www.theepochtimes.com Open in urlscan Pro
151.139.128.11 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Submission: On February 06 via manual (February 6th 2023, 1:47:46 pm UTC) from US — Scanned from DE

Summary HTTP 287 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 56 IPs in 6 countries across 41 domains to perform 287 HTTP transactions. The main IP is 151.139.128.11, located in United States and belongs to STACKPATH-CDN, US. The main domain is www.theepochtimes.com. The Cisco Umbrella rank of the primary domain is 48034.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 24th 2022. Valid for: a year.

This is the only time www.theepochtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
29	34.102.198.207 34.102.198.207	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
16	193.108.153.24 193.108.153.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.224.103.75 13.224.103.75	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
78	2606:4700::68... 2606:4700::6812:1d65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:400d:808::200e	15169 (GOOGLE) (GOOGLE)
1	34.110.129.224 34.110.129.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.201.68.206 35.201.68.206	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
5	4.7.168.74 4.7.168.74	3356 (LEVEL3) (LEVEL3)
2 9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
2 2	2606:4700:20:... 2606:4700:20::ac43:4549	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12 20	2606:4700:20:... 2606:4700:20::681a:832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	13.224.103.60 13.224.103.60	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2190:2e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.117.44.170 18.117.44.170	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2016	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:4f:1... 2620:1ec:4f:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:219... 2600:9000:2190:1400:11:652e:c280:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
9	2606:4700::68... 2606:4700::6812:1bac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e0:... 2606:4700:e0::ac40:6013	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.228.92.45 3.228.92.45	14618 (AMAZON-AES) (AMAZON-AES)
3 3	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 2	54.200.220.102 54.200.220.102	16509 (AMAZON-02) (AMAZON-02)
3 3	18.213.140.229 18.213.140.229	14618 (AMAZON-AES) (AMAZON-AES)
2 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3 3	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	18.193.251.179 18.193.251.179	16509 (AMAZON-02) (AMAZON-02)
1	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:11a... 2a02:26f0:11a::217:9a73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700:e0:... 2606:4700:e0::ac40:6113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:11a... 2a02:26f0:11a::217:9a71	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	52.218.213.80 52.218.213.80	16509 (AMAZON-02) (AMAZON-02)
1 4	52.5.212.88 52.5.212.88	14618 (AMAZON-AES) (AMAZON-AES)
1	2400:52e0:1e0... 2400:52e0:1e00::1078:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2600:9000:205... 2600:9000:2057:1e00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b110:a59:b678:f846:a75d	14618 (AMAZON-AES) (AMAZON-AES)
1	34.232.54.150 34.232.54.150	14618 (AMAZON-AES) (AMAZON-AES)
1	54.159.56.141 54.159.56.141	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	52.32.66.192 52.32.66.192	() ()
3	35.71.131.137 35.71.131.137	() ()
287	56

22 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

www.theepochtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 34.102.198.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.198.102.34.bc.googleusercontent.com

subs.theepochtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 193.108.153.24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-24.deploy.static.akamaitechnologies.com

img.theepochtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.103.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-75.zrh50.r.cloudfront.net

cdn.moengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

78 2606:4700::6812:1d65 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ganjing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gw.ganjing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:808::200e (Ireland)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.110.129.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.129.110.34.bc.googleusercontent.com

pwe.epochbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.68.206 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 206.68.201.35.bc.googleusercontent.com

www.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 4.7.168.74 (Naples, United States)

ASN3356 (LEVEL3, US)

ea.epochbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4549 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.remarketstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:20::681a:832 (United States) 12 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.103.60 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-60.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:2e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.117.44.170 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-117-44-170.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2001 (Ireland)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2016 (Ireland)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4f:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:1400:11:652e:c280:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk-02.moengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:1bac (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.cloudokyo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image1-us-west.cloudokyo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image3-us-west.cloudokyo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image4-us-west.cloudokyo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e0::ac40:6013 (United States)

ASN13335 (CLOUDFLARENET, US)

services.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.228.92.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-92-45.compute-1.amazonaws.com

api-a.ganjingworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.248.159 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.200.220.102 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-220-102.us-west-2.compute.amazonaws.com

a.usbrowserspeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.213.140.229 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-140-229.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.153 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.193.251.179 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-251-179.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:11a::217:9a73 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

media3-us-east.cloudokyo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e0::ac40:6113 (United States)

ASN13335 (CLOUDFLARENET, US)

subsapi.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:11a::217:9a71 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

media1-us-west.cloudokyo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.213.80 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.5.212.88 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-212-88.compute-1.amazonaws.com

tags.wdsvc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1078:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:1e00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:a59:b678:f846:a75d (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.54.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-54-150.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.159.56.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-56-141.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.32.66.192 (None, )

ASN- ()

ckjjzdn8vk.execute-api.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (None, )

ASN- ()

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	ganjing.com www.ganjing.com — Cisco Umbrella Rank: 650333 gw.ganjing.com — Cisco Umbrella Rank: 825391	2 MB
67	theepochtimes.com www.theepochtimes.com — Cisco Umbrella Rank: 48034 subs.theepochtimes.com — Cisco Umbrella Rank: 75120 img.theepochtimes.com — Cisco Umbrella Rank: 29679	2 MB
20	clickcertain.com 12 redirects a.clickcertain.com — Cisco Umbrella Rank: 3463	14 KB
14	cloudokyo.cloud tracking.cloudokyo.cloud — Cisco Umbrella Rank: 791691 image1-us-west.cloudokyo.cloud image3-us-west.cloudokyo.cloud image4-us-west.cloudokyo.cloud media3-us-east.cloudokyo.cloud media1-us-west.cloudokyo.cloud	2 MB
13	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 static.doubleclick.net — Cisco Umbrella Rank: 214 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	9 KB
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	15 KB
8	google.de www.google.de — Cisco Umbrella Rank: 5986	946 B
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 76	833 KB
7	liadm.com 4 redirects i.liadm.com — Cisco Umbrella Rank: 573 b-code.liadm.com — Cisco Umbrella Rank: 2573 rp.liadm.com — Cisco Umbrella Rank: 1488 rp4.liadm.com — Cisco Umbrella Rank: 6738 idx.liadm.com — Cisco Umbrella Rank: 2065	16 KB
7	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 189 fonts.googleapis.com — Cisco Umbrella Rank: 34	598 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	159 KB
6	epochbase.com pwe.epochbase.com — Cisco Umbrella Rank: 98979 ea.epochbase.com — Cisco Umbrella Rank: 70126	1 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1200 j.clarity.ms — Cisco Umbrella Rank: 8481 c.clarity.ms — Cisco Umbrella Rank: 1691	25 KB
5	adnxs.com 3 redirects acdn.adnxs.com — Cisco Umbrella Rank: 534 ib.adnxs.com — Cisco Umbrella Rank: 203 secure.adnxs.com — Cisco Umbrella Rank: 409	7 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	336 KB
4	wdsvc.net 1 redirects tags.wdsvc.net — Cisco Umbrella Rank: 31085	29 KB
4	epoch.cloud services.epoch.cloud — Cisco Umbrella Rank: 81962 subsapi.epoch.cloud — Cisco Umbrella Rank: 73771	5 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 351 c.bing.com — Cisco Umbrella Rank: 241	14 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21 region1.google-analytics.com — Cisco Umbrella Rank: 2456	20 KB
3	adsrvr.org insight.adsrvr.org	781 B
3	amazonaws.com s3-us-west-2.amazonaws.com ckjjzdn8vk.execute-api.us-west-2.amazonaws.com	38 KB
3	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	1 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 412	1 KB
3	ganjingworld.com api-a.ganjingworld.com — Cisco Umbrella Rank: 939646	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 148	773 B
3	moengage.com cdn.moengage.com — Cisco Umbrella Rank: 19329 sdk-02.moengage.com — Cisco Umbrella Rank: 11501	56 KB
2	usbrowserspeed.com 2 redirects a.usbrowserspeed.com — Cisco Umbrella Rank: 7708	485 B
2	remarketstats.com 2 redirects a.remarketstats.com — Cisco Umbrella Rank: 39929	1 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 979 pixel.quantserve.com — Cisco Umbrella Rank: 676	10 KB
1	pushengage.com clientcdn.pushengage.com — Cisco Umbrella Rank: 17841	28 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 167	2 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	36 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 229	5 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 623	726 B
1	t.co t.co — Cisco Umbrella Rank: 531	377 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 904	448 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 625	15 KB
1	cloudfront.net d31qbv1cthcecs.cloudfront.net	2 KB
1	youmaker.com www.youmaker.com — Cisco Umbrella Rank: 69509	212 B
0	alexametrics.com Failed certify.alexametrics.com Failed
287	41

	Domain	Requested by
54	www.ganjing.com	www.theepochtimes.com www.ganjing.com
29	subs.theepochtimes.com	www.theepochtimes.com subs.theepochtimes.com
24	gw.ganjing.com	www.ganjing.com
22	www.theepochtimes.com	www.theepochtimes.com
20	a.clickcertain.com	12 redirects www.theepochtimes.com a.remarketstats.com a.clickcertain.com
16	img.theepochtimes.com	www.theepochtimes.com
9	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com www.youtube.com
9	www.google.com	1 redirects www.theepochtimes.com www.youtube.com
8	www.google.de	www.theepochtimes.com
8	www.youtube.com	www.theepochtimes.com www.youtube.com
6	tracking.cloudokyo.cloud	www.ganjing.com tracking.cloudokyo.cloud
5	ea.epochbase.com	www.googletagmanager.com subs.theepochtimes.com
5	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
5	www.googletagmanager.com	www.theepochtimes.com www.googletagmanager.com
4	tags.wdsvc.net	1 redirects tags.wdsvc.net
4	jnn-pa.googleapis.com	www.youtube.com
3	insight.adsrvr.org
3	media3-us-east.cloudokyo.cloud	www.ganjing.com
3	x.bidswitch.net	1 redirects a.clickcertain.com
3	secure.adnxs.com	3 redirects
3	i.liadm.com	3 redirects
3	pixel.tapad.com	3 redirects
3	api-a.ganjingworld.com	www.ganjing.com
3	fonts.googleapis.com	www.ganjing.com
3	sb.scorecardresearch.com	1 redirects www.theepochtimes.com
3	bat.bing.com	www.theepochtimes.com bat.bing.com
3	www.google-analytics.com	www.theepochtimes.com www.google-analytics.com
2	ckjjzdn8vk.execute-api.us-west-2.amazonaws.com	s3-us-west-2.amazonaws.com
2	c.clarity.ms	1 redirects
2	media1-us-west.cloudokyo.cloud	www.ganjing.com
2	subsapi.epoch.cloud	www.theepochtimes.com
2	cm.g.doubleclick.net	2 redirects
2	a.usbrowserspeed.com	2 redirects
2	services.epoch.cloud	www.theepochtimes.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	sdk-02.moengage.com	cdn.moengage.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	a.remarketstats.com	2 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	idx.liadm.com	b-code.liadm.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	b-code.liadm.com	s3-us-west-2.amazonaws.com
1	clientcdn.pushengage.com	www.theepochtimes.com
1	s3-us-west-2.amazonaws.com	www.theepochtimes.com
1	www.googleadservices.com	www.googletagmanager.com
1	c.bing.com	1 redirects
1	j.clarity.ms	www.clarity.ms
1	image4-us-west.cloudokyo.cloud	www.ganjing.com
1	image3-us-west.cloudokyo.cloud	www.ganjing.com
1	image1-us-west.cloudokyo.cloud	www.ganjing.com
1	pixel.quantserve.com	www.theepochtimes.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	analytics.twitter.com	www.theepochtimes.com
1	t.co	www.theepochtimes.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.theepochtimes.com
1	ib.adnxs.com	www.theepochtimes.com
1	rules.quantcount.com	secure.quantserve.com
1	acdn.adnxs.com	www.theepochtimes.com
1	static.ads-twitter.com	www.theepochtimes.com
1	d31qbv1cthcecs.cloudfront.net	www.theepochtimes.com
1	secure.quantserve.com	www.theepochtimes.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.youmaker.com	www.theepochtimes.com
1	pwe.epochbase.com	www.theepochtimes.com
1	cdn.moengage.com	www.theepochtimes.com
0	certify.alexametrics.com Failed	www.theepochtimes.com
287	69

This site contains links to these domains. Also see Links.

