-4f71-8efa-fe8ba77cec38&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=InstaAccount%20Plus&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5cf4a36d031057b755304d48f481e398f888f141253952ff2051b01a04f5c3c7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Tue, 25 Jan 2022 14:35:50 GMT
user
comment.youmaker.com/api/v1/ Frame 2ED4 		57 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/user?site=remark
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022012111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

x-provider-token
youmaker
x-xsrf-token
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
x-access-token
x-site-id
remark

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version
0.1.2
alt-svc
clear
content-length
57
expires
Thu, 01 Jan 1970 00:00:00 UTC
site
comment.youmaker.com/api/v1/ Frame 2ED4 		138 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/site?site=remark
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022012111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
d8c28172fa09f349dec1abc436938754ed54798c9da7387ae27978fdf81ba992

Request headers

x-provider-token
youmaker
x-xsrf-token
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
x-access-token
x-site-id
remark

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version
0.1.2
x-robots-tag
noindex
alt-svc
clear
content-length
138
expires
Thu, 01 Jan 1970 00:00:00 UTC
find
comment.youmaker.com/api/v1/ Frame 2ED4 		62 KB
62 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/find?site=remark&url=theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html&id=&group=&sort=-time&format=tree
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022012111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
8fe7e50776c5c980817efaf67811744ab980e2d532077c7478b751aa62c4ee3f

Request headers

x-provider-token
youmaker
x-xsrf-token
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=remark&components=embed%2Ccounter&url=theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html&provider=youmaker&token=&max_shown_comments=10&sort=-time&theme=default
x-access-token
x-site-id
remark

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
expires
Thu, 01 Jan 1970 00:00:00 UTC
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag
noindex
alt-svc
clear
app-version
0.1.2
/
a.clickcertain.com/px/ta/ Frame 7716
Redirect Chain
  • https://a.clickcertain.com/px/ta/?ccid=d21ca467-778c-4114-9040-756b0af16e31
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=d21ca467-778c-4114-9040-756b0af16e31&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=576bd1b0-8af1-4421-9592-52cce04a3e47%252Chttps%253A%252F%252Fa.clickcertain.com%252Fpx%252Fta%252F%253Fdone%253Dtrue%2526...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=068d0648-e8ef-420b-97fe-f96435b39fb6&ttd_puid=576bd1b0-8af1-4421-9592-52cce04a3e47%2Chttps%3A%2F%2Fa.clickcertain.com%2Fp...
  • https://a.clickcertain.com/px/ta/?done=true&ta_id=576bd1b0-8af1-4421-9592-52cce04a3e47
0
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.clickcertain.com/px/ta/?done=true&ta_id=576bd1b0-8af1-4421-9592-52cce04a3e47
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=d21ca467-778c-4114-9040-756b0af16e31&cn=CA
Protocol
H2
Server
2606:4700:3039::6815:c074 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:50 GMT
x-frontend
cc-nginx-588445b6b9-jrv6p:cc-nginx-588445b6b9-jrv6p
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
0abecfb2-62fc-913e-8237-50413ae26175
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fE3eXQ2iNjQ7M1gvrAS%2Fiq3Oushb61JSq9OfjHq%2Fl9LpKynjEEAkXld1kRi8ExRDbJCpj9uOtShqYvOsmVjHz%2Bwft9Mn6CBqqiC6O%2FjDRid4wl2Zq%2BHyK%2FCwrAROjAtX%2FPI2Gm9x3mi1s4cQCDEVPg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
47
cf-ray
6d323af8cec14bd6-YUL

Redirect headers

location
https://a.clickcertain.com/px/ta/?done=true&ta_id=576bd1b0-8af1-4421-9592-52cce04a3e47
date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
x.bidswitch.net/ Frame 7716
Redirect Chain
  • https://a.clickcertain.com/px/r/?ccid=d21ca467-778c-4114-9040-756b0af16e31
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=d21ca467-778c-4114-9040-756b0af16e31&ccid=d21ca467-778c-4114-9040-756b0af16e31&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
  • https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%2...
  • https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
  • https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dd21ca467%2D778c%2D411...
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=d21ca467-778c-4114-9040-756b0af16e31&anx_uId=$UID
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=d21ca467-778c-4114-9040-756b0af16e31&anx_uId=5777866265742787551
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=d21ca467-778c-4114-9040-756b0af16e31&expires=5&user_group=0
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=179&user_id=d21ca467-778c-4114-9040-756b0af16e31&expires=5&user_group=0
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=d21ca467-778c-4114-9040-756b0af16e31&cn=CA
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Tue, 25 Jan 2022 14:35:51 GMT
x-frontend
cc-nginx-588445b6b9-h6txc:cc-nginx-588445b6b9-h6txc
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
cf75ede9-be58-9cae-b713-2bef069c5c6b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caLWyeXXH6NUb1uTIQSFLnEozp5Pd%2Be%2Fur0XEribG%2FiCt%2FM59ogyJjVLtFWIQo7EQ5AqftwQYoT7qGWzLoxG1yqe7S85SFnUJbxBTbehg2KBN3cTfnrmdKIqIYk6aKHGny1V1%2F1s148PTc0%2FA8aBXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://x.bidswitch.net/sync?dsp_id=179&user_id=d21ca467-778c-4114-9040-756b0af16e31&expires=5&user_group=0
x-envoy-upstream-service-time
85
cf-ray
6d323afb49d04bd6-YUL
crum
dsum-sec.casalemedia.com/ Frame 8555
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5777866265742787551
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5777866265742787551
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:50 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 585.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
f74ad234-286c-4e42-aa14-66ca6a432b27
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5777866265742787551
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YfAKw803CFEzQ5mRasth1wAAAhcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8555 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YfAKw803CFEzQ5mRasth1wAAAhcAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:b6fc:4de6:8023:56cb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
rum
dsum-sec.casalemedia.com/ Frame 8555
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9172333580162404280
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9172333580162404280
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:50 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9172333580162404280
pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 8555
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1dd561f0-0ac4-4e00-a579-6844ede89535
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1dd561f0-0ac4-4e00-a579-6844ede89535
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:50 GMT

Redirect headers

Date
Tue, 25 Jan 2022 14:35:50 GMT
Server
MT3 4133 baa842e master ord-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1dd561f0-0ac4-4e00-a579-6844ede89535
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 25 Jan 2022 14:35:49 GMT
rum
dsum-sec.casalemedia.com/ Frame 8555
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=7DODBepjhgb3NYRWvmDIBe4x0wX3YNYG6meTbTs7
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=7DODBepjhgb3NYRWvmDIBe4x0wX3YNYG6meTbTs7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:50 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=7DODBepjhgb3NYRWvmDIBe4x0wX3YNYG6meTbTs7
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
tpid=YfAKw803CFEzQ5mRasth1wAA%26535
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 8555
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YfAKw803CFEzQ5mRasth1wAA%26535?gdpr_consent=&us_privacy=&gdpr=
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YfAKw803CFEzQ5mRasth1wAA%26535?gdpr_consent=&us_privacy=&gdpr=
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YfAKw803CFEzQ5mRasth1wAA%26535?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
52.4.54.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-54-89.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.43.151
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YfAKw803CFEzQ5mRasth1wAA%26535?gdpr_consent=&us_privacy=&gdpr=
cache-control
no-cache
x-server
10.40.42.94
content-length
0
expires
0
rum
dsum.casalemedia.com/ Frame 8555
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=f4877bed-f4bd-400b-a2f2-0cadc535107e
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=f4877bed-f4bd-400b-a2f2-0cadc535107e
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=66fbb369-9ed8-47f3-8e94-0120bf627a3e&ssp=index&expires=30&user_group=5&bsw_param=f4877bed-f4bd-400b-a2f2-0cadc535107e
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f4877bed-f4bd-400b-a2f2-0cadc535107e
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f4877bed-f4bd-400b-a2f2-0cadc535107e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:50 GMT

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f4877bed-f4bd-400b-a2f2-0cadc535107e
Date
Tue, 25 Jan 2022 14:35:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 8555
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YfAKxAABNO_fwQAy
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YfAKxAABNO_fwQAy
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:50 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643121350.231282,VS0,VE0
x-served-by
cache-yul12831-YUL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YfAKxAABNO_fwQAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 8555 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YfAKw803CFEzQ5mRasth1wAA%26535
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:50 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1732
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 15:04:42 GMT
truncated
/ Frame 8E24 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b23b7d607587510729c1b3d471d5f439c7c9cc7f09330cdfcafe71b93643a66c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
recaptcha__en.js
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 8E24 		351 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcmJLkZAAAAAMziOnaFrJkOV4ClF_H8OvcqvlyE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db6e227c51b78203752bdc36a19b414161c5beae47cc0cdf2ff9f5c89f4f2526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subs.youmaker.com/
Origin
https://subs.youmaker.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 20:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141778
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 05:03:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 20:04:38 GMT
crum
dsum-sec.casalemedia.com/ Frame AB7D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5777866265742787551
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5777866265742787551
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:50 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 585.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
180d5fad-ccb8-422b-9c8c-0e04e1392f8f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5777866265742787551
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YfAKw803CFEzQ5mRasth1wAAAhcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame AB7D 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YfAKw803CFEzQ5mRasth1wAAAhcAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:b6fc:4de6:8023:56cb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame AB7D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABBR07D4BYAAEXIdhbVsw&expiration=1644330950
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABBR07D4BYAAEXIdhbVsw&expiration=1644330950
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:50 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABBR07D4BYAAEXIdhbVsw&expiration=1644330950
Date
Tue, 25 Jan 2022 14:35:50 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
YfAKw803CFEzQ5mRasth1wAAAhcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame AB7D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YfAKw803CFEzQ5mRasth1wAAAhcAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YfAKw803CFEzQ5mRasth1wAAAhcAAAIB
43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YfAKw803CFEzQ5mRasth1wAAAhcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a02:b6fc:4de6:8023:56cb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YfAKw803CFEzQ5mRasth1wAAAhcAAAIB
date
Tue, 25 Jan 2022 14:35:50 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame AB7D
Redirect Chain
  • https://d.adroll.com/cm/index/ssp
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:50 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Tue, 25 Jan 2022 14:35:50 GMT
server
nginx/1.20.0
content-length
76
tpid=YfAKw803CFEzQ5mRasth1wAA%26535
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame AB7D 		49 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YfAKw803CFEzQ5mRasth1wAA%26535?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.54.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-54-89.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.15.3
content-type
image/gif
content-length
49
expires
0
rum
dsum.casalemedia.com/ Frame AB7D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=index&bds_param=f4877bed-f4bd-400b-a2f2-0cadc535107e
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=579626ed-eb30-45a5-9078-f05f5c983d57&expires=10&ssp=index&bsw_param=f4877bed-f4bd-400b-a2f2-0cadc535107e
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f4877bed-f4bd-400b-a2f2-0cadc535107e
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f4877bed-f4bd-400b-a2f2-0cadc535107e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:50 GMT

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f4877bed-f4bd-400b-a2f2-0cadc535107e
Date
Tue, 25 Jan 2022 14:35:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame AB7D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&expiration=1645713350
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&expiration=1645713350
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 14:35:50 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&expiration=1645713350
date
Tue, 25 Jan 2022 14:35:50 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
htw-pixel.gif
js-sec.indexww.com/ht/ Frame AB7D 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YfAKw803CFEzQ5mRasth1wAA%26535
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.theepochtimes.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.217.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-217-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:50 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1732
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 15:04:42 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 1983 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=389676576&t=event&_s=1&dl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&ul=en-us&de=UTF-8&dt=1%2C200%20Fake%20American%20Driver%E2%80%99s%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=paywall%3ARegistration%20Wall&ea=Impression&el=InstaAccount%2520Plus&ev=0&_u=6HDACUABBAAAAC~&jid=51688674&gjid=1166780626&cid=1669070802.1643121347&tid=UA-10465455-56&_gid=1683775218.1643121347&_r=1&_slc=1&z=1490921700
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theepochtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
senddata
subsapi.epoch.cloud/db/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/db/senddata
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
senddata
subsapi.epoch.cloud/db/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/db/senddata
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
senddata
subsapi.epoch.cloud/db/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/db/senddata
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
truncated
/ Frame 2ED4 		173 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58d066548314e4827f298403cb806d759ce7dbefb2bff05318803126cfe9347a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2ED4 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35bf0406cc5a63e576c5a6412af9d150523662672569f8eeb630fe582cb78d14