Domain
www.shenyun.com
www.shenyunperformingarts.org
www.facebook.com
twitter.com
www.shenyun.org
img.theepochtimes.com

Subject Issuer	Validity	Valid
*.theepochtimes.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-24` - `2023-06-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.moengage.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-18` - `2024-02-18`	a year	crt.sh
*.ganjing.com E1	`2022-12-10` - `2023-03-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.epochbase.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-17` - `2024-01-17`	a year	crt.sh
*.youmaker.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-24` - `2023-06-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
quantserve.com R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2022-09-12` - `2023-10-11`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-21` - `2023-12-21`	a year	crt.sh
ganjingworld.com Amazon	`2022-04-09` - `2023-05-08`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.cloudokyo.cloud Sectigo RSA Domain Validation Secure Server CA	`2022-06-30` - `2023-07-30`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2022-09-21` - `2023-08-24`	a year	crt.sh
*.pushengage.com AlphaSSL CA - SHA256 - G2	`2022-01-22` - `2023-02-23`	a year	crt.sh
tags.wdsvc.net Go Daddy Secure Certificate Authority - G2	`2022-11-03` - `2023-11-01`	a year	crt.sh
*.liadm.com Amazon	`2023-01-01` - `2024-01-30`	a year	crt.sh
*.execute-api.us-west-2.amazonaws.com Amazon	`2022-07-02` - `2023-07-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Frame ID: 27BCBE4D1CF37E68C688F4EA88A13D47
Requests: 132 HTTP requests in this frame

Frame: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Frame ID: AA86D5A114DE1984F5D02C2D3190DBD6
Requests: 39 HTTP requests in this frame

Frame: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Frame ID: 6A2E6511D92C7D847F78D714FEAC0E7B
Requests: 39 HTTP requests in this frame

Frame: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Frame ID: EB98C46BA573D4362AF91623E3036811
Requests: 37 HTTP requests in this frame

Frame: https://www.youtube.com/embed/zTAtXS8E_Do?wmode=transparent&wmode=opaque
Frame ID: 66620B817BA7273E3DA30C6B096FFA9B
Requests: 20 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&cn=DE
Frame ID: 328F042E4CA687A6230857C1F50AC927
Requests: 4 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&cn=DE
Frame ID: 16301302B990088587C162CA510A0B91
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Musician Moved by Hope and Beauty in Shen Yun Performance in Nashville

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

MoEngage (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.moengage\.\w+

PushEngage (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

clientcdn\.pushengage\.\w+/core

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

287
Requests

92 %
HTTPS

50 %
IPv6

41
Domains

69
Subdomains

56
IPs

6
Countries

8738 kB
Transfer

22868 kB
Size

58
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: http://www.shenyun.com/
Title: SHENYUN.COM

Search URL Search Domain Scan URL

URL: http://www.shenyunperformingarts.org/tickets
Title: Find a show near you

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html?utm_campaign=socialshare_fb&utm_source=facebook.com

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html?utm_campaign=socialshare_twitter&utm_source=twitter.com&via=epochtimes

Search URL Search Domain Scan URL

URL: https://www.shenyunperformingarts.org/news/view/featured/page/3?/reviews/view/popup-article/e/q9AVmASQQP4
Title: singing

Search URL Search Domain Scan URL

URL: https://www.shenyun.org/news/view/article/e/hsm8Sx5SN0Q/composing-east-west.html
Title: orchestra

Search URL Search Domain Scan URL

URL: https://www.shenyunperformingarts.org/explore/category/classical-chinese-dance
Title: the dancers

Search URL Search Domain Scan URL

URL: https://www.shenyunperformingarts.org/
Title: Shen Yun

Search URL Search Domain Scan URL

URL: https://img.theepochtimes.com/assets/uploads/2023/02/04/14-20230203-730pm-Nashville-Yawen-Lawyer-2-1200x800.jpg

Search URL Search Domain Scan URL

URL: https://www.shenyun.org/news/view/article/e/AoMskXVVHeU/shen-yun-creations-transcending-persecution.html
Title: Shen Yun

Search URL Search Domain Scan URL

URL: https://www.shenyun.org/our-story
Title: Shen Yun

Search URL Search Domain Scan URL

URL: https://www.shenyunperformingarts.org/explore/view/all
Title: 5,000 years

Search URL Search Domain Scan URL

URL: https://img.theepochtimes.com/assets/uploads/2023/02/04/05-20230203-730pm-Nashville-SherryDong-VP-and-professor-2-1200x800.jpg

Search URL Search Domain Scan URL

URL: https://www.shenyunperformingarts.org/news/view/article/e/owScIs8qYjc/what-is-falun-dafa-dyk.html
Title: current events

Search URL Search Domain Scan URL

URL: https://img.theepochtimes.com/assets/uploads/2023/02/04/11-20230203-730pm-Nashville-Yawen-Company-President-2-1200x800.jpg

Search URL Search Domain Scan URL

URL: https://www.shenyun.org/explore/category/digital-projection-backdrop
Title: performance

Search URL Search Domain Scan URL

URL: https://www.shenyunperformingarts.org/classical-chinese-dance-music-costumes-singers-and-more
Title: Shen Yun Performing Arts

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html HTTP 302
https://a.clickcertain.com/px/smart/a/?c=244b81b94c69796&seg=musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html HTTP 302
https://a.clickcertain.com/px/?c=244b81b94c69796

Request Chain 87

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 229

https://a.clickcertain.com/px/ta/?ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=7e47b2d0-ef3e-4147-ab78-338c606740e7&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=7e47b2d0-ef3e-4147-ab78-338c606740e7&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://a.clickcertain.com/px/ta/?done=true&ta_id=865eafce-2c98-4a27-9c64-388146cfe6c0

Request Chain 230

https://a.usbrowserspeed.com/cs?puid=1e1a275e-0168-563d-b881-609c9ef32ab4&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d HTTP 302
https://a.clickcertain.com/px/t/?done=true&uid=a0539d18-de23-40be-8747-17efa8f0f618&hem=

Request Chain 231

https://a.clickcertain.com/px/r/?ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7 HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=7e47b2d0-ef3e-4147-ab78-338c606740e7&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d7e47b2d0%25252def3e%25252d4147%25252dab78%25252d338c606740e7%252526anx_uId%25253d%252524UID HTTP 303
https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d7e47b2d0%25252def3e%25252d4147%25252dab78%25252d338c606740e7%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=7e47b2d0-ef3e-4147-ab78-338c606740e7&_li_chk=true&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&previous_uuid=6fb3cc493bdb40d19c2efb9319896bdc HTTP 303
https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d7e47b2d0%252def3e%252d4147%252dab78%252d338c606740e7%2526anx_uId%253d%2524UID&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d7e47b2d0%2def3e%2d4147%2dab78%2d338c606740e7%26anx_uId%3d%24UID HTTP 302
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D7e47b2d0%2Def3e%2D4147%2Dab78%2D338c606740e7%26anx_uId%3D%24UID&google_gid=CAESECmOvSpP_SWWYAE7HFYUfPY&google_cver=1 HTTP 302
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&anx_uId=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D7e47b2d0-ef3e-4147-ab78-338c606740e7%26anx_uId%3D%24UID HTTP 302
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&anx_uId=2914621564580346733 HTTP 302
https://x.bidswitch.net/sync?dsp_id=179&user_id=7e47b2d0-ef3e-4147-ab78-338c606740e7&expires=5&user_group=0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=7e47b2d0-ef3e-4147-ab78-338c606740e7&expires=5&user_group=0

Request Chain 268

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=3272B255934146CF901A24F8BF78B455&RedC=c.clarity.ms&MXFR=3A2163A195CB64173585711191CB6AD6 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=3272B255934146CF901A24F8BF78B455&MUID=3F9FEC73886966FD1783FEC389C367BE

Request Chain 272

https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html HTTP 302
https://a.clickcertain.com/px/smart/a/?seg=musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&c=244b81b94c69796 HTTP 302
https://a.clickcertain.com/px/?c=244b81b94c69796

Request Chain 273

https://tags.wdsvc.net/controller.js?id=100415 HTTP 302
https://tags.wdsvc.net/container.js?id=100415&v=4.10&t=1675691262522

Request Chain 274

https://sb.scorecardresearch.com/c2/24003086/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 276

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855967303/?random=2064278906&cv=11&fst=1675691262151&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&value=0&auid=969631595.1675691259&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=_gThY-66DtDR1gaD2rbIBA&sscte=1&crd=&eitems=ChEIgOeCnwYQwOSKueKEpcbiARIdAG0XhA1Voud-Z9rhiQ5dc4AcICuOTOVrVw7uy_I&pscrd=Ek5DaEVJZ09lQ253WVF5cExGN1ppdHk2LW9BUklsQUxsZHJiQzhjeWJ4QkhWT1lxMVlNX2hWZk4xNkVxZjJsaXJESEw5NHExS2hsUDZKT1EaV0NoQUlnT2VDbndZUTFjemx3dUszbUxRX0VpMEFyQWlyV1BmN0NVenFPV2xQVEh0Z1RlWWkzNm54QXFoWDBIODR4VmpENXNmR1BRWko5dTRVbndWTFRjRQ HTTP 302
https://www.google.com/pagead/1p-conversion/855967303/?random=2064278906&cv=11&fst=1675691262151&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&value=0&auid=969631595.1675691259&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ09lQ253WVF5cExGN1ppdHk2LW9BUklsQUxsZHJiQzhjeWJ4QkhWT1lxMVlNX2hWZk4xNkVxZjJsaXJESEw5NHExS2hsUDZKT1EaV0NoQUlnT2VDbndZUTFjemx3dUszbUxRX0VpMEFyQWlyV1BmN0NVenFPV2xQVEh0Z1RlWWkzNm54QXFoWDBIODR4VmpENXNmR1BRWko5dTRVbndWTFRjRQ&is_vtc=1&ocp_id=_gThY-66DtDR1gaD2rbIBA&cid=CAQSKQDUE5ymZm9FJRNwLJ8cJOmf9kIw0K8iJIFC0GtzQ3Z8dB85vKPPPfsw&eitems=ChEIgOeCnwYQwOSKueKEpcbiARIdAG0XhA0IkVNcClIf_feHnx-RGEEyNudGwxkZblQ&random=2871523201 HTTP 302
https://www.google.de/pagead/1p-conversion/855967303/?random=2064278906&cv=11&fst=1675691262151&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&value=0&auid=969631595.1675691259&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ09lQ253WVF5cExGN1ppdHk2LW9BUklsQUxsZHJiQzhjeWJ4QkhWT1lxMVlNX2hWZk4xNkVxZjJsaXJESEw5NHExS2hsUDZKT1EaV0NoQUlnT2VDbndZUTFjemx3dUszbUxRX0VpMEFyQWlyV1BmN0NVenFPV2xQVEh0Z1RlWWkzNm54QXFoWDBIODR4VmpENXNmR1BRWko5dTRVbndWTFRjRQ&is_vtc=1&ocp_id=_gThY-66DtDR1gaD2rbIBA&cid=CAQSKQDUE5ymZm9FJRNwLJ8cJOmf9kIw0K8iJIFC0GtzQ3Z8dB85vKPPPfsw&eitems=ChEIgOeCnwYQwOSKueKEpcbiARIdAG0XhA0IkVNcClIf_feHnx-RGEEyNudGwxkZblQ&random=2871523201&ipr=y&prhg=0

Request Chain 278

https://a.clickcertain.com/px/ta/?ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=7e47b2d0-ef3e-4147-ab78-338c606740e7&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://a.clickcertain.com/px/ta/?done=true&ta_id=865eafce-2c98-4a27-9c64-388146cfe6c0

Request Chain 279

https://a.usbrowserspeed.com/cs?puid=1e1a275e-0168-563d-b881-609c9ef32ab4&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d HTTP 302
https://a.clickcertain.com/px/t/?done=true&uid=a0539d18-de23-40be-8747-17efa8f0f618&hem=

Request Chain 280

https://a.clickcertain.com/px/r/?ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7 HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=7e47b2d0-ef3e-4147-ab78-338c606740e7&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d7e47b2d0%25252def3e%25252d4147%25252dab78%25252d338c606740e7%252526anx_uId%25253d%252524UID HTTP 303
https://a.clickcertain.com/px/li/?ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d7e47b2d0%252def3e%252d4147%252dab78%252d338c606740e7%2526anx_uId%253d%2524UID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d7e47b2d0%2def3e%2d4147%2dab78%2d338c606740e7%26anx_uId%3d%24UID HTTP 302
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D7e47b2d0%2Def3e%2D4147%2Dab78%2D338c606740e7%26anx_uId%3D%24UID&google_gid=CAESECmOvSpP_SWWYAE7HFYUfPY&google_cver=1 HTTP 302
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&anx_uId=$UID HTTP 302
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&anx_uId=2914621564580346733 HTTP 302
https://x.bidswitch.net/sync?dsp_id=179&user_id=7e47b2d0-ef3e-4147-ab78-338c606740e7&expires=5&user_group=0

Request Chain 283

https://rp.liadm.com/j?dtstmp=1675691263173&se=e30&duid=57b4458eb59c--01grkfq12chqx323b5bdbajr4d&tna=v2.6.0&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&wpn=lc-bundle HTTP 302
https://rp4.liadm.com/j?dtstmp=1675691263173&se=e30&duid=57b4458eb59c--01grkfq12chqx323b5bdbajr4d&tna=v2.6.0&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDEyOmI4NjU6NDYwZDpmMjQ1

287 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html Show response
www.theepochtimes.com/ 87 KB
19 KB 708ms
632ms Document
text/html 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

0737b1096b1bd010bf286d49154e99e22b0861f50c874d97f6caec5067f8cd80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=600
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 06 Feb 2023 13:47:38 GMT
server: nginx
x-cache-status: MISS
x-content-type-options: nosniff
x-device: desktop
x-hw: 1675691257.cds163.fr8.hn,1675691257.cds055.fr8.sc,1675691258.cds055.fr8.p
x-xss-protection: 1; mode=block

GET
H2 200 template.css
subs.theepochtimes.com/lib/ 3 KB
1 KB 190ms
137ms Stylesheet
text/css 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/lib/template.css?ver=20220518
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: faf65bcd4bbbe03627619eb646afbda21bbf0a74e5f2c17015aca7330b27caa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 01 Feb 2023 20:07:47 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/css; charset=utf-8
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 style.css
www.theepochtimes.com/assets/themes/eet/ 2 KB
1 KB 31ms
30ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/style.css?ver=20170224

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

8b0daf8b0fadec4104ec807b0f4432698777a2a61078c1cf38b91e1fb238ed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Dec 2021 16:22:38 GMT
server: nginx
x-microcachable: 0
etag: W/"61a7a14e-720"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds221.fr8.c
content-type: text/css
cache-control: max-age=600
accept-ranges: bytes
content-length: 913
x-xss-protection: 1; mode=block
x-device: desktop

GET
H2 200 global.css
www.theepochtimes.com/assets/themes/eet/css/ 41 KB
10 KB 31ms
31ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20230125

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

6506f4cc5b0125db66ac440560ef195636f56f744196ef9b0ee715417b6bf9a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 25 Jan 2023 22:55:10 GMT
server: nginx
x-microcachable: 0
etag: W/"63d1b34e-a3e9"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds164.fr8.c
content-type: text/css
cache-control: max-age=600
accept-ranges: bytes
content-length: 9852
x-xss-protection: 1; mode=block
x-device: desktop

GET
H2 200 genericons.css
www.theepochtimes.com/assets/themes/eet/css/genericons/ 51 KB
33 KB 39ms
38ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/css/genericons/genericons.css?ver=20220415

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

c76ffbd44647ad17ecb389ca25d271a4281f147b7e8276f13bdde5512c2c6ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Jan 2023 18:56:14 GMT
server: nginx
x-microcachable: 0
etag: W/"63bc634e-cb6f"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds098.fr8.c
content-type: text/css
cache-control: max-age=600
accept-ranges: bytes
content-length: 33469
x-xss-protection: 1; mode=block
x-device: desktop

GET
H2 200 syreview-global.css
www.theepochtimes.com/assets/themes/eet/css/ 14 KB
4 KB 645ms
645ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/css/syreview-global.css?ver=20211231

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

312bfda2e178bfe325c61f50b2a43a9f4b807776de8d13adfaf9c309aaacbb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Dec 2022 16:44:21 GMT
server: nginx
x-microcachable: 0
etag: W/"63a9cf65-388b"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds228.fr8.sc,1675691258.cds228.fr8.e
content-type: text/css
cache-control: max-age=600
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 single-syreview.css
www.theepochtimes.com/assets/themes/eet/css/ 9 KB
2 KB 649ms
648ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/css/single-syreview.css?ver=20230203

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

189a780f525a326043432b080d375db0482358f51303d25161a44f06f3c5816d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 16:57:49 GMT
server: nginx
x-microcachable: 0
etag: W/"63dd3d0d-2358"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds258.fr8.sc,1675691258.cds258.fr8.e
content-type: text/css
cache-control: max-age=600
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 print.css
www.theepochtimes.com/assets/themes/eet/css/ 4 KB
1 KB 67ms
64ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/css/print.css?ver=20230119

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

4e1ed3e7276bf8b560850c71198a44ab3eab8defcac282815de774d7fe395f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Jan 2023 20:51:26 GMT
server: nginx
etag: W/"63c9ad4e-f4f"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds290.fr8.c
content-type: text/css
cache-control: max-age=600
accept-ranges: bytes
content-length: 1236
x-xss-protection: 1; mode=block
x-device: desktop

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
76 KB 168ms
60ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2aa4f49d32c72d2872fd58f4ff09606906c3b4dc1bb632721107fdaaefd0606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77060
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Feb 2023 13:47:38 GMT

GET
H/1.1 200
OK syreview-header-banner-2023.jpg
img.theepochtimes.com/assets/themes/eet/images/shenyun/ 180 KB
181 KB 168ms
28ms Image
image/jpeg 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/themes/eet/images/shenyun/syreview-header-banner-2023.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 48802a9821531893534300fc83937ddb65b96274972a5ed70063d5f6718a3078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 13:47:38 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1289467
Content-Length: 184363
Last-Modified: Wed, 21 Dec 2022 00:03:23 GMT
Server: nginx
ETag: "63a24d4b-2d02b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31397217
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Sun, 04 Feb 2024 23:14:35 GMT

GET
H/1.1 200
OK edm-logo-2023.png
img.theepochtimes.com/assets/themes/eet/images/shenyun/ 31 KB
32 KB 170ms
30ms Image
image/png 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/themes/eet/images/shenyun/edm-logo-2023.png
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9055f93e91dfcce6dc69d95a489f3c24f6b30a346a5e4da168076e5d2b526425

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 13:47:38 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1289467
Content-Length: 32229
Last-Modified: Wed, 21 Dec 2022 00:03:29 GMT
Server: nginx
ETag: "63a24d51-7de5"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31109779
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Thu, 01 Feb 2024 15:23:57 GMT

GET
H2 200 share.png
www.theepochtimes.com/assets/themes/eet/images/shenyun/ 706 B
832 B 632ms
626ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/shenyun/share.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

27ebd972626ddfa63177e4dd073d790bf373726a080faf9ebf37b563a9530f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Dec 2022 14:45:08 GMT
server: nginx
etag: "63a46d74-2c2"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds051.fr8.sc,1675691259.cds051.fr8.e
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 706
x-xss-protection: 1; mode=block
x-device: desktop

GET
H/1.1 200
OK share-2023.jpg
img.theepochtimes.com/assets/themes/eet/images/shenyun/ 165 KB
166 KB 166ms
26ms Image
image/jpeg 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/themes/eet/images/shenyun/share-2023.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cb48f78552da3389169807e48d0286c47e999c18baf08262b39ee7fcbabec7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 13:47:38 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1289467
Content-Length: 169145
Last-Modified: Wed, 21 Dec 2022 21:55:21 GMT
Server: nginx
ETag: "63a380c9-294b9"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31299050
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Sat, 03 Feb 2024 19:58:28 GMT

GET
H2 200 link.png
www.theepochtimes.com/assets/themes/eet/images/shenyun/ 3 KB
3 KB 635ms
630ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/shenyun/link.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

139ca15ebf4f1cbb7858ab393d1bb9411cce901317c59acb7a2d2f30b5753a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Dec 2022 22:40:30 GMT
server: nginx
etag: "63a4dcde-af8"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds125.fr8.sc,1675691259.cds125.fr8.e
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2808
x-xss-protection: 1; mode=block
x-device: desktop

GET
H2 200 email.png
www.theepochtimes.com/assets/themes/eet/images/shenyun/ 1 KB
1 KB 637ms
632ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/shenyun/email.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

9d1cbb5ca33f3d1e2f5179edc5e0ac51975ac5f7b05c36c340c6ffb2567b0d81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Dec 2022 22:40:47 GMT
server: nginx
etag: "63a4dcef-550"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds238.fr8.sc,1675691259.cds238.fr8.e
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1360
x-xss-protection: 1; mode=block
x-device: desktop

GET
H2 200 facebook.png
www.theepochtimes.com/assets/themes/eet/images/shenyun/ 993 B
1 KB 184ms
179ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/shenyun/facebook.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

6b79087a577ea18b0d400cf7bffc4fb393adffe0fa3fffdde1c4687f8605697b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Dec 2022 22:40:30 GMT
server: nginx
etag: "63a4dcde-3e1"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds004.fr8.sc,1675691258.cds004.fr8.pr
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 993
x-xss-protection: 1; mode=block
x-device: desktop

GET
H2 200 twitter.png
www.theepochtimes.com/assets/themes/eet/images/shenyun/ 2 KB
2 KB 628ms
623ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/shenyun/twitter.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

caadba3769fc1035b841d7d194441098a5883f203ad1501837a78497d0355ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Dec 2022 22:41:05 GMT
server: nginx
etag: "63a4dd01-83a"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds320.fr8.sc,1675691259.cds320.fr8.pr
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2106
x-xss-protection: 1; mode=block
x-device: desktop

GET
H2 200 x.svg
www.theepochtimes.com/assets/themes/eet/images/shenyun/ 386 B
330 B 634ms
629ms Image
image/svg+xml 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/shenyun/x.svg

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

bef8a6b0abd844fce449dd12cf99dd3add3ed4dabaa9822270da359b5174c9c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Dec 2022 16:44:21 GMT
server: nginx
etag: "63a9cf65-182"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds240.fr8.sc,1675691259.cds240.fr8.pr
content-type: image/svg+xml
cache-control: max-age=315360000
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 share-silver.svg
www.theepochtimes.com/assets/themes/eet/images/shenyun/ 743 B
563 B 646ms
642ms Image
image/svg+xml 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/shenyun/share-silver.svg