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
anchor
www.google.com/recaptcha/api2/ Frame EC08 		40 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcmJLkZAAAAAMziOnaFrJkOV4ClF_H8OvcqvlyE&co=aHR0cHM6Ly9zdWJzLnlvdW1ha2VyLmNvbTo0NDM.&hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=po9z8ymhlgcc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d2309bfb9c758a3d936b80f8975931274e31f05aabe061321dd472f47699bc96
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lv0cP73b+qWlKHn/FYNhgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://subs.youmaker.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 25 Jan 2022 14:35:50 GMT
content-security-policy
script-src 'report-sample' 'nonce-lv0cP73b+qWlKHn/FYNhgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20792
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
senddata
subsapi.epoch.cloud/db/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/db/senddata
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
generate_204
tpc.googlesyndication.com/ Frame FAE9 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?lp_p1w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame EC08 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcmJLkZAAAAAMziOnaFrJkOV4ClF_H8OvcqvlyE&co=aHR0cHM6Ly9zdWJzLnlvdW1ha2VyLmNvbTo0NDM.&hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=po9z8ymhlgcc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 17:05:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 05:03:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 17:05:29 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame EC08 		351 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcmJLkZAAAAAMziOnaFrJkOV4ClF_H8OvcqvlyE&co=aHR0cHM6Ly9zdWJzLnlvdW1ha2VyLmNvbTo0NDM.&hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=po9z8ymhlgcc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db6e227c51b78203752bdc36a19b414161c5beae47cc0cdf2ff9f5c89f4f2526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 20:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141778
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 05:03:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 20:04:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011002&jk=1207402431981013&bg=!nZ6lntrNAAZ_DxPPfw87ACkAdvg8Wv3_xmnGiI1WwVBPh-CZkS8Q3eE2U6PCy11x2iuBRYWKy1CCbwIAAAHsUgAAAANoAQeZAraS7l_T1hLH2n4a9y9hJ3XpirDw8-8-iYjwDClyBEuHAaNZ1HPEDqeYrOYhUx4_Sxy1hwbsftBLHobdf2eDxwV1IhgTvBRNOm2kVedGc37cODMC6dngSmsG-mVCMF66MmJ9DUJdY8Uqvm9d1iVMrzgtP0zBFQSeNcZzCQVkXZxLWEYW36loBTT3kTBkM_N8MNuLsdPKkck3B3YvgwV15Ph-cHavwlYPaOmS-wU4wDbeGOGzJ_GtSDbMlIMtuDBht8-OzliKQNRIoxgf1TbPBfzBQjx44dTCa5XGiiyz4UW6PTPWMc9IrLF_xg8xwlvypYAWp3uqz3mNAVDs1wbRSIQPcD7t7etHTSB8FXJs_tkH2gyCIuJGZPIr3x1WC8wEEX7q0QThAPYuJ1nvt1WaTJef5eUiZM7fmGV5u_cJovPpLhWAbY3MuFhzKg5x_JzOUy5GVx_hGQZU7Y0C3pLG8VpivnCYSfMBJVPxdG1n5bWeQ0hFYvD2YlYfd1aJa9Of-Nm70VlIoVPbQwDQkEzI1D1HnlLDT8Xbg8-0LEprxO_XUBVyIdBJQ4Ki9650osCoTyxspKAxGN8gPIVvhV8gvnJjceZxbBfnLAvFdJzRQ_tuaabHQf77Bp2cNuIO52voHXV1R2YO46UpfS-zfP3gEov4gkuCdj-Lm2GZ2yqdz6ul4H51-ymX9Qv0QdvAmeM51s0q8Yrsu1uKVA3hm3yOLrMTWvNuqR4BQS7DuBg26tEkDHzgSDRVHuxpnV9_YnRnh-A_uXXenFZ7Ch6flFafz75yCSr-3VDYV0XzCzOiMCdN7QhLhLOdldOWnauByhCsompL4HsYtFyRHTVmygp8ygS-0d-qQkCVbWb-TUms5-4PC3QIYxpyVPYYwmWWk_873l_VJ1x0anx4fgT1zQAtVkdaM4BTncUj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame EC08 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 17:24:45 GMT
x-content-type-options
nosniff
age
421865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Thu, 27 Jan 2022 17:24:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EC08 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcmJLkZAAAAAMziOnaFrJkOV4ClF_H8OvcqvlyE&co=aHR0cHM6Ly9zdWJzLnlvdW1ha2VyLmNvbTo0NDM.&hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=po9z8ymhlgcc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 11:41:34 GMT
x-content-type-options
nosniff
age
10456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 11:41:34 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EC08 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcmJLkZAAAAAMziOnaFrJkOV4ClF_H8OvcqvlyE&co=aHR0cHM6Ly9zdWJzLnlvdW1ha2VyLmNvbTo0NDM.&hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=po9z8ymhlgcc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 19:40:58 GMT
x-content-type-options
nosniff
age
500092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 19:40:58 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame EC08 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcmJLkZAAAAAMziOnaFrJkOV4ClF_H8OvcqvlyE&co=aHR0cHM6Ly9zdWJzLnlvdW1ha2VyLmNvbTo0NDM.&hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=po9z8ymhlgcc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5d186172059c67e5f0f612c73126b60c8f009625df963609e52eacc13bff1716
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcmJLkZAAAAAMziOnaFrJkOV4ClF_H8OvcqvlyE&co=aHR0cHM6Ly9zdWJzLnlvdW1ha2VyLmNvbTo0NDM.&hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=po9z8ymhlgcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 25 Jan 2022 14:35:50 GMT
reload
www.google.com/recaptcha/api2/ Frame EC08 		30 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LcmJLkZAAAAAMziOnaFrJkOV4ClF_H8OvcqvlyE
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a5e29750f158dda342495aa7dfa441bf26cbcdd3733b3380664c7217558fcf2d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcmJLkZAAAAAMziOnaFrJkOV4ClF_H8OvcqvlyE&co=aHR0cHM6Ly9zdWJzLnlvdW1ha2VyLmNvbTo0NDM.&hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=po9z8ymhlgcc
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Tue, 25 Jan 2022 14:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17067
x-xss-protection
1; mode=block
expires
Tue, 25 Jan 2022 14:35:50 GMT
async_usersync
ib.adnxs.com/ Frame 1827 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.25 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
563.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:51 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
ad4797d2-29d8-44cc-94f8-baf0d275c512
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8D97 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.25 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
563.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:51 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
fc871e2b-9e69-4341-8cb2-8c69cc5a6cb7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
register_ymk_user_and_add2mt
subsapi.epoch.cloud/email/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/email/register_ymk_user_and_add2mt?site=ca.theepochtimes.com&recaptcha=03AGdBq26Gwf5rlx1956FMwfwXaxmmr6GSEQ3tT_JR3mFXLYEaOdj8kHcVaL2kmFwgdP_ztEk1SJ40X5-6mFL9eIcewvrDoyM7VJsCKluwX6y9JummNQlATNHFErwWvox-ywxDyk4Bipzj84JsZjh79jDloU_EoRfuaJ8vnKNAGzxpNFgkdd611lX-_ZxhzW2TSfuLUiTS1D3eVaABCB9gvRIrK-3FCoIHwYmVmSOrZtZBY7u9Zdye4zy9-q-EkqocJV93n9AP8UdfnXm0nJ-MVn5zGWkyUrCw6l9NouTC_9c4zIAEOaWe_Laj_sU3NEmqGteoldgBPF09Ew1xhJuvN91CJdBoMmgIIrK_VXTiLGcQdEgZY6Zu1wcL1w-An9hOv4Wv1HldXnq7yMsNYoUp8hOJZAVhQ7OKcMSOxaOk4bWGGYcXtoyQvAnAYHIq4zuoXjMbU47LZpPndbPdZnpi6KmZsBEWMVDKtQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://subs.youmaker.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 25 Jan 2022 14:35:51 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHN4LCfhgkSoPokaAqvuuWY0%2FZr9ziH63f3aV6DVLsMRuNn4WL8dhD717iFqf7kdV%2BAkVbJHjF8qj13lCf6BmOylQljUi8IcCx%2BFR5bmxE3HMzopFN1yfm5w0yFRwDnmX1iasL7bLSfHqI%2F8QXt5Xa69"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d323afc28574bb9-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
register_ymk_user_and_add2mt
subsapi.epoch.cloud/email/ Frame 8E24 		710 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/email/register_ymk_user_and_add2mt?site=ca.theepochtimes.com&recaptcha=03AGdBq26Gwf5rlx1956FMwfwXaxmmr6GSEQ3tT_JR3mFXLYEaOdj8kHcVaL2kmFwgdP_ztEk1SJ40X5-6mFL9eIcewvrDoyM7VJsCKluwX6y9JummNQlATNHFErwWvox-ywxDyk4Bipzj84JsZjh79jDloU_EoRfuaJ8vnKNAGzxpNFgkdd611lX-_ZxhzW2TSfuLUiTS1D3eVaABCB9gvRIrK-3FCoIHwYmVmSOrZtZBY7u9Zdye4zy9-q-EkqocJV93n9AP8UdfnXm0nJ-MVn5zGWkyUrCw6l9NouTC_9c4zIAEOaWe_Laj_sU3NEmqGteoldgBPF09Ew1xhJuvN91CJdBoMmgIIrK_VXTiLGcQdEgZY6Zu1wcL1w-An9hOv4Wv1HldXnq7yMsNYoUp8hOJZAVhQ7OKcMSOxaOk4bWGGYcXtoyQvAnAYHIq4zuoXjMbU47LZpPndbPdZnpi6KmZsBEWMVDKtQ
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/userId.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0375407855d7d62d96d9d9fe12f947fa820f28baf39557e523418bc3ab0b9d8c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://subs.youmaker.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Jan 2022 14:35:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmIjJKGPQjlVBPYTxcA2GYCw%2FV%2F%2FREKk5XTCAQMCCT%2F%2FkpUmhyua5O3kzGYHAF%2B9oDp6Ai0sCETDJrcuWDVqdGIgZP9dDkFJSbnsLmOrJCzz0ZGgKWHY%2FuoPvdzZGp9BztDaStJZ8D6XOVkl8BNB7Ucw"}],"group":"cf-nel","max_age":604800}
cf-ray
6d323afcb8f94bb9-YUL
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
senddata
subsapi.epoch.cloud/db/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/db/senddata
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
login
auth.youmaker.com/user/ Frame 8E24 		710 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.youmaker.com/user/login?site=www.theepochtimes.com
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/userId.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.65.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.65.201.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
5c4e87e435963e0b0368f5c833d6854fdd822c64bd74399f3e6463836f4c7774

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://subs.youmaker.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
via
1.1 google
server
nginx/1.20.1
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
x-robots-tag
noindex
alt-svc
clear
content-length
710
login
auth.youmaker.com/user/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.youmaker.com/user/login?site=www.theepochtimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.65.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.65.201.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://subs.youmaker.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Tue, 25 Jan 2022 14:35:51 GMT
content-length
0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
allow
GET, POST, OPTIONS, PUT, DELETE
x-robots-tag
noindex
via
1.1 google
alt-svc
clear
senddata
subsapi.epoch.cloud/db/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/db/senddata
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=389676576&t=event&_s=2&dl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&ul=en-us&de=UTF-8&dt=1%2C200%20Fake%20American%20Driver%E2%80%99s%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=paywall%3AInstaAccountPlus%20Registration&ea=Processed%20Successfuly&el=&ev=0&_u=6HDACUABBAAAAC~&jid=&gjid=&cid=1669070802.1643121347&tid=UA-10465455-56&_gid=1683775218.1643121347&z=690208910
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 02:30:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43522
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
ea.epochbase.com/api/analytics/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ea.epochbase.com/api/analytics/collect?tid=G-RD0QM5H02Q&site_id=www.theepochtimes.com&v=1&en=readactivity&percent_scrolled=39.62&v=1&em=camille.papanek%40cic.gc.ca&post_id=4233039&read_duration=10&dl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&dr=&cid=1669070802.1643121347
Requested by
Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.73 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 25 Jan 2022 14:35:52 GMT
server
nginx/1.16.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
check_email_confirmed
auth.youmaker.com/user/ 		82 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.youmaker.com/user/check_email_confirmed?site_id=ca.theepochtimes.com&email=camille.papanek%40cic.gc.ca&site=ca.theepochtimes.com
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.65.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.65.201.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
608dd9cf6c2cb8390d97cf01231ce7933d10ff37655e554145fa0430d637099a

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
via
1.1 google
server
nginx/1.20.1
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
x-robots-tag
noindex
alt-svc
clear
content-length
82
add_contact
subs.youmaker.com/mailtrain/ Frame 8E24 		45 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/mailtrain/add_contact?listid=DtasdskjE&force=yes&origin=EmailCXTool
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/userId.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
59e733587bdaa16af3070b148a138e2b5893f8c32d0e2339a062e985f557ec9e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://subs.youmaker.com/template/show?tid=6502e8a1-259e-4f71-8efa-fe8ba77cec38&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=InstaAccount%20Plus&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://subs.youmaker.com
alt-svc
clear
content-length
45
add_contact
subs.youmaker.com/mailtrainx/2/ Frame 8E24 		45 B
106 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/mailtrainx/2/add_contact?listid=84oioOU2R&force=yes&origin=EmailCXTool
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/userId.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
59e733587bdaa16af3070b148a138e2b5893f8c32d0e2339a062e985f557ec9e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://subs.youmaker.com/template/show?tid=6502e8a1-259e-4f71-8efa-fe8ba77cec38&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=InstaAccount%20Plus&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://subs.youmaker.com
alt-svc
clear
content-length
45
pipa_subscription
service.djywork.com/cb_webhook/ Frame 8E24 		282 B
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.djywork.com/cb_webhook/pipa_subscription?name=camille.papanek&email=camille.papanek%40cic.gc.ca&utm_source=%22instaaccount%22
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/userId.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.105.13.95 Toronto, Canada, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1968-95.members.linode.com
Software
nginx/1.16.1 /
Resource Hash
6b9ccf89d948b3c46f6aca1b17f4eac5d0fa1e0cc7eaf59c51e66899528868a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://subs.youmaker.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:36:38 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Origin
X-XSS-Protection
1; mode=block
X-Request-Id
3f57aa13-3906-439f-9e99-749f754b5a47
X-Runtime
0.013070
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.16.1
X-Frame-Options
SAMEORIGIN
ETag
W/"6b9ccf89d948b3c46f6aca1b17f4eac5"
X-Download-Options
noopen
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
GET, POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
max-age=0, private, must-revalidate
get_email_secure_token
subsapi.epoch.cloud/ Frame 8E24 		121 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/get_email_secure_token?days_expire=30&email=camille.papanek%40cic.gc.ca
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/userId.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9721f4873c303901bec4062a132985977303062c4b838979ee6215f180d8eb8