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

1ecf9f90d652825de64101e89e99a59b2da53eccaa67a9efc5c86b976b185b42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Dec 2022 16:44:11 GMT
server: nginx
etag: "63a9cf5b-2e7"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds005.fr8.sc,1675691259.cds005.fr8.e
content-type: image/svg+xml
cache-control: max-age=315360000
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 15-20230203-730pm-Nashville-Yawen-Musician-Drummer-2-700x420.jpg
img.theepochtimes.com/assets/uploads/2023/02/04/ 50 KB
50 KB 481ms
337ms Image
image/jpeg 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2023/02/04/15-20230203-730pm-Nashville-Yawen-Musician-Drummer-2-700x420.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d6773630205280499f0360a8fb9cefdbd748a52dfcdcac8c4b068749ef4714e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 13:47:39 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1289467
Content-Length: 50704
Last-Modified: Sat, 04 Feb 2023 09:03:20 GMT
Server: nginx
ETag: "63de1f58-c610"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31535991
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Tue, 06 Feb 2024 13:47:30 GMT

GET
H2 200 white.png
www.theepochtimes.com/assets/themes/eet/images/ 95 B
224 B 60ms
57ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/white.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2017 20:15:25 GMT
server: nginx
etag: "59bae35d-5f"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds246.fr8.c
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 95
x-xss-protection: 1; mode=block
x-device: desktop

GET
H2 200 share-dark.svg
www.theepochtimes.com/assets/themes/eet/images/shenyun/ 743 B
561 B 629ms
626ms Image
image/svg+xml 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/shenyun/share-dark.svg

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

ee128a2172c11d4875ad80aee713d58f5afe8b5931cef4a2fea31d96ae08071b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Dec 2022 16:44:30 GMT
server: nginx
etag: "63a9cf6e-2e7"
x-cache-status: MISS
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds242.fr8.sc,1675691259.cds242.fr8.pr
content-type: image/svg+xml
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 431
x-xss-protection: 1; mode=block
x-device: desktop

GET
H2 200 EET_footer.png
www.theepochtimes.com/assets/themes/eet/images/ 7 KB
7 KB 67ms
64ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/EET_footer.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

38f915335fe629f2736910592b999a5cc13138f931118f5d67026b072c37d6b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Aug 2018 19:13:08 GMT
server: nginx
etag: "5b7db5c4-1d36"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds274.fr8.c
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7478
x-xss-protection: 1; mode=block
x-device: desktop

GET
H2 200 jquery-all.min.js Show response
www.theepochtimes.com/assets/themes/eet/js/ 98 KB
40 KB 30ms
30ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

25cad5d9e016ff8fc766034922a6ec515d37461b4ae089bd58d5ac964b85f247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 15:48:53 GMT
server: nginx
etag: W/"618d3b65-188fe"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds057.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=600
accept-ranges: bytes
content-length: 40721
x-xss-protection: 1; mode=block
x-device: desktop

GET
H2 200 bottom.min.js Show response
www.theepochtimes.com/assets/themes/eet/js/ 107 KB
34 KB 33ms
33ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/js/bottom.min.js?ver=202302032

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

24f1446d3e5e0e8f6f9d1b8e740f871c81ecb56f22044cf25ee7083fa509c081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 22:21:21 GMT
server: nginx
etag: W/"63dd88e1-1ac71"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds098.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=600
accept-ranges: bytes
content-length: 34588
x-xss-protection: 1; mode=block
x-device: desktop

GET
H2 200 api.bundle.js Show response
subs.theepochtimes.com/lib/ 317 KB
84 KB 143ms
140ms Script
application/javascript 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: c766e2d54c20077cfeecfd3e018f2353915846587286cdfddabc8e2b3a131966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 01 Feb 2023 20:07:47 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 moe_webSdk.min.latest.js Show response
cdn.moengage.com/webpush/ 193 KB
54 KB 134ms
32ms Script
application/javascript 13.224.103.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-75.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc702a12bc89a9a27cbe7ac664e90ea2e7e81afd2dc0345674599aa66af2ee13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:29:12 GMT
content-encoding: gzip
via: 1.1 d7147e532e5cf73689fcb39fa760bcf2.cloudfront.net (CloudFront)
last-modified: Fri, 20 Jan 2023 15:39:23 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 1106
etag: W/"52656c4a0890b44af54c358f6558d90e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-id: CefzyZpzC0FfCn5llp39KHrGxX8XieFeBWkn80MaHgdYJGMofD2Etw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 91ms
33ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 12:13:15 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5663
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 06 Feb 2023 14:13:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 249 KB
85 KB 223ms
119ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

28cba19b623eaa4975db177c15c82820f0632394f6a28face8a64f9d06e15f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86521
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Feb 2023 13:47:38 GMT

GET
H/1.1 200
OK celestial-court.jpg
img.theepochtimes.com/assets/themes/eet/images/shenyun/ 520 KB
521 KB 166ms
25ms Image
image/jpeg 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/themes/eet/images/shenyun/celestial-court.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/syreview-global.css?ver=20211231
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 86ad39b005997d03b39726be2259383a5b6ce287fdcff0ed51eaaf82adb303ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 13:47:38 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1289467
Content-Length: 532493
Last-Modified: Wed, 21 Dec 2022 00:03:29 GMT
Server: nginx
ETag: "63a24d51-8200d"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30867937
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Mon, 29 Jan 2024 20:13:15 GMT

GET
H/1.1 200
OK RingsideNarrow-Book.otf
img.theepochtimes.com/fonts/ 124 KB
125 KB 163ms
27ms Font
application/octet-stream 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img.theepochtimes.com/fonts/RingsideNarrow-Book.otf
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20230125
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d1a4a7aa00e62b62538f84f4f380c16796c88078656d204c4f5ceebb59d84fe8

Request headers

Referer: https://www.theepochtimes.com/
Origin: https://www.theepochtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 13:47:38 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1289467
Content-Length: 126860
Last-Modified: Tue, 03 Sep 2019 20:36:19 GMT
Server: nginx
ETag: "5d6ecec3-1ef8c"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=5836974
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts

GET
H/1.1 200
OK RingsideNarrow-Medium.otf
img.theepochtimes.com/fonts/ 123 KB
124 KB 164ms
24ms Font
application/octet-stream 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img.theepochtimes.com/fonts/RingsideNarrow-Medium.otf
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20230125
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55

Request headers

Referer: https://www.theepochtimes.com/
Origin: https://www.theepochtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 13:47:38 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1289467
Content-Length: 126244
Last-Modified: Mon, 18 Feb 2019 15:36:07 GMT
Server: nginx
ETag: "5c6ad0e7-1ed24"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=5836931
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts

GET
H2 200 1ellvldt380LQXQvrQHdPnUUx1m91c Show response
www.ganjing.com/embed/ Frame AA86 9 KB
3 KB 570ms
510ms Document
text/html 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: 69048a3af55a36885708c7b08b1785e8267d06c21950d3cc9676c1f2f0ef3af0

Request headers

Referer: https://www.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: s-maxage=60, stale-while-revalidate
cf-cache-status: DYNAMIC
cf-ray: 795456bfee4335fe-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 06 Feb 2023 13:47:39 GMT
server: cloudflare
vary: Accept-Encoding
x-nextjs-cache: STALE
x-powered-by: Next.js

GET
H2 200 1f85ha3tqs04ybK5PQYbbDocj13v1c Show response
www.ganjing.com/embed/ Frame 6A2E 9 KB
3 KB 553ms
495ms Document
text/html 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: a27c8fa43cd1daac356ba5f18247dc83bd13a3e5994b1508818d4807b55918c9

Request headers

Referer: https://www.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: s-maxage=60, stale-while-revalidate
cf-cache-status: DYNAMIC
cf-ray: 795456bfee4535fe-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 06 Feb 2023 13:47:39 GMT
server: cloudflare
vary: Accept-Encoding
x-nextjs-cache: STALE
x-powered-by: Next.js

GET
H2 200 1fh48unhl3k7gGsykwlK2vwkT1q61c Show response
www.ganjing.com/embed/ Frame EB98 10 KB
4 KB 548ms
491ms Document
text/html 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: 357c942b0c277320c079e01a8ae48185dfae6101662dea2b3aeb53fdb72a5e9b

Request headers

Referer: https://www.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: s-maxage=60, stale-while-revalidate
cf-cache-status: DYNAMIC
cf-ray: 795456bfee4635fe-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 06 Feb 2023 13:47:39 GMT
server: cloudflare
vary: Accept-Encoding
x-nextjs-cache: STALE
x-powered-by: Next.js

GET
H2 200 zTAtXS8E_Do Show response
www.youtube.com/embed/ Frame 6662 68 KB
29 KB 198ms
91ms Document
text/html 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/zTAtXS8E_Do?wmode=transparent&wmode=opaque

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8c4969a41533e71d05522204208332aa7840f5ed08ef26188965582e590ee3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 13:47:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gradient-bg.png
www.theepochtimes.com/assets/themes/eet/images/shenyun/ 1 KB
1 KB 649ms
648ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/shenyun/gradient-bg.png

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/single-syreview.css?ver=20230203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

b20501a48ee082623ce336731775a7669b651aee98dea6551b98c8b1b05a2df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/assets/themes/eet/css/single-syreview.css?ver=20230203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Dec 2022 21:56:13 GMT
server: nginx
etag: "63a380fd-43b"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds281.fr8.sc,1675691259.cds281.fr8.e
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1083
x-xss-protection: 1; mode=block
x-device: desktop

GET
H2 200 backtotop.svg
www.theepochtimes.com/assets/themes/eet/images/ 1 KB
702 B 57ms
56ms Image
image/svg+xml 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theepochtimes.com/assets/themes/eet/images/backtotop.svg

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20230125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

8da32af77026023e902dd9fe5612041380d371b1703ca79f49fadd43091f28d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20230125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2017 20:15:25 GMT
server: nginx
etag: "59bae35d-498"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds320.fr8.c
content-type: image/svg+xml
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 579
x-xss-protection: 1; mode=block
x-device: desktop

GET
H2 200 D-DIN.otf
www.theepochtimes.com/assets/themes/eet/fonts/ 58 KB
59 KB 47ms
46ms Font
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theepochtimes.com/assets/themes/eet/fonts/D-DIN.otf

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20230125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx /

Resource Hash

6d67834e2a76646c456c087ce42a6bd6b6b0c85c88dd9918618a8b4c563c2bdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20230125
Origin: https://www.theepochtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Sep 2018 15:47:56 GMT
server: nginx
etag: "5b8ffaac-e9d4"
x-hw: 1675691258.cds163.fr8.hn,1675691258.cds335.fr8.c
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 59860
x-xss-protection: 1; mode=block
x-device: desktop

GET
H/1.1 200
OK Acta-Book.otf
img.theepochtimes.com/fonts/ 42 KB
43 KB 142ms
24ms Font
application/octet-stream 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img.theepochtimes.com/fonts/Acta-Book.otf
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/css/global.css?ver=20230125
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b363b21bc03d5188a43ede2219616eaade9819d6b10f395ad66c7ee60c71ace2

Request headers

Referer: https://www.theepochtimes.com/
Origin: https://www.theepochtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 13:47:38 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1289467
Content-Length: 42924
Last-Modified: Fri, 19 Nov 2021 20:22:11 GMT
Server: nginx
ETag: "61980773-a7ac"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=5836376
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts

GET
H2 200 geo Show response
pwe.epochbase.com/ 148 B
355 B 217ms
133ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/geo
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 8eda1600837fe2b7e74f4ae8025797b1594846d596f60e7011e1986bbd18e907

Request headers

Accept: */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148

GET
H2 200 test Show response
www.youmaker.com/g/ 7 B
212 B 117ms
31ms XHR
application/json 35.201.68.206
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.youmaker.com/g/test
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.68.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 206.68.201.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154

Request headers

Accept: */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:38 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7

GET
H/1.1 200
OK Choi-Sang-yoon-S.-Korea-2-300x180.jpg
img.theepochtimes.com/assets/uploads/2023/02/06/ 13 KB
14 KB 25ms
24ms Image
image/jpeg 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2023/02/06/Choi-Sang-yoon-S.-Korea-2-300x180.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: dbc7ba0be01a277464fa7f3afc5b0755fdd435fa4f590c37ede474678b29e6c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 13:47:38 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1289467
Content-Length: 13337
Last-Modified: Mon, 06 Feb 2023 07:07:11 GMT
Server: nginx
ETag: "63e0a71f-3419"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31512566
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Tue, 06 Feb 2024 07:17:04 GMT

GET
H/1.1 200
OK bl2-300x180.jpg
img.theepochtimes.com/assets/uploads/2023/02/05/ 78 KB
79 KB 23ms
22ms Image
image/jpeg 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2023/02/05/bl2-300x180.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 079f967858d232181201f54bc649796ce9b009c5252b706596001176c51ba6ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 13:47:39 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1289467
Content-Length: 80319
Last-Modified: Sun, 05 Feb 2023 06:12:00 GMT
Server: nginx
ETag: "63df48b0-139bf"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31424369
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Mon, 05 Feb 2024 06:47:08 GMT

GET
H/1.1 200
OK 12-20230204-Cleveland-StaceyTang-Eric-Dudenhoefer-300x180.jpg
img.theepochtimes.com/assets/uploads/2023/02/05/ 43 KB
44 KB 23ms
23ms Image
image/jpeg 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2023/02/05/12-20230204-Cleveland-StaceyTang-Eric-Dudenhoefer-300x180.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f8443f9254e462014a63ec61a6bc46e1fc8f5af743a48c403bb3475692d493f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 13:47:39 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1289467
Content-Length: 44065
Last-Modified: Sun, 05 Feb 2023 05:53:08 GMT
Server: nginx
ETag: "63df4444-ac21"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31421562
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Mon, 05 Feb 2024 06:00:21 GMT

GET
H/1.1 200
OK LYON_20230204_Anthony-FABVRE_ingenieur-electronique-1200x675-2-300x180.jpg
img.theepochtimes.com/assets/uploads/2023/02/05/ 12 KB
13 KB 40ms
22ms Image
image/jpeg 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2023/02/05/LYON_20230204_Anthony-FABVRE_ingenieur-electronique-1200x675-2-300x180.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 22d063d3e9da920b29f89c92d2351d506e9f412cacc750d56f72c915a9230f5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 13:47:39 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1289467
Content-Length: 12166
Last-Modified: Sun, 05 Feb 2023 03:31:42 GMT
Server: nginx
ETag: "63df231e-2f86"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31412258
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Mon, 05 Feb 2024 03:25:17 GMT

GET
H/1.1 200
OK Kim-Sung-woo-300x180.jpg
img.theepochtimes.com/assets/uploads/2023/02/04/ 33 KB
33 KB 29ms
22ms Image
image/jpeg 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2023/02/04/Kim-Sung-woo-300x180.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c0f7aea0d0e606f6c7b1db424f12a67f4e9b7004ec6a842fb0cd3348a52cacb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 13:47:39 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1289467
Content-Length: 33422
Last-Modified: Sat, 04 Feb 2023 22:32:49 GMT
Server: nginx
ETag: "63dedd11-828e"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31397242
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Sun, 04 Feb 2024 23:15:01 GMT

GET
H/1.1 200
OK 001-300x180.jpg
img.theepochtimes.com/assets/uploads/2023/02/04/ 16 KB
16 KB 23ms
22ms Image
image/jpeg 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2023/02/04/001-300x180.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 73a2b9940c854d43bfa4b864f5a75e0fd64615b9b541505516414a449b2555eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 13:47:39 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1289467
Content-Length: 16181
Last-Modified: Sat, 04 Feb 2023 20:20:26 GMT
Server: nginx
ETag: "63debe0a-3f35"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31391584
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Sun, 04 Feb 2024 21:40:43 GMT

GET
H/1.1 200
OK 15-20230203-730pm-Nashville-Yawen-Musician-Drummer-2-300x180.jpg
img.theepochtimes.com/assets/uploads/2023/02/04/ 14 KB
14 KB 36ms
21ms Image
image/jpeg 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2023/02/04/15-20230203-730pm-Nashville-Yawen-Musician-Drummer-2-300x180.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d6b130690d1bd94273360c2c6e565fe24131f50d587a692b0ac50c8525c1e1a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 13:47:39 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1289467
Content-Length: 13843
Last-Modified: Sat, 04 Feb 2023 09:03:21 GMT
Server: nginx
ETag: "63de1f59-3613"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31346407
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Sun, 04 Feb 2024 09:07:46 GMT

GET
H/1.1 200
OK 80-20230202-santo-domingo-former-minister-300x180.jpg
img.theepochtimes.com/assets/uploads/2023/02/04/ 17 KB
18 KB 24ms
24ms Image
image/jpeg 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.theepochtimes.com/assets/uploads/2023/02/04/80-20230202-santo-domingo-former-minister-300x180.jpg
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bc5bc42b3cf19b3a904113e33a5d08ab3fafac6ff5cc0cbe7dbec48b282dda76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 13:47:39 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1289467
Content-Length: 17334
Last-Modified: Sat, 04 Feb 2023 06:26:34 GMT
Server: nginx
ETag: "63ddfa9a-43b6"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31339809
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Expires: Sun, 04 Feb 2024 07:17:48 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 30ms
29ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1174897216&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&dp=%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&ul=en-us&de=UTF-8&dt=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=1339617100&gjid=86247450&cid=1234335394.1675691259&uid=anonb09f-18b3-4164-8de8-ac416d6ed5b8&tid=UA-10465455-30&_gid=798903115.1675691259&_r=1&_slc=1&cd1=31712&cd3=%3Baudience-comments-31712%3Bcity-2-31714%3Bcompany-2-31711%3Beditors-picks-31718%3Bnashville-united-states-32922%3Bshenyun-north-america-company-99751%3Bshen-yun-9%3B&cd4=%3Btop-stories-98893%3B&cd5=%3Baudience-comments-31712%3Bcity-2-31714%3Bcompany-2-31711%3Beditors-picks-31718%3Bnashville-united-states-32922%3Bshenyun-north-america-company-99751%3Bshen-yun-9%3B&cd21=5033767&cd23=Epoch%20Newsroom&cd26=Audience%20Comments&cd28=%3BAudience%20Comments%3BCity%3BCompany%3BEditor%27s%20Picks%3BNashville%3BNorth%20America%20Company%3BShen%20Yun%3BUnited%20States%3B&cd29=%3Bshen%20yun%3B&cd30=20230204&cd31=20230204&cd33=1014&cd42=%3Bshen-yun%3B&cd43=post&cd18=anonb09f-18b3-4164-8de8-ac416d6ed5b8&z=190085619

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 93ms
32ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-10465455-30&cid=1234335394.1675691259&jid=1339617100&uid=anonb09f-18b3-4164-8de8-ac416d6ed5b8&gjid=86247450&_gid=798903115.1675691259&_u=YGBACEAABAAAACAAI~&z=691455175

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 Feb 2023 13:47:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/97ea7458/ Frame 6662 360 KB
49 KB 35ms
35ms Stylesheet
text/css 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/97ea7458/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zTAtXS8E_Do?wmode=transparent&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b95164237b524353d235fd03cdc0ddf54a489315c59ee4e744cf120657a1ee33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zTAtXS8E_Do?wmode=transparent&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 12:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 176883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49954
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 04 Feb 2024 12:39:36 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6662 15 KB
16 KB 77ms
24ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zTAtXS8E_Do?wmode=transparent&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 12:17:50 GMT
x-content-type-options: nosniff
age: 178189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 12:17:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6662 15 KB
15 KB 82ms
30ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zTAtXS8E_Do?wmode=transparent&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:21:19 GMT
x-content-type-options: nosniff
age: 573980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 22:21:19 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 96ms
46ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-10465455-30&cid=1234335394.1675691259&jid=1339617100&_u=YGBACEAABAAAACAAI~&z=620515858

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 163ms
69ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-10465455-30&cid=1234335394.1675691259&jid=1339617100&_u=YGBACEAABAAAACAAI~&z=620515858

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/97ea7458/www-embed-player.vflset/ Frame 6662 344 KB
108 KB 48ms
48ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zTAtXS8E_Do?wmode=transparent&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aedf6cfea0cab0b1f40f53ec29e95bd9f6fa480a13050e877e2a29bc3875ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zTAtXS8E_Do?wmode=transparent&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 10:22:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110070
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 10:22:12 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/ Frame 6662 2 MB
600 KB 94ms
94ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zTAtXS8E_Do?wmode=transparent&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b169400c72045d965aac2010ff973d4184849800eac9e3ced121b38cabf8317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zTAtXS8E_Do?wmode=transparent&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 20:17:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 235790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613648
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 03 Feb 2024 20:17:49 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/97ea7458/fetch-polyfill.vflset/ Frame 6662 9 KB
3 KB 66ms
66ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/97ea7458/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zTAtXS8E_Do?wmode=transparent&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zTAtXS8E_Do?wmode=transparent&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 20:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 04 Feb 2024 20:13:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
63 KB 66ms
65ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-737062143&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a72e4bec1a42a780a85e5d0dd32b4a9f77f9ce02f8e930c6016cb18060bbb9dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64510
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Feb 2023 13:47:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
63 KB 85ms
84ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-676906137&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e8c42bd576aeaea9f3cd8b493674845bad32810e4e1341b22ccd02bff8f23d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64507
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Feb 2023 13:47:39 GMT

POST
H2 204 collect
ea.epochbase.com/api/analytics/g/ 0
233 B 523ms
272ms Ping
text/plain 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api/analytics/g/collect?v=2&tid=G-RD0QM5H02Q&gtm=45je3210&_p=1174897216&cid=1234335394.1675691259&ul=en-us&sr=1600x1200&_fplc=0&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675691259&sct=1&seg=0&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&dt=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&en=page_view&_fv=1&_ss=1&_ee=1&ep.page_path=%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&ep.post_id=5033767&ep.primary_category_name=Audience%20Comments&ep.eet_tags=shen%20yun&ep.all_term_ids=audience-comments-31712%3Bcity-2-31714%3Bcompany-2-31711%3Beditors-picks-31718%3Bnashville-united-states-32922%3Bshenyun-north-america-company-99751%3Bshen-yun-9
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Naples, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: https://www.theepochtimes.com
date: Mon, 06 Feb 2023 13:47:39 GMT
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/717879253/ 2 KB
1 KB 124ms
71ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/717879253/?random=1675691259116&cv=11&fst=1675691259116&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&auid=969631595.1675691259&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f059cad72441c3cc43c6d89b19bb51bf6ce07ab63195ab78df221bc243be666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 944
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 80ms
21ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2a15822e997e4b7b172e4b1e4c1366dd01f10ff936a8971ce15510f207b5d25c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
etag: "u+riIbpeWSVolXo4r+dT2g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 13 Feb 2023 13:47:39 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 93ms
23ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-107.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 02:09:54 GMT
Content-Encoding: gzip
Via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
Age: 13088266
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Cache-Control: max-age=26920000
Connection: keep-alive
X-Amz-Cf-Id: 6KnC7lumwkR5Wy0gGOkkqOdh3ZqG-W-Wthbspeyvl0_8U18ZoDN5hg==