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://subs.youmaker.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lp7d6a%2BooK3f7OB0dWi2JCqy7lYBwmBb6I1b8Dl3a2540OxMfyUTfxQvgPnJKjoRGN%2B%2FarYk%2B2P99UWdTDyfhb%2B82R456fs%2BIx9WVrOt8z7fiajhoEf4ONNDMenBimM2LeSeNIak3wRQB7wX4Df2vXWS"}],"group":"cf-nel","max_age":604800}
cf-ray
6d323b02880e4bb9-YUL
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
senddata
subsapi.epoch.cloud/db/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/db/senddata
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
senddata
subsapi.epoch.cloud/db/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://subsapi.epoch.cloud/db/senddata
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=389676576&t=event&_s=3&dl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&ul=en-us&de=UTF-8&dt=1%2C200%20Fake%20American%20Driver%E2%80%99s%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=paywall%3AInstaAccountPlus%20Registration&ea=Success%20-%20InstaAccount%2520Plus&el=&ev=0&_u=6HDACUABBAAAAC~&jid=&gjid=&cid=1669070802.1643121347&tid=UA-10465455-56&_gid=1683775218.1643121347&z=1992732754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 02:30:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43523
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=389676576&t=event&_s=4&dl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&ul=en-us&de=UTF-8&dt=1%2C200%20Fake%20American%20Driver%E2%80%99s%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20membership&ea=submit&el=success&ev=0&_u=6HDACUABBAAAAC~&jid=&gjid=&cid=1669070802.1643121347&tid=UA-10465455-56&_gid=1683775218.1643121347&z=1963204459
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 02:30:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43523
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=389676576&t=event&_s=5&dl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&ul=en-us&de=UTF-8&dt=1%2C200%20Fake%20American%20Driver%E2%80%99s%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=paywall%3AConversion%20Free%20Account%20Registration&ea=FREE&el=user_2b20b4543df98c1930cf85016b8f46a6b9986f5d&ev=0&_u=6HDACUABBAAAAC~&jid=&gjid=&cid=1669070802.1643121347&tid=UA-10465455-56&_gid=1683775218.1643121347&z=1730048960
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 02:30:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43523
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=389676576&t=event&_s=6&dl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&ul=en-us&de=UTF-8&dt=1%2C200%20Fake%20American%20Driver%E2%80%99s%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20account&ea=registration&el=success&ev=0&_u=6HDACUABBAAAAC~&jid=&gjid=&cid=1669070802.1643121347&tid=UA-10465455-56&_gid=1683775218.1643121347&z=346831655
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 02:30:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43523
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=389676576&t=pageview&_s=7&dl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&dp=%2Fvirtual%2Fgoals%2Faccount-registration%2FFREE%2Fuser_2b20b4543df98c1930cf85016b8f46a6b9986f5d&ul=en-us&de=UTF-8&dt=FREE%20for%20user_2b20b4543df98c1930cf85016b8f46a6b9986f5d&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6HDACUABBAAAAC~&jid=&gjid=&cid=1669070802.1643121347&tid=UA-10465455-56&_gid=1683775218.1643121347&z=827305989
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 02:30:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43523
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
get
subs.youmaker.com/template/ 		181 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/template/get?tid=user-info&sid=ca.theepochtimes.com&siteid=ca.theepochtimes.com&planid=429f36fb-d585-414e-8e4c-5d09f5cbdca0&sessionid=CDUE4g93tsVtkCfq36gEEnSzBL5LEeL8KNaXLBs5pxfcaelfi4JTJs5ZBElBzoLdqKl_sZCx%252BSVAP3SCAq3beBALi262F_Mi6%252Bwn__LSt0Dcn0fjNhlM9VWETuk%253D&token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NzQ2NTczNTIsIlRva2VuVHlwZSI6ImxldmVsMSIsIk5hbWUiOiJ1c2VyXzJiMjBiNDU0M2RmOThjMTkzMGNmODUwMTZiOGY0NmE2Yjk5ODZmNWQifQ.ZgjhXIwHY_TMQdfhkdbMZX2GoOoD3tmB0-9sK7TRrtxaCUNzuFbFAruoMBcgf4GaJJdD5j05a3DfRjHPXWUSrlU5dKmYkEZ9x-mf3kIbj3Ee3IttzQWdwgAyOEX47iMh6DkjLG35FCpAn3hYMHJ6y52scB7-PA162KMia8DNOL8&uid=d8139bf7-5915-437a-b1c1-cbde5ab110af
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
65ae706784e2d0ca5871561d18f8285a329a161921baede5fa0aac50634be272

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
181
get
subs.youmaker.com/template/ 		218 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/template/get?tid=3d34fba6-6f17-4d55-98cc-b7986e944a3c&sid=ca.theepochtimes.com&version=1&siteid=ca.theepochtimes.com&planid=429f36fb-d585-414e-8e4c-5d09f5cbdca0&sessionid=CDUE4g93tsVtkCfq36gEEnSzBL5LEeL8KNaXLBs5pxfcaelfi4JTJs5ZBElBzoLdqKl_sZCx%252BSVAP3SCAq3beBALi262F_Mi6%252Bwn__LSt0Dcn0fjNhlM9VWETuk%253D&token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NzQ2NTczNTIsIlRva2VuVHlwZSI6ImxldmVsMSIsIk5hbWUiOiJ1c2VyXzJiMjBiNDU0M2RmOThjMTkzMGNmODUwMTZiOGY0NmE2Yjk5ODZmNWQifQ.ZgjhXIwHY_TMQdfhkdbMZX2GoOoD3tmB0-9sK7TRrtxaCUNzuFbFAruoMBcgf4GaJJdD5j05a3DfRjHPXWUSrlU5dKmYkEZ9x-mf3kIbj3Ee3IttzQWdwgAyOEX47iMh6DkjLG35FCpAn3hYMHJ6y52scB7-PA162KMia8DNOL8&uid=d8139bf7-5915-437a-b1c1-cbde5ab110af
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
21f63357d2059cb273c6b8dcfbe574bc19eac381bc68f31806fbf0a6d7464bb8

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.theepochtimes.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theepochtimes.com
alt-svc
clear
content-length
218
send_email
subs.youmaker.com/ Frame 8E24 		15 B
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/send_email
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/userId.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://subs.youmaker.com/template/show?tid=6502e8a1-259e-4f71-8efa-fe8ba77cec38&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=InstaAccount%20Plus&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://subs.youmaker.com
alt-svc
clear
content-length
15
show
subs.youmaker.com/template/ Frame 3C14 		14 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/template/show?tid=user-info&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20User%20Info%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
b8c2da6bd2f3582064a5940c8ccd629df54724ef45fe7855b3e81bd33b09a98c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

server
nginx/1.20.1
date
Tue, 25 Jan 2022 14:35:52 GMT
content-type
text/html; charset=utf-8
x-robots-tag
noindex
via
1.1 google
alt-svc
clear
show
subs.youmaker.com/template/ Frame 5928 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/template/show?tid=3d34fba6-6f17-4d55-98cc-b7986e944a3c&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=InstaAccount%20Plus%20Sticky%20(copy)&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
ee75ba258c882615cf0b854c49a29dd3ce2638df011284db2e985d9b85cae9e6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/

Response headers

server
nginx/1.20.1
date
Tue, 25 Jan 2022 14:35:52 GMT
content-type
text/html; charset=utf-8
x-robots-tag
noindex
via
1.1 google
alt-svc
clear
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ Frame 3C14 		56 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=user-info&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20User%20Info%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://subs.youmaker.com/
Origin
https://subs.youmaker.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481981
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10022
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-de0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etzq2RpV0TKACzOaZ8Y9H6bzTN%2FvHzgAyjMho0h39d377CKzHSOhb6MWkBqau23HAYPVuJ3B1nXCyFgbpWTvuRP6eTgU1QuNdysR4rF400hfYlVI4bKxd5kTUvxms%2FDxvhLSURkzvhbclKsS9%2FuLp5CA"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d323b03c9a64bd1-YUL
expires
Sun, 15 Jan 2023 14:35:52 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 3C14 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=user-info&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20User%20Info%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617
age
8810491
cdn-cachedat
2021-06-08 14:35:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
8e03a0f40ac23c08b1fbc5b05ccb27fd
cdn-requestcountrycode
US
cf-ray
6d323b03baf3ece6-YUL
cdn-cache
HIT
cdn-requestpullsuccess
True
userId.bundle.js
subs.youmaker.com/lib/ Frame 3C14 		200 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/lib/userId.bundle.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=user-info&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20User%20Info%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
c454e9ab422a8d322d36521d9a675279c9b2dcf9e69190afa80a214a071a943e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://subs.youmaker.com/template/show?tid=user-info&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20User%20Info%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
via
1.1 google
last-modified
Mon, Jan 24 2022 15:10:08 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
204540
Account.png
www.theepochtimes.com/assets/uploads/2019/08/21/ Frame 3C14 		663 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theepochtimes.com/assets/uploads/2019/08/21/Account.png
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=user-info&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20User%20Info%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
6501ec5e7f85a81a50d53261a6c32ac8b18ed0db6b88b5448253b81e4900938f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
x-content-type-options
nosniff
last-modified
Wed, 21 Aug 2019 20:59:34 GMT
server
nginx
x-microcachable
0
etag
"5d5db0b6-297"
x-hw
1643121352.cds061.dc2.hn,1643121352.cds040.dc2.c
content-type
image/png
cache-control
max-age=1800
content-length
663
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
ProfileW.png
img.theepochtimes.com/assets/uploads/2021/02/18/ Frame 3C14 		755 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theepochtimes.com/assets/uploads/2021/02/18/ProfileW.png
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=user-info&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20User%20Info%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
81375e92569856315b7494250403f5cc2167c3f0986dbe2b8e0bfbd12e38fa4d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
last-modified
Thu, 18 Feb 2021 16:41:42 GMT
server
nginx
etag
"602e98c6-2f3"
x-hw
1643121352.cds061.dc2.hn,1643121352.cds010.dc2.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
755
Logout-V2.png
cdn.epoch.cloud/assets/static_assets/ Frame 3C14 		416 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.epoch.cloud/assets/static_assets/Logout-V2.png
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=user-info&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20User%20Info%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
546cb27a1bd509dbf2e6afedf6df6f2604c8decbf7106bdac19556ef630cc86d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
580
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
416
last-modified
Wed, 19 Feb 2020 18:57:39 GMT
server
cloudflare
etag
"5e4d8523-1a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmYo4AwtkcR6vBM%2BELKbUCH0qblDlArsrRlSF4KQB3zq75mI%2FeMEqNHfvm9itdLLylet1l7tWUmuPi3Naf3MjiMKvq5UcttIM9tzVuZ0HbsbnRAMwlM1NqrhzWSPhBEO5ejGbgOvkVbi4jD3xyY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, no-transform
accept-ranges
bytes
cf-ray
6d323b037fa54bc5-YUL
expires
Tue, 25 Jan 2022 14:36:12 GMT
userId.bundle.js
subs.youmaker.com/lib/ Frame 5928 		200 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/lib/userId.bundle.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=3d34fba6-6f17-4d55-98cc-b7986e944a3c&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=InstaAccount%20Plus%20Sticky%20(copy)&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
c454e9ab422a8d322d36521d9a675279c9b2dcf9e69190afa80a214a071a943e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://subs.youmaker.com/template/show?tid=3d34fba6-6f17-4d55-98cc-b7986e944a3c&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=InstaAccount%20Plus%20Sticky%20(copy)&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
via
1.1 google
last-modified
Mon, Jan 24 2022 15:10:08 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
204540
et_utils.js
services.epoch.cloud/public-labs/epoch-ai/ Frame 5928 		72 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud/public-labs/epoch-ai/et_utils.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=3d34fba6-6f17-4d55-98cc-b7986e944a3c&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=InstaAccount%20Plus%20Sticky%20(copy)&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fd778afdf05a4f971f690a7f02c9ab7c4ad0a68f671db34d01205e849f8e998

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Jan 2022 16:35:06 GMT
server
cloudflare
age
3138
etag
W/"61d5c8ba-12075"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLd7ZdlJeLqdJN5%2BNvtiSivvFo9WLhnxtqUvKrrOr3XFVsA6Q6Q8UTh2J8I%2FolRMyYC4FVrQWh1BoU%2BFnEmqTt0zcZWPSTM5EA18HIyaX5DLt4CDnuZTAgRQ8GF0QugA7BvV7mjQBmkD78anXZ6blAUb%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d323b037fa64bc5-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
models.js
services.epoch.cloud/public-labs/epoch-ai/ Frame 5928 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud/public-labs/epoch-ai/models.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=3d34fba6-6f17-4d55-98cc-b7986e944a3c&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=InstaAccount%20Plus%20Sticky%20(copy)&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9382d4fcab998a51ee41eb3dd5ec92cd03fa275d97c20c09d92d472762283f5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://subs.youmaker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Feb 2021 15:52:08 GMT
server
cloudflare
age
1740
etag
W/"601ac6a8-416e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCRTFP1wQPt9YQAk7sA0suqRYLAxdjqHeUokMU90VvEhyKjD6IG4oFtqay%2FBRcBMrmzEJCBleSoI%2F1j7tZYgiSc7SeCPDNZ9d3kmzrrTB3YB%2BlJywi9mEve%2FWxXt2V6cOloh7B4UW%2FlMQUsW9NygWgjDmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d323b037fa84bc5-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ Frame 5928 		156 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=3d34fba6-6f17-4d55-98cc-b7986e944a3c&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=InstaAccount%20Plus%20Sticky%20(copy)&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://subs.youmaker.com/
Origin
https://subs.youmaker.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
age
23947667
cdn-cachedat
2021-03-10 13:26:21
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
543b7662874d35408138d5f6f90507a3
cf-ray
6d323b03bb077145-YUL
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
D-DINCondensed-Bold.otf
cdn.epoch.cloud/assets/fonts/ Frame 3C14 		57 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.epoch.cloud/assets/fonts/D-DINCondensed-Bold.otf
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=user-info&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20User%20Info%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
872f4fde8b21d5105a83ba13988aa60224eae251b1708dec3062160b72d30736

Request headers

Referer
https://subs.youmaker.com/
Origin
https://subs.youmaker.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1177
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58452
last-modified
Wed, 29 Jul 2020 19:20:58 GMT
server
cloudflare
etag
"5f21cc1a-e454"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUp%2Bz18CPwhNV3gwUCGzYKJjZ0YCGnHwvhWrf3FP9h9qI6sA2AGcp%2FD4u17gUI6dvf8bqKkCUewqxtRKTh2i9wNfNoyyXb1FeEprNmhUwAGvJGiIYh6G1bghVDiBLHG84iipdxDDWzD44qdjm94%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d323b043a054bb9-YUL
D-DIN-Bold.otf
cdn.epoch.cloud/assets/fonts/ Frame 5928 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.epoch.cloud/assets/fonts/D-DIN-Bold.otf
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=3d34fba6-6f17-4d55-98cc-b7986e944a3c&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=InstaAccount%20Plus%20Sticky%20(copy)&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f96a3730041605b139ca2d15e29a36c55e49058ba2b72ee4d09b5e4ca210c1