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 112ms
45ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 06 Feb 2023 13:47:38 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 081C6CBCE7484AD39DE69F8B6D2EC93C Ref B: DUS30EDGE0919 Ref C: 2023-02-06T13:47:39Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 102ms
22ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230037-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
50 KB 64ms
63ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-696467118

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3528e14e3ef71156adcbeac11ac4495f093564a3703bbfb34eef557d6f25ca03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50679
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Feb 2023 13:47:39 GMT

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 9 KB
4 KB 85ms
20ms Script
application/javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires: Fri, 27 Jan 2023 02:11:02 GMT
Date: Mon, 06 Feb 2023 13:47:39 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 41776
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3340
X-Served-By: cache-lga21930-LGA, cache-hhn-etou8220080-HHN
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1675691259.204715,VS0,VE0
ETag: W/"60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 15, 11423

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
https://a.clickcertain.com/px/smart/a/?c=244b81b94c69796&seg=musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
https://a.clickcertain.com/px/?c=244b81b94c69796

3 KB
2 KB

158ms
146ms

Script
text/javascript

2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=244b81b94c69796
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: H2
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ef2f7f6511861add1af033f12c1fd49a116835b5c8b4e745a423ab359900107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: br
x-frontend: cc-nginx-64dcbdf744-r7nn4:cc-nginx-64dcbdf744-r7nn4
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 675eb112-5bc1-4acf-a91b-d56ff57f88a7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgVS7nYOWBoqpCtViMIkbbHY%2BJnTzq1sJreqfWGYVoolw4HaEUFjGGDxp22L8%2FAjbiXCWkjMMwPnf3%2BF3b0jR4mySloVIfGB0jfYIdahZ4fUTGiNK%2BJeFRHGh1zEISgqydrb1qJpz0uX8N5IhIfxFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 795456c4ddd49024-FRA

Redirect headers

date: Mon, 06 Feb 2023 13:47:39 GMT
x-frontend: cc-nginx-64dcbdf744-khdmr:cc-nginx-64dcbdf744-khdmr
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 15041115-16ca-4547-b827-375395f4b1f7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQshuqyD83vWEIpG0MRjj2trecH%2F2zHkfqk%2F5WVnOPN%2BEU%2FVVoRGTdvs5X9E%2F5iBM0i7GGugoK0z0IsHp5W1HhGru2np5h1x7v3V%2BF%2BOxJruCDTD82WtdrdIoN83edab6%2FK67chZr70u4qkYCnWMjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=244b81b94c69796
cf-ray: 795456c34c899024-FRA

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 107ms
36ms Image
text/plain 13.224.103.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1675691259114&ns_c=UTF-8&c8=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&c7=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&c9=
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-60.zrh50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: wpmQG0zIMNCKKIDdeGuA1r2aTNFNu8dMHlTtXz6hMW09HH25Aulm1Q==
x-cache: Miss from cloudfront

GET
H3 200 geo Show response
subs.theepochtimes.com/rules/ 115 B
132 B 243ms
193ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/rules/geo
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: a1c3b720fb7ce71ab6a38d07d5b7f75b4fceba10265032033bb4d788163f024b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length: 115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/737062143/ 2 KB
1 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/737062143/?random=1675691259204&cv=11&fst=1675691259204&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&auid=969631595.1675691259&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-737062143&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e977ff92f99f8a489faedf36d615cbf1e937820d69d6bf58dea3a2a3a43fc0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 961
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/737062143/ 3 KB
1 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/737062143/?random=1675691259214&cv=11&fst=1675691259214&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&auid=969631595.1675691259&uamb=0&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html%3Bpost_id%3D5033767%3Bprimary_category_name%3DAudience%20Comments%3Beet_tags%3Dshen%20yun%3Ball_term_ids%3Daudience-comments-31712%5C%3Bcity-2-31714%5C%3Bcompany-2-31711%5C%3Beditors-picks-31718%5C%3Bnashville-united-states-32922%5C%3Bshenyun-north-america-company-99751%5C%3Bshen-yun-9&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-737062143&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

609e643dc8112d361569e8d5e0effab9b2992359aed48f5a77963d5ca86a3228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1120
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/676906137/ 2 KB
1 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/676906137/?random=1675691259232&cv=11&fst=1675691259232&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&auid=969631595.1675691259&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-676906137&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e5fdbb4584a14bada945155524cb5ca5c2efcf2d5863b06d2e370817728ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 960
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/676906137/ 3 KB
1 KB 137ms
136ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/676906137/?random=1675691259242&cv=11&fst=1675691259242&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&auid=969631595.1675691259&uamb=0&uaw=0&data=event%3Dpage_view%3Bpage_path%3D%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html%3Bpost_id%3D5033767%3Bprimary_category_name%3DAudience%20Comments%3Beet_tags%3Dshen%20yun%3Ball_term_ids%3Daudience-comments-31712%5C%3Bcity-2-31714%5C%3Bcompany-2-31711%5C%3Beditors-picks-31718%5C%3Bnashville-united-states-32922%5C%3Bshenyun-north-america-company-99751%5C%3Bshen-yun-9&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-676906137&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9892bcc6928635616f5798e2da84159d8fc82dea14df38f2fbd32c1b4495f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1120
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-a128V7tctPVtT.js Show response
rules.quantcount.com/ 3 B
448 B 104ms
26ms Script
application/javascript 2600:9000:2190:2e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-a128V7tctPVtT.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:2e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:01:35 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
age: 26160
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:44:26 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: Ak5JPtTPCViYHRkaUTWds8z33VG4RB96FrYyrc2hfCmNd7TVGh5cUw==

GET
H/1.1 200
OK pixie
ib.adnxs.com/ 42 B
347 B 84ms
27ms Image
image/gif 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=a5648d7d-6906-4c7f-b72f-e2554cdb878d&it=1675691259262&v=0.0.20&u=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&st=1675691259261&et=1675691259262&if=0
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 13:47:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.21.3
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 42
Content-Type: image/gif

GET atrk.gif
certify.alexametrics.com/ 0
0

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 444ms
118ms Image
text/plain 18.117.44.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.117.44.170 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-117-44-170.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
server: Server

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 189ms
129ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=fd75779f-56d7-4fff-8770-078519eb343d&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1a136e4b-88c1-40b2-9a7f-52f1521ff803&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tw_iframe_status=0&txn_id=od4qh&type=javascript&version=2.3.29

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 107
date: Mon, 06 Feb 2023 13:47:38 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 28f88b5eaea9d86e
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 8d6ac2700aa25977f859fbf199f2c88294f868b6b331644afef9f2d2afdd45b9
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
726 B 181ms
124ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=fd75779f-56d7-4fff-8770-078519eb343d&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1a136e4b-88c1-40b2-9a7f-52f1521ff803&tw_document_href=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tw_iframe_status=0&txn_id=od4qh&type=javascript&version=2.3.29

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 103
date: Mon, 06 Feb 2023 13:47:39 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: d3e76ba51c8bd81f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: c6888eea0b0e8eeedfc2cfd6f449550cd08417f35e1f7665d613f7efda8cbfec
content-length: 43

GET
H2 200 138003605.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 49ms
49ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/138003605.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

387fc42e5f283653be73b1db1b304db27b540bb180fa9bf7b378bb3bce5c2408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 06 Feb 2023 13:47:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 80F05D10DD5346FC8174796D6AB47D9A Ref B: DUS30EDGE0919 Ref C: 2023-02-06T13:47:39Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60
content-length: 1498

GET
H2 204 0
bat.bing.com/action/ 0
288 B 69ms
69ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=138003605&Ver=2&mid=ff703e9f-82ff-414d-90fe-6e774ad2b6f4&sid=d220bcc0a62411eda7c9f161c704a9fa&vid=d220ca90a62411ed83cab541d08cda2b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&kw=shen%20yun,THE%20EPOCH%20TIMES&p=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&r=&lt=1446&evt=pageLoad&sv=1&rn=831241

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Feb 2023 13:47:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5794ED42936B487D8B8E7C2A956A55A4 Ref B: DUS30EDGE0919 Ref C: 2023-02-06T13:47:39Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/696467118/ 2 KB
1 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696467118/?random=1675691259284&cv=11&fst=1675691259284&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&auid=969631595.1675691259&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-696467118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09dc90b25fbb44b8507fea14bc809c166367297c89d01094070648615ca3de8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 961
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/717879253/ 42 B
154 B 40ms
38ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/717879253/?random=1675691259116&cv=11&fst=1675688400000&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&fmt=3&is_vtc=1&random=1288535785&rmt_tld=0&ipr=y

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/717879253/ 42 B
154 B 65ms
63ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/717879253/?random=1675691259116&cv=11&fst=1675688400000&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&fmt=3&is_vtc=1&random=1288535785&rmt_tld=1&ipr=y

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 6662
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
159 B

30ms
30ms

XHR
application/json

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zTAtXS8E_Do?wmode=transparent&wmode=opaque

Protocol

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30df671c8b7f6ac560d2787134a5c1c03b9fd82e0d2e7109fc2c0b6abb9b99ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 06 Feb 2023 13:47:39 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 6662 29 B
495 B 78ms
23ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:37:02 GMT
x-content-type-options: nosniff
age: 637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Feb 2023 13:52:02 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 87ms
33ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 06 Feb 2023 13:47:39 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6662 66 KB
30 KB 39ms
39ms XHR
application/json+protobuf 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7bd73880faa1fe39de4fa4d875f92fb9ca65a7f73e3d58a9ed717948d5f454b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30782
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/ Frame 6662 119 KB
36 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67a19947df4e23cd523fd968a39ea92bf2c2409b11696a6fc07b3bac77ab57a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zTAtXS8E_Do?wmode=transparent&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 10:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 184267
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37293
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 04 Feb 2024 10:36:32 GMT

GET
H3 200 J0Wtb-3apQjiEgHhOVup9kp7pTLa1a3i127gprViyoA.js Show response
www.google.com/js/th/ Frame 6662 36 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/J0Wtb-3apQjiEgHhOVup9kp7pTLa1a3i127gprViyoA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2745ad6feddaa508e21201e1395ba9f64a7ba532dad5ade2d76ee0a6b562ca80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 10:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14261
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 10:19:06 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/ Frame 6662 26 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29cc91344fa42a2ddf205c2d26b851ae379f940eb5c0e321cc274d32bc629ced

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zTAtXS8E_Do?wmode=transparent&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 22:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 226174
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8403
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 03 Feb 2024 22:58:05 GMT

GET
DATA 200
OK truncated
/ Frame 6662 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 vQb4GUEiLc-FM7z8Cs7D05f9vtGbLAOrZNdCOX7o9EtXUM-dN-1CWQIgAZShILbqgOmCaV2P=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 6662 4 KB
5 KB 131ms
37ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/vQb4GUEiLc-FM7z8Cs7D05f9vtGbLAOrZNdCOX7o9EtXUM-dN-1CWQIgAZShILbqgOmCaV2P=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zTAtXS8E_Do?wmode=transparent&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d36ddc90f104f54c0d9b9a5ffef6aeb21194de337098d8905707ec506d2e4ec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:42:27 GMT
x-content-type-options: nosniff
age: 312
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4309
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 30 Jan 2023 15:37:33 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/zTAtXS8E_Do/ Frame 6662 36 KB
36 KB 127ms
35ms Image
image/jpeg 2a00:1450:400d:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/zTAtXS8E_Do/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGDcgRih_MA8=&rs=AOn4CLDZ3B2La9uOtOe6rNJzxm3b3PvvdA

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zTAtXS8E_Do?wmode=transparent&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