Request headers

Referer
https://subs.youmaker.com/
Origin
https://subs.youmaker.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1385
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60188
last-modified
Mon, 02 Nov 2020 06:21:50 GMT
server
cloudflare
etag
"5f9fa57e-eb1c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdQfjN9ChJmN8UBLMCzZo2ATABsiKCm4%2BJOoLe6WxXPIxjqAAg3BtGg6RapCNIShzGqUEk0wlUh%2FQpSdwWXvNK6wg22LMcN30HvXTnmsjQ1mtmXkS5%2BvFAKiIbgZqXfg6cQguVposNmbbaDWAds%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d323b045a224bb9-YUL
list_subscription
subs.youmaker.com/chargebee3/ Frame 3C14 		71 B
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/chargebee3/list_subscription?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NzQ2NTczNTIsIlRva2VuVHlwZSI6ImxldmVsMSIsIk5hbWUiOiJ1c2VyXzJiMjBiNDU0M2RmOThjMTkzMGNmODUwMTZiOGY0NmE2Yjk5ODZmNWQifQ.ZgjhXIwHY_TMQdfhkdbMZX2GoOoD3tmB0-9sK7TRrtxaCUNzuFbFAruoMBcgf4GaJJdD5j05a3DfRjHPXWUSrlU5dKmYkEZ9x-mf3kIbj3Ee3IttzQWdwgAyOEX47iMh6DkjLG35FCpAn3hYMHJ6y52scB7-PA162KMia8DNOL8&siteid=ca.theepochtimes.com
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/userId.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
d93e6d083e6ea77cc061e32cd4f3d05e56f615c380a5c54b1b3b460ca71624cb

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://subs.youmaker.com/template/show?tid=user-info&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20User%20Info%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
via
1.1 google
server
nginx/1.20.1
alt-svc
clear
content-length
71
content-type
text/plain; charset=utf-8
get
subs.youmaker.com/access/grant/ Frame 3C14 		100 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/access/grant/get?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NzQ2NTczNTIsIlRva2VuVHlwZSI6ImxldmVsMSIsIk5hbWUiOiJ1c2VyXzJiMjBiNDU0M2RmOThjMTkzMGNmODUwMTZiOGY0NmE2Yjk5ODZmNWQifQ.ZgjhXIwHY_TMQdfhkdbMZX2GoOoD3tmB0-9sK7TRrtxaCUNzuFbFAruoMBcgf4GaJJdD5j05a3DfRjHPXWUSrlU5dKmYkEZ9x-mf3kIbj3Ee3IttzQWdwgAyOEX47iMh6DkjLG35FCpAn3hYMHJ6y52scB7-PA162KMia8DNOL8&site_id=ca.theepochtimes.com
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/userId.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
8cb89315c6662f6cbf3b845596bc528e49772043fdfc930b57fea23f5508dbde

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://subs.youmaker.com/template/show?tid=user-info&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20User%20Info%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
via
1.1 google
server
nginx/1.20.1
alt-svc
clear
content-length
100
content-type
application/json;charset=UTF-8
inquiry
subs.youmaker.com/appstore/ Frame 3C14 		190 B
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/appstore/inquiry?username=user_2b20b4543df98c1930cf85016b8f46a6b9986f5d&site_id=ca.theepochtimes.com
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/userId.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
8b059866ad3488075da41c875c6940d76c36487fe7e676d8adfecba81f626f52

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://subs.youmaker.com/template/show?tid=user-info&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20User%20Info%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
via
1.1 google
server
nginx/1.20.1
x-robots-tag
noindex
alt-svc
clear
content-length
190
content-type
application/json;charset=UTF-8
info
auth.youmaker.com/user/ Frame 3C14 		47 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.youmaker.com/user/info?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NzQ2NTczNTIsIlRva2VuVHlwZSI6ImxldmVsMSIsIk5hbWUiOiJ1c2VyXzJiMjBiNDU0M2RmOThjMTkzMGNmODUwMTZiOGY0NmE2Yjk5ODZmNWQifQ.ZgjhXIwHY_TMQdfhkdbMZX2GoOoD3tmB0-9sK7TRrtxaCUNzuFbFAruoMBcgf4GaJJdD5j05a3DfRjHPXWUSrlU5dKmYkEZ9x-mf3kIbj3Ee3IttzQWdwgAyOEX47iMh6DkjLG35FCpAn3hYMHJ6y52scB7-PA162KMia8DNOL8&fields=first_name,%20last_name
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/userId.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.65.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.65.201.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
5dd75b5bba5e2bd1cf33cefbd518996a909b4545de0c57c935421bf7738cf59c

Request headers

Accept
*/*
Referer
https://subs.youmaker.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
via
1.1 google
server
nginx/1.20.1
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
x-robots-tag
noindex
alt-svc
clear
content-length
47
check
subs.youmaker.com/agent/ Frame 3C14 		72 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/agent/check?site_id=ca.theepochtimes.com&token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NzQ2NTczNTIsIlRva2VuVHlwZSI6ImxldmVsMSIsIk5hbWUiOiJ1c2VyXzJiMjBiNDU0M2RmOThjMTkzMGNmODUwMTZiOGY0NmE2Yjk5ODZmNWQifQ.ZgjhXIwHY_TMQdfhkdbMZX2GoOoD3tmB0-9sK7TRrtxaCUNzuFbFAruoMBcgf4GaJJdD5j05a3DfRjHPXWUSrlU5dKmYkEZ9x-mf3kIbj3Ee3IttzQWdwgAyOEX47iMh6DkjLG35FCpAn3hYMHJ6y52scB7-PA162KMia8DNOL8
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/userId.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
8905266d1316b46377e0995186ec59a76d4c958bda2adf544830a0348cf9de69

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://subs.youmaker.com/template/show?tid=user-info&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMnVzZXJfMmIyMGI0NTQzZGY5OGMxOTMwY2Y4NTAxNmI4ZjQ2YTZiOTk4NmY1ZCUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMkNEVUU0ZzkzdHNWdGtDZnEzNmdFRW5TekJMNUxFZUw4S05hWExCczVweGZjYWVsZmk0SlRKczVaQkVsQnpvTGRxS2xfc1pDeCUyQlNWQVAzU0NBcTNiZUJBTGkyNjJGX01pNiUyQnduX19MU3QwRGNuMGZqTmhsTTlWV0VUdWslM0QlMjIlMkMlMjJlcG9jaF90b2tlbiUyMiUzQSUyMmV5SmhiR2NpT2lKU1V6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUpsZUhBaU9qRTJOelEyTlRjek5USXNJbFJ2YTJWdVZIbHdaU0k2SW14bGRtVnNNU0lzSWs1aGJXVWlPaUoxYzJWeVh6SmlNakJpTkRVME0yUm1PVGhqTVRrek1HTm1PRFV3TVRaaU9HWTBObUUyWWprNU9EWm1OV1FpZlEuWmdqaFhJd0hZX1RNUWRmaGtkYk1aWDJHb09vRDN0bUIwLTlzSzdUUnJ0eGFDVU56dUZiRkFydW9NQmNnZjRHYUpKZEQ1ajA1YTNEZlJqSFBYV1VTcmxVNWRLbVlrRVo5eC1tZjNrSWJqM0VlM0l0dHpRV2R3Z0F5T0VYNDdpTWg2RGtqTEczNUZDcEFuM2hZTUhKNnk1MnNjQjctUEExNjJLTWlhOEROT0w4JTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=CA%20ET%20-%20User%20Info%20Bar&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
via
1.1 google
server
nginx/1.20.1
x-robots-tag
noindex
alt-svc
clear
content-length
72
content-type
application/json;charset=UTF-8
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=389676576&t=event&_s=8&dl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&ul=en-us&de=UTF-8&dt=1%2C200%20Fake%20American%20Driver%E2%80%99s%20Licenses%20from%20Hong%20Kong%20Seized%20in%20Indiana&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=paywall%3ARegistration%20Wall&ea=Impression&el=Registration%20Wall%3A%20InstaAccount%20Plus%20Sticky%20(copy)--v1&ev=0&_u=6HDACUABBAAAAC~&jid=&gjid=&cid=1669070802.1643121347&tid=UA-10465455-56&_gid=1683775218.1643121347&z=622566581
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.theepochtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 02:30:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43523
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F582 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65277069&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
29b8a75c9030cf7de090cefceb35fb57cb5608682ca4d945052679cca0f75638

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 32D5 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=98963827&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
29b8a75c9030cf7de090cefceb35fb57cb5608682ca4d945052679cca0f75638

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:51 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 6BED
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1dd561f0-0ac4-4e00-a579-6844ede89535&gdpr=0&gdpr_consent=
42 B
497 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1dd561f0-0ac4-4e00-a579-6844ede89535&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 25 Jan 2022 14:35:53 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug015:0:641
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 25 Jan 2022 14:35:53 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master ord-pixel-x34 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1dd561f0-0ac4-4e00-a579-6844ede89535&gdpr=0&gdpr_consent=
Expires
Tue, 25 Jan 2022 14:35:52 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A78A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCQlIwN0Q0QllBQUVYSWRoYlZzdw&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABBR07D4BYAAEXIdhbVsw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partne...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABBR07D4BYAAEXIdhbVsw&pid=558502&do=add
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABBR07D4BYAAEXIdhbVsw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsy...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABBR07D4BYAAEXIdhbVsw
42 B
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABBR07D4BYAAEXIdhbVsw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 25 Jan 2022 14:35:54 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va1pug018:0:426
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 25 Jan 2022 14:35:54 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABBR07D4BYAAEXIdhbVsw
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
usersync.aspx
dis.criteo.com/dis/ Frame A234 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Tue, 25 Jan 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
451680
strict-transport-security
max-age=31536000; preload;
141
match.deepintent.com/usersync/ Frame C145 		0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
content-type
image/gif
content-length
0
date
Tue, 25 Jan 2022 14:35:52 GMT
server
a
mw
mwzeom.zeotap.com/ Frame F582
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=d5ed9a8bff9a8eb8a73ebe98be9e38b8
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=e62266c8f906ca76433ca81f92d483fd
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=068d0648-e8ef-420b-97fe-f96435b39fb6&icm
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
  • https://pixel.onaudience.com/?partner=252&mapped=y-rgGHZfZE2pSNWuf3ytlMz87uupMMWsu.UQ--~A&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=8be217bcde5f5b62
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8cbe2115-82a8-4ae2-5b47-cf58e3b044ad&reqId=55cdea85-b8f5-41c0-4d68-0d3791552deb&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAgJ9E4G-dNI2VcPrihEUnw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8cbe2115-82a8-4ae2-5b47-cf58e3b044ad&reqId=55cdea85-b8f5-41c0-4d68-0d3...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEAgJ9E4G-dNI2VcPrihEUnw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8cbe2115-82a8-4ae2-5b47-cf58e3b044ad&reqId=55cdea85-b8f5-41c0-4d68-0d3791552deb&zcluid=8be217bcde5f5b62&zdid=1332
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6d323b0f6a814bd0-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEAgJ9E4G-dNI2VcPrihEUnw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8cbe2115-82a8-4ae2-5b47-cf58e3b044ad&reqId=55cdea85-b8f5-41c0-4d68-0d3791552deb&zcluid=8be217bcde5f5b62&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame F582
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&addseg=10,33,39
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&addseg=10,33,39
Protocol
H2
Server
8.28.7.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date
Tue, 25 Jan 2022 14:35:53 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
g.pixel
aa.agkn.com/adscores/ Frame F582 		43 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:2600:1a:609a:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:53 GMT
via
1.1 ea450411fc852f7d373f7efbe784dd74.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
IZCgYxrsm5kRY47AFatWiUpniz9m0Qm_Z8ENxZ5KJhMwgTVUD1eTnQ==
expires
0
/
io.narrative.io/ Frame F582
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
  • https://io.narrative.io/?io.narrative.guid.v2=19426be0-7dec-11ec-b070-0a4515f2e365&companyId=673&id=pubmatic_id:ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=19426be0-7dec-11ec-b070-0a4515f2e365&companyId=673&id=pubmatic_id:ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
Protocol
HTTP/1.1
Server
52.200.167.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-167-170.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:53 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=19426be0-7dec-11ec-b070-0a4515f2e365&companyId=673&id=pubmatic_id:ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
Date
Tue, 25 Jan 2022 14:35:53 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F582 		43 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:b6fc:4de6:8023:56cb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame F582
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_eMKGaJE2uUgEqNfbc6fKA62Yl9QfyY-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_eMKGaJE2uUgEqNfbc6fKA62Yl9QfyY-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_eMKGaJE2uUgEqNfbc6fKA62Yl9QfyY-~A&gdpr=0&gdpr_consent=
date
Tue, 25 Jan 2022 14:35:53 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame F582
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5777866265742787551&gdpr=0&gdpr_consent=
42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5777866265742787551&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:53 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug016:0:490
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:53 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
f29c01f2-c57d-420b-95cf-3804ba71bfdf
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5777866265742787551&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F582
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1774d832-7dec-11ec-84bb-535f241a7d24&gdpr=0&gdpr_consent=
1 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1774d832-7dec-11ec-84bb-535f241a7d24&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 10:54:14 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug026:0:358
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1774d832-7dec-11ec-84bb-535f241a7d24&gdpr=0&gdpr_consent=
Date
Tue, 25 Jan 2022 14:35:52 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
19337803-7dec-11ec-84bb-535f241a7d24
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame F582 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.55.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-55-94.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Pug
simage2.pubmatic.com/AdServer/ Frame F582
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=572ca787ef091237&is_secure=true&networkId=17100&version=1&nuid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGeKcqG5PYhANgmrrlAAAAAAA&expiration=1643207753&nuid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&...
42 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGeKcqG5PYhANgmrrlAAAAAAA&expiration=1643207753&nuid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:53 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug016:0:593
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:53 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGeKcqG5PYhANgmrrlAAAAAAA&expiration=1643207753&nuid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
33141
tags.bluekai.com/site/ Frame 32D5
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=d5ed9a8bff9a8eb8a73ebe98be9e38b8
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=4a63207fa5d2011e
62 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=4a63207fa5d2011e
Protocol
HTTP/1.1
Server
173.223.56.123 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:53 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=4a63207fa5d2011e
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame 32D5
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&addseg=10,33,39
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&addseg=10,33,39
Protocol
H2
Server
8.28.7.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date
Tue, 25 Jan 2022 14:35:53 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
g.pixel
aa.agkn.com/adscores/ Frame 32D5 		43 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:2600:1a:609a:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:53 GMT
via
1.1 ea450411fc852f7d373f7efbe784dd74.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
AsBdbbLjyAO_0MoBa1ubOZ_2bi_MUzB94E61_dWhPyuKB4x8O_SxMQ==
expires
0
/
io.narrative.io/ Frame 32D5
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
  • https://io.narrative.io/?io.narrative.guid.v2=19432f30-7dec-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=19432f30-7dec-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
Protocol
HTTP/1.1
Server
52.200.167.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-167-170.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 14:35:53 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=19432f30-7dec-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
Date
Tue, 25 Jan 2022 14:35:53 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1225
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1dd561f0-0ac4-4e00-a579-6844ede89535&gdpr=0&gdpr_consent=
42 B
495 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1dd561f0-0ac4-4e00-a579-6844ede89535&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 25 Jan 2022 11:40:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug030:0:710
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 25 Jan 2022 14:35:53 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master ord-pixel-x10 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1dd561f0-0ac4-4e00-a579-6844ede89535&gdpr=0&gdpr_consent=
Expires
Tue, 25 Jan 2022 14:35:52 GMT
ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 32D5 		43 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:b6fc:4de6:8023:56cb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 32D5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_eMKGaJE2uUgEqNfbc6fKA62Yl9QfyY-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_eMKGaJE2uUgEqNfbc6fKA62Yl9QfyY-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_eMKGaJE2uUgEqNfbc6fKA62Yl9QfyY-~A&gdpr=0&gdpr_consent=
date
Tue, 25 Jan 2022 14:35:53 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 877D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABBR07D4BYAAEXIdhbVsw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partn...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp,sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABBR07D4BYAAEXIdhbVsw
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABBR07D4BYAAEXIdhbVsw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 25 Jan 2022 14:35:53 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
10:0:835
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 25 Jan 2022 14:35:53 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABBR07D4BYAAEXIdhbVsw
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
usersync.aspx
dis.criteo.com/dis/ Frame 0BE1 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 25 Jan 2022 14:35:52 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Tue, 25 Jan 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
706500
strict-transport-security
max-age=31536000; preload;
Pug
image2.pubmatic.com/AdServer/ Frame 32D5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5777866265742787551&gdpr=0&gdpr_consent=
42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5777866265742787551&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:53 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug002:0:1151
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 14:35:53 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
e9da07c6-71d9-4fac-8d16-dc1d0ae5a9c3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5777866265742787551&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 32D5
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1774d832-7dec-11ec-84bb-535f241a7d24&gdpr=0&gdpr_consent=
1 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1774d832-7dec-11ec-84bb-535f241a7d24&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:53 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug018:0:1441
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1774d832-7dec-11ec-84bb-535f241a7d24&gdpr=0&gdpr_consent=
Date
Tue, 25 Jan 2022 14:35:52 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
1934d764-7dec-11ec-b4fa-e141e98eda89
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 32D5 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.55.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-55-94.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Pug
simage2.pubmatic.com/AdServer/ Frame 32D5
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5bd1a25942e51235&is_secure=true&networkId=17100&version=1&nuid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGd_FD_oxULAMFNEb0AAAAAAA&expiration=1643207753&nuid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&...
42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGd_FD_oxULAMFNEb0AAAAAAA&expiration=1643207753&nuid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:53 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug007:0:582
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 14:35:53 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGd_FD_oxULAMFNEb0AAAAAAA&expiration=1643207753&nuid=ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
141
match.deepintent.com/usersync/ Frame 4517 		0
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
content-type
image/gif
content-length
0
date
Tue, 25 Jan 2022 14:35:52 GMT
server
a
SPug
simage4.pubmatic.com/AdServer/ Frame F582 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 32D5 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 14:35:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

251 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 string| eet_primary_category string| eet_cat_ids string| eet_term_ids string| eet_all_term_ids string| eet_cat_names boolean| eet_no_ads string| eet_ads_term_ids string| eet_post_id string| eet_author_name string| eet_primary_category_name string| eet_tags string| eet_tags_slugs string| eet_publish_date string| eet_last_updated_date string| eet_word_count string| eet_page_type string| eet_segment_url string| featured_img_thumbnail string| eet_is_premium_article object| settings_obj string| eet_ga_id string| eet_domain object| dataLayer string| GoogleAnalyticsObject function| ga function| gtag string| eet_ref string| eet_refcat string| eet_refname string| eet_refpos function| getUrlParameter function| $ function| jQuery object| pending_sections number| section_threshold number| timerStart boolean| more_loading boolean| isEurope number| timerLimitForCheckGeo string| LIVE_CHAT_HOST boolean| windows_focused string| url_path undefined| arr_path number| dt string| uuid object| gtag_obj function| eet_home_ymk_socials function| addSlashes function| load_mailmunch function| check_sections_on_scroll function| add_lazy_load_section boolean| didScroll number| page_lastScrollTop number| category_page_num function| category_load_next_page number| scroll_position function| eet_bright_nav undefined| didScrollHome function| eet_back_to_top function| eet_single_sticky_header function| eet_single_tool_box function| eet_epochtv_category boolean| loading_inprogress number| epochtv_page_num number| page_total function| epochtv_load_next_page function| category_append_one_page function| ednBidders function| epochGUID function| eet_entirepage_cover function| eet_remove_entirepage_cover function| eet_ymk_userID function| eet_check_country function| eet_show_edition_popup function| getUrlParameters function| initUserDNA function| updateUserDNA function| handleMessageUpdateUserDNA function| check_pipa_siteid function| init_pipa_paywall function| eet_fp_sticky_sidebars function| render_donation function| eet_save_post function| eet_user_saved_post_status function| eet_follow_author_status function| eet_follow_author function| eet_send_to_community function| eet_fix_mkt_list function| eetGetPostID function| live_chat_init function| listenLiveChatMessage function| handleLiveChatLoginCallback function| handleLiveChatHideCallback function| handleLiveChatShowCallback function| change_number_color function| eet_load_player_src function| eet_load_player number| readDuration string| eetGAClientID function| trackingReadActivity function| sendTracking function| eet_radiantlife_sticky_sidebars function| eet_get_ai_list function| eetAIRecAPIErrEvent function| eet_ai_handle_search function| eet_ai_rec_insert_tracking function| eet_track_widgets_seen function| eet_get_post_detail function| searchResultFolding function| formatAiRecDate function| getGAClientID function| trackingSearchActivity function| eet_get_user_id function| eetRecordUserReadingHistory function| recAdsAbcTestRandomizer function| insertRecAdSlot function| fillEmptyAds object| jQuery1113045444509587903426 object| ep object| regeneratorRuntime object| MicroModal function| expired object| epSubs function| get_remark_host function| float_remark_panel function| remark_panel_init function| load_ymk_comments function| showUserTemplate object| webpackChunkreact_aplayer number| PREBID_TIMEOUT number| ALLBIDS_TIMEOUT number| HB_FLOOR boolean| show_roadblock object| ads number| infinity_ad_count boolean| lazyload object| googletag object| pbjs function| sySpecialAd boolean| outside_article_ads object| ednHighFloor function| prepareDivs function| get_ads_template function| fillAdSlot function| ixbid function| insert_ads_div function| display_infinite_ads function| insert_recommend_ads function| setGoogleTagTargeting function| getRootDomain function| createGPT function| loadA9 function| loadPrebidJSLibrary function| startGoogleTagService function| display_pd_slot function| display_ads function| fetchHeaderBids function| oxZoneId function| renderGoogleTagWithTracking function| renderOxAd function| getTwitterMatch function| getFacebookMatch function| eet_single_game_ads function| eet_ai_recm_native object| apstag object| slots object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| apstagLOADED function| pbjsChunk object| _pbjsGlobals object| google_tag_manager function| postscribe object| google_tag_manager_external function| onYouTubeIframeAPIReady object| _qevents object| _atrk_opts function| referral function| setCookie function| getCookie object| cbJsonP function| cb_window_logger function| Chargebee object| ggeac object| google_js_reporting_queue object| __SENTRY__ function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| atrk boolean| _atrk_fired undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| _jsload object| jsapi object| ttsmi2_data object| smi2TrackerSend object| __statmedia_callbacks object| jsapi_ object| JsAPI object| __statmedia object| U function| StatMedia object| statmedia49188 object| akqojdub5uzd object| closure_lm_534538 function| fbq function| _fbq undefined| dynamicPixel object| userDNA object| extractedURLParams object| remark_config object| GoogleGcLKhOms function| empty object| REMARK object| _peSd object| _peD object| _peE object| _pe object| _peq function| _add_ctag object| body object| google_image_requests