919d50a4381f12ae6488e4cafc6c21ea912bf114ee10df717eb7418ffe467796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:02:18 GMT
x-content-type-options: nosniff
age: 2721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36709
x-xss-protection: 0
server: sffe
etag: "1667587371"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Feb 2023 15:02:18 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/676906137/ 42 B
64 B 36ms
36ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/676906137/?random=1675691259232&cv=11&fst=1675688400000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=859210444&rmt_tld=0&ipr=y

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/676906137/ 42 B
64 B 61ms
60ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/676906137/?random=1675691259232&cv=11&fst=1675688400000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=859210444&rmt_tld=1&ipr=y

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/737062143/ 42 B
64 B 39ms
37ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/737062143/?random=1675691259204&cv=11&fst=1675688400000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2296810874&rmt_tld=0&ipr=y

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/737062143/ 42 B
64 B 61ms
60ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/737062143/?random=1675691259204&cv=11&fst=1675688400000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2296810874&rmt_tld=1&ipr=y

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/737062143/ 42 B
64 B 38ms
37ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/737062143/?random=1675691259214&cv=11&fst=1675688400000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&data=event%3Dpage_view%3Bpage_path%3D%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html%3Bpost_id%3D5033767%3Bprimary_category_name%3DAudience%20Comments%3Beet_tags%3Dshen%20yun%3Ball_term_ids%3Daudience-comments-31712%5C%3Bcity-2-31714%5C%3Bcompany-2-31711%5C%3Beditors-picks-31718%5C%3Bnashville-united-states-32922%5C%3Bshenyun-north-america-company-99751%5C%3Bshen-yun-9&fmt=3&is_vtc=1&random=2541488101&rmt_tld=0&ipr=y

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/737062143/ 42 B
64 B 63ms
62ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/737062143/?random=1675691259214&cv=11&fst=1675688400000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&data=event%3Dpage_view%3Bpage_path%3D%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html%3Bpost_id%3D5033767%3Bprimary_category_name%3DAudience%20Comments%3Beet_tags%3Dshen%20yun%3Ball_term_ids%3Daudience-comments-31712%5C%3Bcity-2-31714%5C%3Bcompany-2-31711%5C%3Beditors-picks-31718%5C%3Bnashville-united-states-32922%5C%3Bshenyun-north-america-company-99751%5C%3Bshen-yun-9&fmt=3&is_vtc=1&random=2541488101&rmt_tld=1&ipr=y

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 138003605 Show response
www.clarity.ms/tag/uet/ 853 B
1 KB 263ms
121ms Script
application/x-javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/138003605
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/138003605.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2db1e1d64ea8bfd67c5fe89d8a1bf7f3edd08b8079de7c85e5c631469f7d871c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
date: Mon, 06 Feb 2023 13:47:39 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 20230206T134739Z-yqtz5r772d7wp63x06ppfy8cds00000000f000000000545a
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript

GET
H2 200 css2
fonts.googleapis.com/ Frame EB98 689 KB
189 KB 183ms
128ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@300;400;500&family=Noto+Sans+SC:wght@300;400;500&family=Inter:wght@300;400;500;600&display=swap

Requested by

Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

122a490a084a6175bcc01130e8b1aaa58bfadcfe89cfee6336631d1cc324bb8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 13:47:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 13:47:39 GMT

GET
H2 200 bbce1ae5d48b6d5f.css
www.ganjing.com/_next/static/css/ Frame EB98 201 KB
42 KB 29ms
28ms Stylesheet
text/css 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/css/bbce1ae5d48b6d5f.css
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be7a220d60a7bd51ac606b90a4d550042c87433780d7da8d81b62399c878c92e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384257
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"3240e-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c3abd935fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 7c735c05af084bb2.css
www.ganjing.com/_next/static/css/ Frame EB98 39 KB
10 KB 49ms
48ms Stylesheet
text/css 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/css/7c735c05af084bb2.css
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e3026adb47ff75d18a9436adb59ddf825e6ff5cab9683d03bff82033a92064a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384257
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"9d9f-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c3abda35fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 894e782f39c5a8ba.css
www.ganjing.com/_next/static/css/ Frame EB98 12 KB
2 KB 36ms
36ms Stylesheet
text/css 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/css/894e782f39c5a8ba.css
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 509ccee1c341e53e2d51588a3fa00a787601ed76c7095e93e90beb73746c296c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384257
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"2ec2-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c3abdb35fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 webpack-7d0f7d7cd10a9aaa.js Show response
www.ganjing.com/_next/static/chunks/ Frame EB98 5 KB
2 KB 51ms
41ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/webpack-7d0f7d7cd10a9aaa.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7dea370ce238867cd473775fec2a26a7dbd52f9e1aab1988011d5a07be3e8a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384257
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"1281-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c40c6f35fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 framework-79bce4a3a540b080.js Show response
www.ganjing.com/_next/static/chunks/ Frame EB98 127 KB
41 KB 37ms
28ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/framework-79bce4a3a540b080.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384257
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"1fbd2-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c40c7135fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 main-742771989ef851c4.js Show response
www.ganjing.com/_next/static/chunks/ Frame EB98 120 KB
36 KB 49ms
39ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/main-742771989ef851c4.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8719ad2274487868fa9d126449106f983acb227103fcb55d2ad06e3bef424358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384257
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"1e032-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c40c7235fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 _app-d4ee09ae49f77dfb.js Show response
www.ganjing.com/_next/static/chunks/pages/ Frame EB98 959 KB
276 KB 41ms
31ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/pages/_app-d4ee09ae49f77dfb.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fcb61a58041827488263f99804c06203cd9a47a61e2627d2cdb1060b28cf3de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 320785
last-modified: Thu, 02 Feb 2023 19:08:37 GMT
server: cloudflare
etag: W/"efb67-1861387df08"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c40c7335fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 d6e1aeb5-53234b220bebb86b.js Show response
www.ganjing.com/_next/static/chunks/ Frame EB98 473 KB
126 KB 49ms
40ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/d6e1aeb5-53234b220bebb86b.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a7615859698d8516017f2209b87a64d9ee8f11fcf1fd479f05eac785367bb62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384251
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"762a6-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c40c7435fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 1502-7aee2157a1c21dc0.js Show response
www.ganjing.com/_next/static/chunks/ Frame EB98 114 KB
37 KB 49ms
39ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/1502-7aee2157a1c21dc0.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f158db2378cbf9a9c1152fc64817c1b2b4518d8949fbbe4dca6d685ae717b0f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384245
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"1c79d-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c40c7635fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 1516-f21be584446af196.js Show response
www.ganjing.com/_next/static/chunks/ Frame EB98 45 KB
14 KB 48ms
39ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/1516-f21be584446af196.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7697bb9c3b10b590ff893af78c80b7d472a3a5e295815c2133572d6d54e7f102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 353215
last-modified: Thu, 02 Feb 2023 05:31:07 GMT
server: cloudflare
etag: W/"b30b-186109b6d78"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c40c7735fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 2400-4ca07a4841ce9e7f.js Show response
www.ganjing.com/_next/static/chunks/ Frame EB98 15 KB
6 KB 48ms
39ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/2400-4ca07a4841ce9e7f.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e394553837d6f0e24d8f7a9fc9480686f6a63b75fd32ee1457bbbfb927cf1995

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384249
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"3c13-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c41c7835fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 %5B...ids%5D-dc8ffd41967ac52b.js Show response
www.ganjing.com/_next/static/chunks/pages/embed/ Frame EB98 14 KB
5 KB 49ms
40ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/pages/embed/%5B...ids%5D-dc8ffd41967ac52b.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf309534fd85ce30dd71b6ed6e5182df609d05de10e0155f0c70bdfb974db410

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384249
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"3965-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c41c7935fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 _buildManifest.js Show response
www.ganjing.com/_next/static/PWdGBBN40S-IBQDUzcIHO/ Frame EB98 6 KB
2 KB 49ms
40ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/PWdGBBN40S-IBQDUzcIHO/_buildManifest.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b58a54319b4c750bf312dbdad69538ddcea68a33af95fc176e6f25cd3cdedb72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 320784
last-modified: Thu, 02 Feb 2023 19:08:37 GMT
server: cloudflare
etag: W/"183e-1861387df08"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c41c7a35fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 _ssgManifest.js Show response
www.ganjing.com/_next/static/PWdGBBN40S-IBQDUzcIHO/ Frame EB98 489 B
297 B 48ms
40ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/PWdGBBN40S-IBQDUzcIHO/_ssgManifest.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26b494029cb2e7555cb08fb664e2eb803520da837ed3491d3718987947caa472

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 320784
last-modified: Thu, 02 Feb 2023 19:08:50 GMT
server: cloudflare
etag: W/"1e9-186138811d0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c41c7b35fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 6A2E 689 KB
190 KB 96ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@300;400;500&family=Noto+Sans+SC:wght@300;400;500&family=Inter:wght@300;400;500;600&display=swap

Requested by

Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

122a490a084a6175bcc01130e8b1aaa58bfadcfe89cfee6336631d1cc324bb8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 13:47:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 13:47:39 GMT

GET
H2 200 bbce1ae5d48b6d5f.css
www.ganjing.com/_next/static/css/ Frame 6A2E 201 KB
42 KB 45ms
44ms Stylesheet
text/css 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/css/bbce1ae5d48b6d5f.css
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be7a220d60a7bd51ac606b90a4d550042c87433780d7da8d81b62399c878c92e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384257
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"3240e-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c3bbe735fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 7c735c05af084bb2.css
www.ganjing.com/_next/static/css/ Frame 6A2E 39 KB
10 KB 49ms
49ms Stylesheet
text/css 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/css/7c735c05af084bb2.css
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e3026adb47ff75d18a9436adb59ddf825e6ff5cab9683d03bff82033a92064a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384257
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"9d9f-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c3bbe835fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 894e782f39c5a8ba.css
www.ganjing.com/_next/static/css/ Frame 6A2E 12 KB
2 KB 43ms
43ms Stylesheet
text/css 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/css/894e782f39c5a8ba.css
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 509ccee1c341e53e2d51588a3fa00a787601ed76c7095e93e90beb73746c296c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384257
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"2ec2-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c3bbe935fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 webpack-7d0f7d7cd10a9aaa.js Show response
www.ganjing.com/_next/static/chunks/ Frame 6A2E 5 KB
2 KB 49ms
41ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/webpack-7d0f7d7cd10a9aaa.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7dea370ce238867cd473775fec2a26a7dbd52f9e1aab1988011d5a07be3e8a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384257
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"1281-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c41c7d35fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 framework-79bce4a3a540b080.js Show response
www.ganjing.com/_next/static/chunks/ Frame 6A2E 127 KB
41 KB 49ms
41ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/framework-79bce4a3a540b080.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384257
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"1fbd2-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c41c8035fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 main-742771989ef851c4.js Show response
www.ganjing.com/_next/static/chunks/ Frame 6A2E 120 KB
36 KB 62ms
54ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/main-742771989ef851c4.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8719ad2274487868fa9d126449106f983acb227103fcb55d2ad06e3bef424358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384257
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"1e032-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c41c8135fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 _app-d4ee09ae49f77dfb.js Show response
www.ganjing.com/_next/static/chunks/pages/ Frame 6A2E 959 KB
276 KB 50ms
42ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/pages/_app-d4ee09ae49f77dfb.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fcb61a58041827488263f99804c06203cd9a47a61e2627d2cdb1060b28cf3de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 320785
last-modified: Thu, 02 Feb 2023 19:08:37 GMT
server: cloudflare
etag: W/"efb67-1861387df08"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c41c8235fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 d6e1aeb5-53234b220bebb86b.js Show response
www.ganjing.com/_next/static/chunks/ Frame 6A2E 473 KB
126 KB 48ms
41ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/d6e1aeb5-53234b220bebb86b.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a7615859698d8516017f2209b87a64d9ee8f11fcf1fd479f05eac785367bb62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384251
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"762a6-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c41c8335fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 1502-7aee2157a1c21dc0.js Show response
www.ganjing.com/_next/static/chunks/ Frame 6A2E 114 KB
37 KB 49ms
42ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/1502-7aee2157a1c21dc0.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f158db2378cbf9a9c1152fc64817c1b2b4518d8949fbbe4dca6d685ae717b0f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384245
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"1c79d-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c41c8435fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 1516-f21be584446af196.js Show response
www.ganjing.com/_next/static/chunks/ Frame 6A2E 45 KB
14 KB 50ms
42ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/1516-f21be584446af196.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7697bb9c3b10b590ff893af78c80b7d472a3a5e295815c2133572d6d54e7f102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 353215
last-modified: Thu, 02 Feb 2023 05:31:07 GMT
server: cloudflare
etag: W/"b30b-186109b6d78"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c41c8535fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 2400-4ca07a4841ce9e7f.js Show response
www.ganjing.com/_next/static/chunks/ Frame 6A2E 15 KB
6 KB 52ms
45ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/2400-4ca07a4841ce9e7f.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e394553837d6f0e24d8f7a9fc9480686f6a63b75fd32ee1457bbbfb927cf1995