172 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09APj96hQS6OR85-dS_hZXd0Ws06gCOTnEe0pqFYUrROcrX9EN-j6C0J3oOIfrrWEOitfi6uEzlcbvYMSBinL1wrg
i.liadm.com/s Name: _li_ss
Value: MgYIkgEQqBE
.theepochtimes.com/ Name: epoch_persistent_user_id
Value: anona372-b500-4bf9-91b6-ac22075c90ff
www.theepochtimes.com/ Name: epoch_gdpr_userid
Value: f2279cd8-9f22-1756-517c-579ef20f45f1
www.theepochtimes.com/ Name: userReadingHistory
Value: %5B%224233039%22%5D
.theepochtimes.com/ Name: _gid
Value: GA1.2.1683775218.1643121347
.theepochtimes.com/ Name: _gat
Value: 1
.theepochtimes.com/ Name: _ga_RD0QM5H02Q
Value: GS1.1.1643121347.1.0.1643121347.0
.theepochtimes.com/ Name: pageviewCount_fb
Value: 1,none,https://www.theepochtimes.com/1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html?utm_medium=EmailMk&utm_source=wwia&utm_campaign=NewsProv1&utm_term=IA1-01-25-2022&utm_content=etnews1&instaaccount=camille.papanek%40cic.gc.ca&__ve=camille.papanek%40cic.gc.ca
.scorecardresearch.com/ Name: UID
Value: 11Ee8f4c8cb577c56c554321643121347
.theepochtimes.com/ Name: _ga
Value: GA1.2.1669070802.1643121347
.theepochtimes.com/ Name: __asc
Value: a73c926417e91aa0b0ff87016b7
.theepochtimes.com/ Name: __auc
Value: a73c926417e91aa0b0ff87016b7
.openx.net/ Name: i
Value: 7656d3aa-96f1-40ba-a925-e84dd4a3be35|1643121347
.quantserve.com/ Name: mc
Value: 61f00ac3-7acdb-04360-b330e
.gumgum.com/ Name: cs
Value: true
.theepochtimes.com/ Name: __qca
Value: P0-126226592-1643121347457
.yahoo.com/ Name: A3
Value: d=AQABBMMK8GECEMWKQqM-9-Mm5DrvCQIro1YFEgEBAQFc8WH5YQAAAAAA_eMAAA&S=AQAAAmMHwl98j_syZ_k_mf0GC4k
.rubiconproject.com/ Name: khaos
Value: KYU80Y06-1O-9ZO6
.adnxs.com/ Name: icu
Value: ChgI159BEAoYASABKAEww5XAjwY4AUABSAEQw5XAjwYYAA..
.adnxs.com/ Name: uuid2
Value: 5777866265742787551
.amazon-adsystem.com/ Name: ad-id
Value: A3ohQiu5YEyBs63u9fKYqKg
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.go.sonobi.com/ Name: __uis
Value: fe8d767e-3086-4e45-b815-594394f30980
.go.sonobi.com/ Name: HAPLB8S
Value: s8759|YfAKw
.adnxs.com/ Name: anj
Value: dTM7k!M4.gD>6NRF']wIg2Hb=ar`ie!1yIE'Yg-$<@[#3*V!gos?`ug3WmTBiq%iP`Bf_<)3(/M8]4dD9bw%S]L7On<r<8eQVk1$[nnY]Ouk+<[jrbrT*kY2^/W:W_+*%a_'<f-!HL=%9RrTq?Gwq7
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IktZVTgwWTA2LTFPLTlaTzYiLCJleHBpcmVzIjoiMjAyMi0wNC0yNVQxNDozNTo0N1oifSwic29ub2JpIjp7InVpZCI6ImZlOGQ3NjdlLTMwODYtNGU0NS1iODE1LTU5NDM5NGYzMDk4MCIsImV4cGlyZXMiOiIyMDIyLTA0LTI1VDE0OjM1OjQ3WiJ9fSwiYmlydGhkYXkiOiIyMDIyLTAxLTI1VDE0OjM1OjQ3WiJ9
.mixi.media/ Name: _sm_uid
Value: 3703a49d-61b5-41eb-986e-760ac6799c89
.mixi.media/ Name: _sm_udt
Value: 1643121347810
.mixi.media/ Name: _sm_sid
Value: 44504db9-813e-4479-b6aa-14ef1ee9b3e2
.theepochtimes.com/ Name: __gads
Value: ID=45a9d16bd9a3fd48-22ce3e01b17b00c4:T=1643121347:S=ALNI_MYO_JIU3-ZZ5jinQDvxrX8ClLIbgg
.lijit.com/ Name: ljt_reader
Value: 43d3a598888a0b71b98a1c11
.casalemedia.com/ Name: CMID
Value: YfAKw803CFEzQ5mRasth1wAA
.casalemedia.com/ Name: CMPS
Value: 468
.sharethrough.com/ Name: stx_user_id
Value: c18073f8-cbe4-459f-adf5-002ca6e99b53
.doubleclick.net/ Name: IDE
Value: AHWqTUnIya78o_lCHis-hF8KhDi6HlQOVsqW0gNw9HIGC2io4m5b3G_p7a3LayTMYEE
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjJSsjI0MzExNjawNDHXUbIwReWbmqHyjczBfGNzIzNDEN8QRX8tAImzECI%3D
.simpli.fi/ Name: suid
Value: B22330297A8044C9BDB050E0BAF9B9E8
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YfAKxAABNO_fwQAy
.casalemedia.com/ Name: CMPRO
Value: 535
.adsrvr.org/ Name: TDID
Value: 068d0648-e8ef-420b-97fe-f96435b39fb6
.openx.net/ Name: univ_id
Value: 537072971|068d0648-e8ef-420b-97fe-f96435b39fb6|1643121348244524
.pubmatic.com/ Name: KADUSERCOOKIE
Value: ABBE4F57-CC6C-4C4C-B3CE-15CF9B6C03F0
.eqads.com/ Name: EQUser
Value: UID=96a956e7-7e4a-4194-9f5a-8ae13a557c94
.lijit.com/ Name: _ljtrtb_27
Value: 068d0648-e8ef-420b-97fe-f96435b39fb6
.lijit.com/ Name: _ljtrtb_2
Value: B22330297A8044C9BDB050E0BAF9B9E8
.lijit.com/ Name: _ljtrtb_12
Value: 5777866265742787551
.bidr.io/ Name: bito
Value: AABBR07D4BYAAEXIdhbVsw
.bidr.io/ Name: bitoIsSecure
Value: ok
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-dd2d9c16-e875-4ba2-5cde-25c9a247245a.UcdcTFAeXLMlz6HZvtKbwbgKVkQS2WVXlwczS2QBd0c
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-dd2d9c16-e875-4ba2-5cde-25c9a247245a%24ip%24149.56.153.186.hPdyQJ2cW2ukDC01YYcmGDMrjq1ynMarPSvYyYEDsuo
.lijit.com/ Name: _ljtrtb_85
Value: AABBR07D4BYAAEXIdhbVsw
.turn.com/ Name: uid
Value: 9172333580162404280
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YfAKxAABNO_fwQAy&KRTB&22978-YfAKxAABNO_fwQAy&KRTB&23194-YfAKxAABNO_fwQAy&KRTB&23209-YfAKxAABNO_fwQAy
.pubmatic.com/ Name: PUBMDCID
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-068d0648-e8ef-420b-97fe-f96435b39fb6&KRTB&22918-068d0648-e8ef-420b-97fe-f96435b39fb6&KRTB&23031-068d0648-e8ef-420b-97fe-f96435b39fb6
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-9172333580162404280
.mathtag.com/ Name: uuid
Value: 1dd561f0-0ac4-4e00-a579-6844ede89535
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:B22330297A8044C9BDB050E0BAF9B9E8
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEC8l9gPvGLY13KCg1YPLJ1E&KRTB&22987-CAESEC8l9gPvGLY13KCg1YPLJ1E&KRTB&23025-CAESEC8l9gPvGLY13KCg1YPLJ1E
.advertising.com/ Name: APID
Value: UP167c6eb3-7dec-11ec-81cf-0ac457200283
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-faeab479-548a-4f19-88a9-06ef1608f6ed-005%22%2C%22nxtrdr%22%3Afalse%7D
.adform.net/ Name: C
Value: 1
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJwS-G5_7eHcEX1P5d3Y45YiyIrsKPL1sCI5DK4aym52s440pJGr2YejDY5QC4TM1
.bidswitch.net/ Name: tuuid
Value: f4877bed-f4bd-400b-a2f2-0cadc535107e
.bidswitch.net/ Name: c
Value: 1643121348
.bidswitch.net/ Name: tuuid_lu
Value: 1643121348
.acuityplatform.com/ Name: auid
Value: 642510547937
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTM3+o11c2VyTWF0Y2hpbmdJZCQEkpFsYXN0RHJvcFRpbWVNaWxsaXMlAT8kNSB8hJhsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQE/JDUgfISPdGhpcmRQYXJ0eVVzZXJJZCH7+4Z2ZXJzaW9uwvs="
.rubiconproject.com/ Name: audit
Value: 1|cFHnG+JTxPYkB7nJ8AsR5LzHoPNN5Fd7u4kzXES0/NYeECEUBMheit3Vx96J8AB5FctL5oLnBZskEa5N2k7U1SEEFoCDRlfY5fvCZrsWYKoPw2jNburi8unz1/t/VRL5aPPeOixKWnu59m8VDV+31jRdIx13B8Zvs3ogJAXB5Q6+nsP324Zktw==
.adform.net/ Name: uid
Value: 7658349263671856828
.pippio.com/ Name: did
Value: ST1m_TZpgYQu7861
.pippio.com/ Name: didts
Value: 1643121348
.pippio.com/ Name: nnls
Value:
.mookie1.com/ Name: id
Value: 10596829188241621043
.mookie1.com/ Name: mdata
Value: 1|10596829188241621043|1643121348583
.mookie1.com/ Name: ov
Value: 3268d67a087b511ddcfbc101e20cfb31
.yahoo.com/ Name: APID
Value: UP167c6eb3-7dec-11ec-81cf-0ac457200283
.tapad.com/ Name: TapAd_TS
Value: 1643121348669
.tapad.com/ Name: TapAd_DID
Value: 576bd1b0-8af1-4421-9592-52cce04a3e47
.stat.media/ Name: _sm_uid
Value: 3703a49d-61b5-41eb-986e-760ac6799c89
.stat.media/ Name: _sm_udt
Value: 1643121347810
.stat.media/ Name: _sm_sid
Value: 44504db9-813e-4479-b6aa-14ef1ee9b3e2
.stat.media/ Name: _sm_cm
Value: 32
.pippio.com/ Name: pxrc
Value: CMSVwI8GEgQIAhAAEgYI7OsBEAA=
.mixi.media/ Name: nid
Value: ads5-3ssel30
.mookie1.com/ Name: syncdata_TAP
Value: 1
.linksynergy.com/ Name: rmuid
Value: bcfdcd57-efcc-4c6b-a848-bbd2d01da066
.linksynergy.com/ Name: icts
Value: 2022-01-25T14:35:48Z
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-faeab479-548a-4f19-88a9-06ef1608f6ed-005%22%7D
.lijit.com/ Name: ljtrtb
Value: eJwVyjsOwjAMANC7ZCaS6%2FjLFtMgsTIgWKM2YmfogLg77fzeN02YzolV1URQWAnVlHlKp3RIIJYC6FoNiC4ecwBDg6hXD292NN0fiC0gZHm1dWRC6Nl1rHm4UOFefHTZr%2FF%2Ba424g84Ur1rb87a8%2B%2BOzpd8fhQIhKA%3D%3D
.lijit.com/ Name: _ljtrtb_56
Value: RX-faeab479-548a-4f19-88a9-06ef1608f6ed-005
.districtm.io/ Name: _dm_uid
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2JiQWJJR0d6STBRelJuYjBaQ2JscEhabVYyYkhOR1N6UmhTRTFJUkVvd05ib0dGUWlnVGhJUVdXWkJTM2hCUVVKT1QxOW1kMUZCZWJvR0VRaW1UaElNTmpReU5URXdOVFEzT1RNM3VnWURDS3BPdWdZRENLNU91Z1lEQ0xCT3VnWlFDTU5PRWt0NUxTNXFSelJvZFZwRk1uVkZTV0phV0RoTE0ycG1VR3hWUzNrMFdtTldXQzU2ZmtGK1ZWQXhOamRqTm1WaU15MDNaR1ZqTFRFeFpXTXRPREZqWmkwd1lXTTBOVGN5TURBeU9ETzZCaWtJeTA0U0pHTXhPREEzTTJZNExXTmlaVFF0TkRVNVppMWhaR1kxTFRBd01tTmhObVU1T1dJMU13PT0iLCJpYXQiOjE2NDMxMjEzNDh9.1piJpxKag5jciPdsovBaMCnjmjl_shN33mQ8VuiJ685jrpsTYCcOyfDEWnsgLV0p_oK4hf2Cl8KcoTCsTYOrOQ
.agkn.com/ Name: ab
Value: 0001%3A%2FpG6xPXWqWsFPMKAqvJHgvIBhxGt0ZQZ
.theepochtimes.com/ Name: epoch_geo
Value: ca
.theepochtimes.com/ Name: epoch_geo_city
Value:
.mookie1.com/ Name: syncdata_NEU
Value: 1
www.theepochtimes.com/ Name: epoch_user_dna
Value: %7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D
.theepochtimes.com/ Name: ymk_user_utm_source
Value: wwia
.theepochtimes.com/ Name: ymk_user_utm_medium
Value: EmailMk
.theepochtimes.com/ Name: ymk_user_utm_term
Value: IA1-01-25-2022
.theepochtimes.com/ Name: ymk_user_utm_campaign
Value: NewsProv1
.theepochtimes.com/ Name: ymk_user_utm_content
Value: etnews1
.theepochtimes.com/ Name: _fbp
Value: fb.1.1643121349555.210969827
.facebook.com/ Name: fr
Value: 0QJa3IASVAx2Z2ysU..Bh8ArF...1.0.Bh8ArF.
a.clickcertain.com/ Name: _ccpx_u
Value: d21ca467%2d778c%2d4114%2d9040%2d756b0af16e31
.theepochtimes.com/ Name: epoch_user_type
Value:
.openx.net/ Name: pd
Value: v2|1643121347.2|iKvMgakWgy.mmbwuYvPeShEgKg2f8ke
a.clickcertain.com/ Name: _ccpx_244b81b94c69796
Value: 1
a.clickcertain.com/ Name: _ccpx
Value: 244b81b94c69796
.sitescout.com/ Name: ssi
Value: 516b8be5-8aa9-4950-b5e2-fbfdf6ce8211#1643121350061
.casalemedia.com/ Name: CMST
Value: YfAKxGHwCsYA
.rlcdn.com/ Name: rlas3
Value: rp5zP/q7BiPgAq0WkDWvh3y7pNp8gMODViRPkl4hyOo=
.rlcdn.com/ Name: pxrc
Value: CMSVwI8GEgUI6AcQABIFCOhHEAASBgi66gEQAg==
.ipredictive.com/ Name: cu
Value: 1774d832-7dec-11ec-84bb-535f241a7d24|1643121350093
.yahoo.com/ Name: APIDTS
Value: 1643121350
.quantserve.com/ Name: d
Value: EHoBDQGkJbjvsQA
.liadm.com/ Name: lidid
Value: bcbab6e2-c1da-4d9d-adb3-58751996d1f4
.theepochtimes.com/ Name: _gat_trackerUA1046545556
Value: 1
.sitescout.com/ Name: _ssuma
Value: eyIyNCI6MTY0MzEyMTM1MDM1OCwiNCI6MTY0MzEyMTM1MDM1OCwiMTciOjE2NDMxMjEzNTAxMTgsIjM5IjoxNjQzMTIxMzUwMzU4fQ
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: e62266c8f906ca76433ca81f92d483fd
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDUzMjIzS7ZIszQwS040NzMxNk5OtDBMszRKMbEwTkthAILED1zHQDQUAABSbQrj"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI%2FMB1DEhBAQAaigIi"
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!614
.creative-serving.com/ Name: tuuid
Value: 66fbb369-9ed8-47f3-8e94-0120bf627a3e
.creative-serving.com/ Name: c
Value: 1643121350
.creative-serving.com/ Name: tuuid_lu
Value: 1643121350
.exelator.com/ Name: EE
Value: "d5ed9a8bff9a8eb8a73ebe98be9e38b8"
.smadex.com/ Name: smxtrack
Value: 579626ed-eb30-45a5-9078-f05f5c983d57
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHFNDXFMtEiKS0NSKYmWSSaG6cmpVpaAHGqsUWSxeKy1KIFS0uLU1OSDi2pyCnJaVpdFh%252FqGO%252Fm6OvpE7nMOaMoPzd1BVgozDVokaX5kvyizPRFzo6Li1LSGBaVFJ8K3u9xFQDv2iuI"
.casalemedia.com/ Name: CMRUM3
Value: 6961f00ac605a00&2861f00ac405a0&dd61f00ac62760&be61f00ac405a0&3361f00ac62760f4877bed-f4bd-400b-a2f2-0cadc535107e&4961f00ac605a0&ce61f00ac605a0&8261f00ac62760AABBR07D4BYAAEXIdhbVsw&2761f00ac42760068d0648-e8ef-420b-97fe-f96435b39fb6&9c61f00ac4276033a683bb-301d-4dfb-934b-06f4541fae34&f161f00ac405a0&5161f00ac627607DODBepjhgb3NYRWvmDIBe4x0wX3YNYG6meTbTs7&2e61f00ac605a0&4061f00ac62760516b8be5-8aa9-4950-b5e2-fbfdf6ce8211-61f00ac6-4341&e661f00ac42760&2d61f00ac405a0&4161f00ac405a0AAAGeQIdTyv0VgM4SB6EAAAAAAA
.theepochtimes.com/ Name: epoch_user_id
Value: user_2b20b4543df98c1930cf85016b8f46a6b9986f5d
.theepochtimes.com/ Name: epoch_sessionid
Value: CDUE4g93tsVtkCfq36gEEnSzBL5LEeL8KNaXLBs5pxfcaelfi4JTJs5ZBElBzoLdqKl_sZCx%252BSVAP3SCAq3beBALi262F_Mi6%252Bwn__LSt0Dcn0fjNhlM9VWETuk%253D
.theepochtimes.com/ Name: epoch_token
Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NzQ2NTczNTIsIlRva2VuVHlwZSI6ImxldmVsMSIsIk5hbWUiOiJ1c2VyXzJiMjBiNDU0M2RmOThjMTkzMGNmODUwMTZiOGY0NmE2Yjk5ODZmNWQifQ.ZgjhXIwHY_TMQdfhkdbMZX2GoOoD3tmB0-9sK7TRrtxaCUNzuFbFAruoMBcgf4GaJJdD5j05a3DfRjHPXWUSrlU5dKmYkEZ9x-mf3kIbj3Ee3IttzQWdwgAyOEX47iMh6DkjLG35FCpAn3hYMHJ6y52scB7-PA162KMia8DNOL8
.theepochtimes.com/ Name: epoch_out
Value: 0
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: DPSync3
Value: 1643155200%3A174%7C1644278400%3A197_201_219_221_228_236%7C1643673600%3A164
.pubmatic.com/ Name: SyncRTB3
Value: 1644278400%3A21_220_13_71_104_231_22_54_7_3_178_166%7C1643673600%3A2_223_15%7C1644364800%3A35
.analytics.yahoo.com/ Name: IDSYNC
Value: "18ym~22v2:18za~22v2:175w~22v2:18z8~22v2"
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-1774d832-7dec-11ec-84bb-535f241a7d24&KRTB&23011-1774d832-7dec-11ec-84bb-535f241a7d24
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:1dd561f0-0ac4-4e00-a579-6844ede89535&KRTB&16736-uid:1dd561f0-0ac4-4e00-a579-6844ede89535&KRTB&23019-uid:1dd561f0-0ac4-4e00-a579-6844ede89535&KRTB&23208-uid:1dd561f0-0ac4-4e00-a579-6844ede89535
.pubmatic.com/ Name: SPugT
Value: 1643121352
.dotomi.com/ Name: DotomiTest
Value: 572ca787ef091237
.fiftyt.com/ Name: cs
Value: MTY0MzEyMTM1M3xEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fIsn8iDL6TOxAz0lnAOBWetNr485p1Srv-LdhwzMkN0I
.fiftyt.com/ Name: fifid
Value: 01736d79-981c-4187-666f-12248a7138fd
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5777866265742787551&KRTB&23339-5777866265742787551
.deepintent.com/ Name: CDIUSER
Value: di_889083c4d6624557ba0e8
io.narrative.io/ Name: io.narrative.guid.v2
Value: 19432f30-7dec-11ec-9141-120bff9cc4e7
.fiftyt.com/ Name: fppm
Value: 20220125143553
.technoratimedia.com/ Name: tads_uid
Value: 5B960A8FA96448DFAFEB5B4F60FF9505
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220125093553-0500
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AABBR07D4BYAAEXIdhbVsw
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAGeKcqG5PYhANgmrrlAAAAAAA&KRTB&22713-AAAGeKcqG5PYhANgmrrlAAAAAAA&KRTB&22715-AAAGeKcqG5PYhANgmrrlAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABBR07D4BYAAEXIdhbVsw
.onaudience.com/ Name: done_redirects161
Value: 1
.onaudience.com/ Name: cookie
Value: 8be217bcde5f5b62
.onaudience.com/ Name: done_redirects104
Value: 1
.onaudience.com/ Name: done_redirects109
Value: 1
.onaudience.com/ Name: done_redirects147
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFb3BlbngSCwjmp-uswIawOhAFEhsKDHNoYXJldGhyb3VnaBILCLaFqa3AhrA6EAUSFwoIcHVibWF0aWMSCwiS75CuwIawOhAFEhQKBXRhcGFkEgsIuPHMwcCGsDoQBRgBIAEoAjILCPS70I7XhrA6EAU4AVoHeGtzdzlsYWAC
.onaudience.com/ Name: done_redirects252
Value: 1
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zc
Value: 8cbe2115-82a8-4ae2-5b47-cf58e3b044ad
.zeotap.com/ Name: zsc
Value: %14%97%E0on%89%02%F7%CF0_%A0%AA%C1%83%8B%DE%2CY~%FEZ%29%10o%FD+%3A%3B%2B%19j%C3%CE%AE%ED%A6%91%BF%F6%F7-%60%E3+%CC9%C3%D8%C0%0B%DE%24%8A%5D%5D%408%7D-%18q%E0o%C1%9B%7Bo%9B%11%A7%BF%AF0A%05%19%9E%FB+%1AB%E2
.contextweb.com/ Name: V
Value: oiRlTiB6hqAL
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1bsx|7dN.0.AABBR07D4BYAAEXIdhbVsw
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: d06115e6efc73b50
.pubmatic.com/ Name: PugT
Value: 1643121354

11 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security error URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Message:
Refused to execute script from 'https://x.bidswitch.net/sync?dsp_id=419&user_id=10596829188241621043&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=' because its MIME type ('image/gif') is not executable.
network error URL: https://comment.youmaker.com/api/v1/user?site=remark
Message:
Failed to load resource: the server responded with a status of 401 ()
security error URL: https://subs.youmaker.com/template/show?tid=6502e8a1-259e-4f71-8efa-fe8ba77cec38&sid=ca.theepochtimes.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.theepochtimes.com%2F1200-fake-american-drivers-licenses-from-hong-kong-seized-in-indiana_4233039.html%3Futm_medium%3DEmailMk%26utm_source%3Dwwia%26utm_campaign%3DNewsProv1%26utm_term%3DIA1-01-25-2022%26utm_content%3Detnews1%26instaaccount%3Dcamille.papanek%2540cic.gc.ca%26__ve%3Dcamille.papanek%2540cic.gc.ca&tn=InstaAccount%20Plus&dna=%7B%22u_s%22%3A%22wwia%22%2C%22u_c%22%3A%22NewsProv1%22%2C%22r%22%3A%22%22%2C%22pid%22%3A%22anona372-b500-4bf9-91b6-ac22075c90ff%22%2C%22x%22%3A%2281-776-736%22%2C%22vt%22%3A0%2C%22g1%22%3A%22ca%22%7D(Line 197)
Message:
Blocked autofocusing on a <input> element in a cross-origin subframe.
network error URL: https://subs.youmaker.com/chargebee3/list_subscription?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NzQ2NTczNTIsIlRva2VuVHlwZSI6ImxldmVsMSIsIk5hbWUiOiJ1c2VyXzJiMjBiNDU0M2RmOThjMTkzMGNmODUwMTZiOGY0NmE2Yjk5ODZmNWQifQ.ZgjhXIwHY_TMQdfhkdbMZX2GoOoD3tmB0-9sK7TRrtxaCUNzuFbFAruoMBcgf4GaJJdD5j05a3DfRjHPXWUSrlU5dKmYkEZ9x-mf3kIbj3Ee3IttzQWdwgAyOEX47iMh6DkjLG35FCpAn3hYMHJ6y52scB7-PA162KMia8DNOL8&siteid=ca.theepochtimes.com
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://subs.youmaker.com/access/grant/get?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NzQ2NTczNTIsIlRva2VuVHlwZSI6ImxldmVsMSIsIk5hbWUiOiJ1c2VyXzJiMjBiNDU0M2RmOThjMTkzMGNmODUwMTZiOGY0NmE2Yjk5ODZmNWQifQ.ZgjhXIwHY_TMQdfhkdbMZX2GoOoD3tmB0-9sK7TRrtxaCUNzuFbFAruoMBcgf4GaJJdD5j05a3DfRjHPXWUSrlU5dKmYkEZ9x-mf3kIbj3Ee3IttzQWdwgAyOEX47iMh6DkjLG35FCpAn3hYMHJ6y52scB7-PA162KMia8DNOL8&site_id=ca.theepochtimes.com
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

163ad3d3cef73823fb6ee7c8560a3ece.safeframe.googlesyndication.com
a.clickcertain.com
a.remarketstats.com
aa.agkn.com
acdn.adnxs.com
ad.turn.com
ads.creative-serving.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.ca
adservice.google.com
ap.lijit.com
aud.pubmatic.com
auth.youmaker.com
bcp.crwdcntrl.net
bh.contextweb.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.districtm.io
cdn.epoch.cloud
cdnjs.cloudflare.com
ce.lijit.com
certify.alexametrics.com
clientcdn.pushengage.com
cm.g.doubleclick.net
cm.smadex.com
cms.analytics.yahoo.com
comment.youmaker.com
connect.facebook.net
d.adroll.com
d31qbv1cthcecs.cloudfront.net
data.adsrvr.org
dis.criteo.com
dmx.districtm.io
dmx.us-east-34.districtm.io
dsum-sec.casalemedia.com
dsum.casalemedia.com
ea.epochbase.com
epoch-times-d.openx.net
eus.rubiconproject.com
fonts.gstatic.com
g2.gumgum.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.theepochtimes.com
io.narrative.io
js-sec.indexww.com
js.chargebee.com
loada.exelator.com
loadm.exelator.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mixi.media
mwzeom.zeotap.com
odr.mookie1.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.adnxs.com
pubmatic-match.dotomi.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.adentifi.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
sb.scorecardresearch.com
sc.youmaker.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
service.djywork.com
services.epoch.cloud
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
stackpath.bootstrapcdn.com
stat.media
static.mixi.media
static1.mixi.media
static2.mixi.media
static3.mixi.media
static4.mixi.media
static5.mixi.media
static6.mixi.media
static7.mixi.media
static8.mixi.media
stats.g.doubleclick.net
subs.youmaker.com
subsapi.epoch.cloud
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.bluekai.com
tags.rd.linksynergy.com
target.mixi.media
token.rubiconproject.com
tpc.googlesyndication.com
trk.sharelink.email
u.openx.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
url9334.thenewsprovider.com
us-u.openx.net
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.theepochtimes.com
www.youmaker.com
x.bidswitch.net
104.16.190.66
104.16.68.69
104.36.115.109
104.36.115.113
104.36.115.114
107.178.246.49
107.178.254.65
13.225.214.10
13.225.214.101
13.225.214.4
13.226.31.3
13.226.31.67
132.226.41.106
136.243.66.182
142.251.40.162
142.251.40.194
146.59.148.16
151.101.193.108
151.101.2.49
151.139.128.11
167.89.115.56
169.197.150.8
172.105.13.95
173.223.56.123
18.204.50.126
18.213.10.151
18.217.60.34
185.162.95.70
185.167.164.43
192.132.33.46
198.148.27.139
199.127.204.142
2001:438:65:13::2330
2001:4998:14:800::1000
2001:678:cb4:bbbb::11
207.198.113.176
209.54.180.144
216.200.232.249
23.208.216.212
23.208.217.6
23.39.175.77
23.73.244.44
23.92.190.74
2600:1f18:4e9:5a02:b6fc:4de6:8023:56cb
2600:9000:21dd:0:6:44e3:f8c0:93a1
2600:9000:21ea:2600:1a:609a:6780:93a1
2600:9000:21ea:fc00:1b:5138:8a40:93a1
2606:4700:10::ac43:db6
2606:4700:20::681a:27a
2606:4700:3038::6815:ea4e
2606:4700:3038::6815:ea4f
2606:4700:3039::6815:c074
2606:4700::6810:125e
2606:4700::6812:acf
2607:f8b0:4006:806::2002
2607:f8b0:4006:807::2002
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::2003
2607:f8b0:4006:817::2001
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81f::2008
2607:f8b0:4006:820::2003
2607:f8b0:4006:823::2001
2607:f8b0:4006:824::200e
2607:f8b0:4023:1404::9b
2620:116:800b:21:9525:7e6a:be2b:3707
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
3.216.54.241
3.221.247.3
3.92.156.8
34.107.238.87
34.120.33.89
34.120.97.157
34.194.166.233
34.225.172.55
34.229.3.43
34.73.194.24
34.98.64.218
34.98.67.3
35.186.253.211
35.190.60.146
35.190.90.30
35.201.65.119
35.201.68.206
35.201.96.126
35.211.178.172
35.244.159.8
35.244.243.66
4.7.168.73
52.0.156.250
52.116.221.248
52.200.167.170
52.223.40.198
52.4.194.209
52.4.54.89
52.45.33.138
52.71.206.53
54.144.85.208
54.192.160.42
54.230.162.78
54.236.214.209
54.84.55.94
68.67.153.61
68.67.160.25
68.67.179.87
69.166.1.10
69.90.254.78
72.251.238.254
74.119.119.150
76.13.32.147
8.28.7.109
8.28.7.83
8.43.72.97
8.43.72.98
012008122e40c3630be1e4d197774128008e2900a5b8c225af61645166a5417d
0375407855d7d62d96d9d9fe12f947fa820f28baf39557e523418bc3ab0b9d8c
0523c13750f634735ff97f98cc6b2d0100bc0aab4d8f703ad3b6952731d7a545
05fbb80397868ff4785505e77d654b5aef5e4fa5ddffbfc6b6af49ec02f29967
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
096a7caacb4e844a1d4a5bad9b9145784a9f5b5d7e9397bbbb6e83f646c46505
0a4b126ff99827d3143c2478acd604f067be471e7a7ad808f13ff57e2450ca17
0a843d78310a11fa13722c90ac8f56074d997f232b64443f7a10cff16dda93ad
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7155e64271313ec192a2fa8ba4b2ab8ad3928c4c3c99e1f6f2f0d7ca0103f8
0eaa98d99ffd85f27787798b06fb8b7b62a5c25710e7dc3868fcf893044110d3
0eebd0b4dab6cf3eac098b468c3e75c2468a4b20b33f0a7d517b564ea3f5fd59
0f4725cf0a1ee21d592ec0b6b38e529186f0ca47dc05cd7bd1a16e16519577f0
0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e
0fd778afdf05a4f971f690a7f02c9ab7c4ad0a68f671db34d01205e849f8e998
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11af457ec0f7feedbb1721da7e5ffd4ebd8689c8fcbff1760246f202d76187c7
1256909b9562b779225969eeb95c0f5b1a93fba5775ee2f78dbdb98724feef07
13160f1ceb7467feed0eb33c0b4d0862d3a6b7150826c0123a56ee7bb314439e
13981d4e36dfbd16a201c7dfe2b9a4082b2b33b6485002d1c5eddac4bd984ac0
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ad886d5daed57a89ccce0cb2d34b21c2ff6cc109a8e2ed40635516d939c0456
1b752cbf3c7c93a43eff14707080ff850efb502c0d842cecd9fbaae7ecf85ec3
1b80a55ff16814678fd8009946e3fcd679b67bf5a28436bd8ff99985b299336b
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c2f732d37a047e83532ed4b2153d0d96ccfaa4bb89562ca4695a6cc92128544
1d656ddc68b09d81785c259c5a5908e72b23fe1073f8caad117b93148d942b29
20636e496c24a62ca1ea3fbeb71855f8be39b01e8cd42987d45b231937d5d386
20b33eb0d3404a30fd13269c9b6b3cb6a1a91668a4e284dd9e1b3ec78ca7d479
20fa0be460325f324d17bbcb28283b3dad1ba0a099ddca391f17760801ba238f
2175730887f2860b1352661d0c04d24ca087d75a4423be44aad5012344c9e70c
21f63357d2059cb273c6b8dcfbe574bc19eac381bc68f31806fbf0a6d7464bb8
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
243342401a389aea3c4eb3d79678310870768f96807bd5af44d1452b8c674f9b
24debe1a54d5c3e03a19488a253b5019df02e8123774a2741ab89135cf99427e
25cad5d9e016ff8fc766034922a6ec515d37461b4ae089bd58d5ac964b85f247
29245cf4444bae6a40ce773c4e90fa12d5fae5064af12c8879679822c0b9677f
29b8a75c9030cf7de090cefceb35fb57cb5608682ca4d945052679cca0f75638
2c0460785cc22b67a7efb498a1c12d0e6b3ec58946b6c7d51f0d5a751a0688e2
2dfd42678c80a09a558b4e72e4378552a8792b1343aeddede994471f92606ef8
2e7af9d06c2f1d015d55605ba6c6e4bf8cfa39ea69f1ccbef54c271cc2bdda06
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f8a9a8f44f78097ceb022d0e1c7a140c154b58a3f9544113f684eb20335f9c0
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3141a74d2f7f0278ee1196c2dfeb013807d737c3adc0eeecaaca36495a76bc63
321783dd73440ab6dc2bdc33e0312fcb706d26ee8ed316fbb58c03e650ff34e3
35bf0406cc5a63e576c5a6412af9d150523662672569f8eeb630fe582cb78d14
362b2e9a812487ebfdc11b68fbba4491bdf704804c107678ebe11e901c4f4c3b
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
383ae4a979b3d1e40f26ca3043d625fed9d449cecb76b3b30af4c3d0db7c7b92
38f915335fe629f2736910592b999a5cc13138f931118f5d67026b072c37d6b9
3a333d850190c5ffe95865198a4b35846a7036ed1cbef3978502a17b7bd9aee8
3a3d2b4f1177e49276cc59600440ea66c607b6fecee5013888bf97715b7f4217
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
42a36d658f3e81dafa362584d85f18e498a807e28ade7d246f748d6e00033490
430f384b0fc496d9650c747cca458a7eae062530c718aa7a896d99031fbbae8d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44be04ca10e45131b3040fd10ab82ba4792b1da6c66f6c0bbeb343e3ea01f6bb
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bfe479613043ab7e6c069b9d58ed5d0d7067ece841ed6ee251eabc18bc84a8b
4c7737989e9c7e31a0d1a45a015617434917f5a5391de57bcfe9c8e65884f6f5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e07bb6e96fa838f7ba559933a5babee266b5a4707d97c1087d7f684fc1aebb7
503f24dc990e977e49bba6e6bd5f531369ed113dee1f5709bbfcafdf218cd564
52b820ec8aeb3a3c3bea398dd48a7528f7c5f947bec8358bd8184ff1d6364eb9
53e27c0582b14ea503859df9f06237da3e1612358dcf59aa96f592d7ddb3a649
546cb27a1bd509dbf2e6afedf6df6f2604c8decbf7106bdac19556ef630cc86d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5610744cd9813aaf6449d2d370b836504250a4a5ed72e33c13aea0d8c076fe55
58d066548314e4827f298403cb806d759ce7dbefb2bff05318803126cfe9347a
5936f1e9aa3fb341b78037f22cd73f336ca17ebdee77939721b7077c6f877384
59e733587bdaa16af3070b148a138e2b5893f8c32d0e2339a062e985f557ec9e
5a2a478dc89a1366c81fe6243501ccab9894e6c1ea7910fbe4fdac2ddaf91399
5a4c618ffded08a9f7158c3feb92caf7ab70bc26a6bc2daecdffc2b62bd989eb
5a7d04c17380fd90e3a151c2fc86abbc511315602131ddbad36e2cfe19e16be2
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b3508f28ad80feb576703721d40432fc14481c442e325f934308be70071c566
5c4e87e435963e0b0368f5c833d6854fdd822c64bd74399f3e6463836f4c7774
5c870b2ffb5eb2572888daa52f04694f3ab9360a22fd2364205f70f2c56e823e
5cf4a36d031057b755304d48f481e398f888f141253952ff2051b01a04f5c3c7
5d186172059c67e5f0f612c73126b60c8f009625df963609e52eacc13bff1716
5dd75b5bba5e2bd1cf33cefbd518996a909b4545de0c57c935421bf7738cf59c
5e5b0d7b5d78eac3d3f6eae2c714bf7fdbca187893ffb605361e37501501e2bd
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f2c630eac683a05568f1ee415d990cc19cab5335b20d43dc89a808cc6a2b18d
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
608dd9cf6c2cb8390d97cf01231ce7933d10ff37655e554145fa0430d637099a
6110a5ecff3c0385ba2075033cb9c5ed2af475fb8e744a2e14ef0b0b358f0b4e
6165bc0b09f74c0b44ce163f3d7e87ab0b6be6f5f9299762cc98aed634c0eea3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63983442de9f5d4f00b100db3a312dd4e51f06c47fb8016a3bc45e0ef4c96c10
6501ec5e7f85a81a50d53261a6c32ac8b18ed0db6b88b5448253b81e4900938f
6545d11bfc11d99e07568ae19dfa405b5356e4ccafa9553bc764a7cb35685247
65ae706784e2d0ca5871561d18f8285a329a161921baede5fa0aac50634be272
6b9ccf89d948b3c46f6aca1b17f4eac5d0fa1e0cc7eaf59c51e66899528868a5
6d67834e2a76646c456c087ce42a6bd6b6b0c85c88dd9918618a8b4c563c2bdf
6dbc3ef5fce61dc527014036064c57d9b689feba149d0702d2266493bec48dd6
6e9f4b8e81c33a622095b626423f95e59b69982a489d0e3715f2b72689cc12e7
6fb4c4a2c82b150fe85cb124f6e62f13cbd8e9e6f31b07c8326ff21b2b649c9d
70fbd157f02619ebe2855feece0c0ad7790d532005d08d8180423892e89a1a54
71d2368ab8b35de74dd6c95e2943e3bac445d016b06aad36d8f751c717ab73f1
72c422538317d07ee3db85b7228df2caae94ef74575548415c9a82c039e8521a
73bbec0fbcb91740b1cf134b658933ae20b42b05b6adb3eaa0a1517e0610a4c7
744737619718dfd26556ef57c89ed6dce918dec58a95cba9e81c8596c383c016
7522e73eed19718737730ddbbf027080615b679be449ac1fd0728c45d9fe9c67
75ac4e028f831bac0f5c334229d0ea0008dd3578d2608bb7c289618e2fadbb6c
7637f429971134fe246556fa82e83f59df54dcfea721fa1af379f039b0dbacbb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b39e3eb65c88e981b8c0bc61a178170b86e379d7b1352a26b3715061a376cc1
7dae96a685aa637f08f3fbf32cf31f40c4118c19915468f44156492e8e5eb5d2
7e26854636676991f1d950121ab8e5e484ede7d67dc896dd2d6a9d4d607d8e7d
7e909e7516aa32244e3cd4aada2e3c562c6541c1980b34578aa43429bc7eb8c7
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
81375e92569856315b7494250403f5cc2167c3f0986dbe2b8e0bfbd12e38fa4d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8470e402e199aa8900f6790a3f009342fa473487270699025d9ffc03eb681a47
867f5a29853ddd710b7c6485ff7c0f294d6dde33817c68e84535fb68572ffe8b
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
872f4fde8b21d5105a83ba13988aa60224eae251b1708dec3062160b72d30736
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405
87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b
8905266d1316b46377e0995186ec59a76d4c958bda2adf544830a0348cf9de69
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a2bde25893b4b6a6a58ff029186a928a9a4a94c492de067f9258527ee68c090
8b059866ad3488075da41c875c6940d76c36487fe7e676d8adfecba81f626f52
8cb89315c6662f6cbf3b845596bc528e49772043fdfc930b57fea23f5508dbde
8da32af77026023e902dd9fe5612041380d371b1703ca79f49fadd43091f28d5
8e4a37605d230b2579041a9557f1f231274756f1e8aad0af0d5f54579180dbbe
8fe7e50776c5c980817efaf67811744ab980e2d532077c7478b751aa62c4ee3f
90f8bcb4f8f636d81651fff2070a14e8edd24a36b5ebf6ddaec4cccd86d23f99
9247384795a7d8bc08e536e1ce19afdae3816203a25d5b18686732c684de2cbc
9248ef5db07daf1037b001b1ea7ffdba722f041064f30555795fdb12a4dcf1b6
9497fc65b292e54f32dd938045eb47c215ad2d18d340a7b951507cd78847230d
95b4cc7d218e5c13e0978dd270e96ace119028dd04f6ee9d8654e1aed2b17055
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9963485ccb8a760a4dd0df41b5e63c36f28bd143313de3f9c09b096ebdbb8ee0
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9dd794fdd1f42542b9d2b7dbaf47eb311b127ffecfc750b63b98f6e253deb2ac
9f4440116c1058bd77df3d46c84e0e807731b5302cda5c190dfd233e8de516a5
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a18428bfc3bfe377da6f59024d3652e01d251f6db172dc26f1ce079ec3d785fd
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e29750f158dda342495aa7dfa441bf26cbcdd3733b3380664c7217558fcf2d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a950c8f077e3743e3a26ca51d7cb1cafaf516db1c0675c118dc4e88d5683ccdb
ad29d581f66dca4c419fe6db02d4e1d8fcb7d5ba8e622cd1efcd34fb549ba410
adeecdb7e0d39a26f32484b32e44031de09a26aae5468623f7763121e3134ff9
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af463b25ee108e48338456299a263e94b53b302b4524916661513e22dd773850
b0f96a3730041605b139ca2d15e29a36c55e49058ba2b72ee4d09b5e4ca210c1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d49815df7a850995ec645f00d86538b42ce60183891c700f2ccda62865b586
b23b7d607587510729c1b3d471d5f439c7c9cc7f09330cdfcafe71b93643a66c
b263c88d66eaf36f4c24455566d6c95dc1f89046f96857b524347af85f0df8a9
b27bb8d4b5e0f19de5a5351b6414c68acf6e77af3c835af37abf05a278af431a
b363b21bc03d5188a43ede2219616eaade9819d6b10f395ad66c7ee60c71ace2
b582241ffa7014cc1eeeaa9535d51a9bc1c90d301aa54da3e6bb24158942abf7
b8af85ef87938ad7700489d3cd359313ff3d80516be01ddc83d7aebf22e4b51c
b8c2da6bd2f3582064a5940c8ccd629df54724ef45fe7855b3e81bd33b09a98c
bcecd4d2840be48a76a5e7a25407e50d2cb0bf1dfbcd8fb2b2df5673acf1c499
be20ed92daf4ecc810431c4ffd9ce86dbf16b6419b6598fd0f1360891a99bed7
be4935421aadaaba628730107485dca2d34b7202b66be0a570f304c9ad3f9ebf
c0e75d516d2a49e0010b6fbac09d57500dc1100950ccb87cec49723b8b2a13eb
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c454e9ab422a8d322d36521d9a675279c9b2dcf9e69190afa80a214a071a943e
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
c70027927288db02a742e9cb0e86209ff579e22d57b86c28c8575e68b81bf547
c7360a9b46fde11845b3090ca0034fb409d92398a71f3ae15fac3a2fa29ae6cc
c7713b8d21a05ea3955dc90bc5324656a0ee6e17d1fc62cfdefab257233ddc59
c8dcadd2d21c984aa60a8a3b0a86ccb2f83e05511a73504003e545a843c47dfc
c8e1c6b1e9b3ed63415f431645a5c779d0ba94f6f4c19a9cf6ee46b394214888
ca091135c3c6f3fe1ed86d64a0732d54ea8e64360d647fae2c11489e8b982781
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc4a24343453dade693425b91011387b5fd283d8ebee5618ed2b45994bfc4324
d2309bfb9c758a3d936b80f8975931274e31f05aabe061321dd472f47699bc96
d640124fbc5a916f391cb5e878ee4da7d83945e35f1fa10f1414756a671d58ea
d761cb302ae0fe615a51d476ca388877e78917a2aa90f0681721eae3ce36d49a
d8c28172fa09f349dec1abc436938754ed54798c9da7387ae27978fdf81ba992
d9382d4fcab998a51ee41eb3dd5ec92cd03fa275d97c20c09d92d472762283f5
d93e6d083e6ea77cc061e32cd4f3d05e56f615c380a5c54b1b3b460ca71624cb
d9721f4873c303901bec4062a132985977303062c4b838979ee6215f180d8eb8
db6e227c51b78203752bdc36a19b414161c5beae47cc0cdf2ff9f5c89f4f2526
dd7165cf2226a424245aa77c1d64e421ecfe5b0efb6dd7ce433970ad18886994
dfaa9b38b6961e041aa90677d76e0ea5a4fd7ac176ba83694b18d57d809fd57e
e10411a43ed1dd792677b99a20c9c846da6b650a2829cd5b217e5c68f8e7c00b
e127b3ec8c4e1c29379b4a9dd0d0e825c55aee6d1238afe1afc8852b77bd0999
e2d868f56353cfa8f98f458b5bb7edf7585e67750a7dc681947d86c10f680499
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b362f3c21e01a037dcf460a48574584284b724727b887ddd0845eeda2c5dd9
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
ee75ba258c882615cf0b854c49a29dd3ce2638df011284db2e985d9b85cae9e6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef766e866b578d232c41912d71d6201031d7c4ce2187bf33a8e235691508277e
efcc1d34612d16e693d220906dc11cb47cc4a11b1516bd64f1ff50ed3d149098
eff8407713a4db64425aa277a1cf6b097b72cc3b1b0fbafb04a1cb24066ec61f
f04080438e4ceab5f8376ee585870361b54e9069e6fd51af7366533203650bcd
f0f7c6efc47f17526221e7762fe332cd35fe5502681fe660c6ea099a99b5dbb7
f111c56dca71d8cd8a56558a01e25405ebb715ee51460296ace34cf362fa7e58
f3bc3507d77b34a48e817723a451b72bc74574c79d7a2a18a8f7585b1ff8f407
f4adb8463ef46189ad0d99ff804fe3269e998acaa7bb29a73c2e2d361a06a7d7
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f78c876275e6f1e882e7c513e0de8150c1e8cdd223c41f4a5aa6a3b865631134
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
f9368b3b0e25ba234c55fde374503f196f6a17b9d6bb8812512acd81512735ee
fa9391fe5fc500124fc0aca209ae569b3678607a370ac47979cbb14d637a6882
fb957c9ca9d9aef155343aa1f0d4c6e4f47e722932a48e5a85048e4f7492b51b
fcdebe4cae587dd02b16b1ec7eea1c94a78d4751eaf0a384c407cd738bf56cd1
fe044d6dfebeebc4596d2368689904ee2618d0ac4180d9dcf008c218d6fa8089
feeaec1e1a67cf2c7c1f92e98b8b8be38d1dff9a6eb52f4453f7fc692e94cb09
ffb5d470368b7f780c16825e9b6eceb6ffd9d9fc900280a66b7889af614cb0b3