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384249
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"3c13-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c41c8835fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 %5B...ids%5D-dc8ffd41967ac52b.js Show response
www.ganjing.com/_next/static/chunks/pages/embed/ Frame 6A2E 14 KB
5 KB 61ms
55ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/pages/embed/%5B...ids%5D-dc8ffd41967ac52b.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf309534fd85ce30dd71b6ed6e5182df609d05de10e0155f0c70bdfb974db410

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384249
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"3965-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c42c9e35fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 _buildManifest.js Show response
www.ganjing.com/_next/static/PWdGBBN40S-IBQDUzcIHO/ Frame 6A2E 6 KB
2 KB 62ms
55ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/PWdGBBN40S-IBQDUzcIHO/_buildManifest.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b58a54319b4c750bf312dbdad69538ddcea68a33af95fc176e6f25cd3cdedb72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 320784
last-modified: Thu, 02 Feb 2023 19:08:37 GMT
server: cloudflare
etag: W/"183e-1861387df08"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c42ca035fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 _ssgManifest.js Show response
www.ganjing.com/_next/static/PWdGBBN40S-IBQDUzcIHO/ Frame 6A2E 489 B
253 B 62ms
55ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/PWdGBBN40S-IBQDUzcIHO/_ssgManifest.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26b494029cb2e7555cb08fb664e2eb803520da837ed3491d3718987947caa472

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 320784
last-modified: Thu, 02 Feb 2023 19:08:50 GMT
server: cloudflare
etag: W/"1e9-186138811d0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c42ca235fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame AA86 689 KB
189 KB 131ms
90ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@300;400;500&family=Noto+Sans+SC:wght@300;400;500&family=Inter:wght@300;400;500;600&display=swap

Requested by

Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

122a490a084a6175bcc01130e8b1aaa58bfadcfe89cfee6336631d1cc324bb8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 13:47:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 13:47:39 GMT

GET
H2 200 bbce1ae5d48b6d5f.css
www.ganjing.com/_next/static/css/ Frame AA86 201 KB
42 KB 43ms
42ms Stylesheet
text/css 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/css/bbce1ae5d48b6d5f.css
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be7a220d60a7bd51ac606b90a4d550042c87433780d7da8d81b62399c878c92e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384257
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"3240e-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c3bbfa35fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 7c735c05af084bb2.css
www.ganjing.com/_next/static/css/ Frame AA86 39 KB
10 KB 43ms
43ms Stylesheet
text/css 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/css/7c735c05af084bb2.css
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e3026adb47ff75d18a9436adb59ddf825e6ff5cab9683d03bff82033a92064a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384257
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"9d9f-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c3bbfc35fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 894e782f39c5a8ba.css
www.ganjing.com/_next/static/css/ Frame AA86 12 KB
2 KB 43ms
42ms Stylesheet
text/css 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/css/894e782f39c5a8ba.css
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 509ccee1c341e53e2d51588a3fa00a787601ed76c7095e93e90beb73746c296c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384257
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"2ec2-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c3bbfd35fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 webpack-7d0f7d7cd10a9aaa.js Show response
www.ganjing.com/_next/static/chunks/ Frame AA86 5 KB
2 KB 62ms
56ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/webpack-7d0f7d7cd10a9aaa.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7dea370ce238867cd473775fec2a26a7dbd52f9e1aab1988011d5a07be3e8a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384257
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"1281-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c42ca335fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 framework-79bce4a3a540b080.js Show response
www.ganjing.com/_next/static/chunks/ Frame AA86 127 KB
41 KB 63ms
57ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/framework-79bce4a3a540b080.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384257
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"1fbd2-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c42ca435fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 main-742771989ef851c4.js Show response
www.ganjing.com/_next/static/chunks/ Frame AA86 120 KB
36 KB 62ms
56ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/main-742771989ef851c4.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8719ad2274487868fa9d126449106f983acb227103fcb55d2ad06e3bef424358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384257
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"1e032-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c42ca535fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 _app-d4ee09ae49f77dfb.js Show response
www.ganjing.com/_next/static/chunks/pages/ Frame AA86 959 KB
276 KB 63ms
57ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/pages/_app-d4ee09ae49f77dfb.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fcb61a58041827488263f99804c06203cd9a47a61e2627d2cdb1060b28cf3de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 320785
last-modified: Thu, 02 Feb 2023 19:08:37 GMT
server: cloudflare
etag: W/"efb67-1861387df08"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c42ca635fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 d6e1aeb5-53234b220bebb86b.js Show response
www.ganjing.com/_next/static/chunks/ Frame AA86 473 KB
126 KB 64ms
58ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/d6e1aeb5-53234b220bebb86b.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a7615859698d8516017f2209b87a64d9ee8f11fcf1fd479f05eac785367bb62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384251
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"762a6-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c42ca735fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 1502-7aee2157a1c21dc0.js Show response
www.ganjing.com/_next/static/chunks/ Frame AA86 114 KB
37 KB 65ms
60ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/1502-7aee2157a1c21dc0.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f158db2378cbf9a9c1152fc64817c1b2b4518d8949fbbe4dca6d685ae717b0f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384245
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"1c79d-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c42ca835fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 1516-f21be584446af196.js Show response
www.ganjing.com/_next/static/chunks/ Frame AA86 45 KB
14 KB 62ms
57ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/1516-f21be584446af196.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7697bb9c3b10b590ff893af78c80b7d472a3a5e295815c2133572d6d54e7f102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 353215
last-modified: Thu, 02 Feb 2023 05:31:07 GMT
server: cloudflare
etag: W/"b30b-186109b6d78"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c42cab35fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 2400-4ca07a4841ce9e7f.js Show response
www.ganjing.com/_next/static/chunks/ Frame AA86 15 KB
6 KB 64ms
59ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/2400-4ca07a4841ce9e7f.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e394553837d6f0e24d8f7a9fc9480686f6a63b75fd32ee1457bbbfb927cf1995

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384249
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"3c13-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c42cac35fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 %5B...ids%5D-dc8ffd41967ac52b.js Show response
www.ganjing.com/_next/static/chunks/pages/embed/ Frame AA86 14 KB
5 KB 65ms
59ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/pages/embed/%5B...ids%5D-dc8ffd41967ac52b.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf309534fd85ce30dd71b6ed6e5182df609d05de10e0155f0c70bdfb974db410

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384249
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"3965-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c42cad35fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 _buildManifest.js Show response
www.ganjing.com/_next/static/PWdGBBN40S-IBQDUzcIHO/ Frame AA86 6 KB
2 KB 69ms
64ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/PWdGBBN40S-IBQDUzcIHO/_buildManifest.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b58a54319b4c750bf312dbdad69538ddcea68a33af95fc176e6f25cd3cdedb72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 320784
last-modified: Thu, 02 Feb 2023 19:08:37 GMT
server: cloudflare
etag: W/"183e-1861387df08"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c42cae35fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H2 200 _ssgManifest.js Show response
www.ganjing.com/_next/static/PWdGBBN40S-IBQDUzcIHO/ Frame AA86 489 B
253 B 68ms
64ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/PWdGBBN40S-IBQDUzcIHO/_ssgManifest.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26b494029cb2e7555cb08fb664e2eb803520da837ed3491d3718987947caa472

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 320784
last-modified: Thu, 02 Feb 2023 19:08:50 GMT
server: cloudflare
etag: W/"1e9-186138811d0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c42cb035fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:39 GMT

GET
H3 200 get Show response
subs.theepochtimes.com/rules/ 3 MB
403 KB 158ms
157ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/rules/get?sid=www.theepochtimes.com&pid=4c14e06e-dead-4a19-833b-f676ae9d77da
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: f5f5d659d9cd04e4e66aea29ffba5105b522d8abfcfbee2fa3582c0ae249303f

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.20.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 websdksettings Show response
sdk-02.moengage.com/ 5 KB
2 KB 149ms
79ms XHR
application/json 2600:9000:2190:1400:11:652e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-02.moengage.com/websdksettings?app_id=49P44R50YP54GMKNGTOHPGAN&
Requested by: Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:1400:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a186717e4fa6f3aa9beba1181902e669a2515daed065589ff48cdf74adc85c97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b78.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: ZRH50-C1
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o_jZaH-QOQ_j4j_uNIR_xfey538QWS-Nvqd2PXtyvu9iaUxz8PFk0w==
expires: Mon, 06 Feb 2023 13:47:38 GMT

POST
H2 204 c Show response
ea.epochbase.com/api/pw/ 0
232 B 902ms
902ms XHR
text/plain 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Naples, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.theepochtimes.com
date: Mon, 06 Feb 2023 13:47:40 GMT
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE

OPTIONS
H2 200 c
ea.epochbase.com/api/pw/ Frame 0
0 333ms
109ms Preflight 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Naples, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Content-Type
access-control-allow-methods: GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin: *
allow: GET, POST, OPTIONS, PUT, DELETE
content-length: 0
date: Mon, 06 Feb 2023 13:47:39 GMT
server: nginx/1.20.1

GET
DATA 200
OK truncated
/ Frame EB98 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame 6A2E 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame AA86 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6662 90 B
134 B 39ms
38ms XHR
application/json+protobuf 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d894dfa6ceca04c90c9fa26bff61333b00a658ae1df5076f4baeda7f416b2c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/696467118/ 42 B
64 B 37ms
36ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/696467118/?random=1675691259284&cv=11&fst=1675688400000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1721156874&rmt_tld=0&ipr=y

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/696467118/ 42 B
64 B 72ms
71ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/696467118/?random=1675691259284&cv=11&fst=1675688400000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1721156874&rmt_tld=1&ipr=y

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 32ms
31ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 06 Feb 2023 13:47:39 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 pixel;r=1201831528;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html;uht=2;fpan=1;fpa=P0-485116192...
pixel.quantserve.com/ 35 B
371 B 71ms
23ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1201831528;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html;uht=2;fpan=1;fpa=P0-485116192-1675691259260;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230203135208;cm=;gdpr=0;ref=;d=theepochtimes.com;dst=0;et=1675691259616;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville%2Cdescription.NASHVILLE%252C%20Tenn%252E%E2%80%94Percussionist%20Greg%20Jones%20was%20greatly%20moved%20by%20Shen%20Yun%20Performi%2Curl.https%3A%2F%2Fwww%252Etheepochtimes%252Ecom%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-perf%2Csite_name.www%252Etheepochtimes%252Ecom%2Cupdated_time.2023-02-04T04%3A16%3A00-05%3A00%2Cimage.https%3A%2F%2Fimg%252Etheepochtimes%252Ecom%2Fassets%2Fuploads%2F2023%2F02%2F04%2F15-20230203-730pm-Nashvi;ses=4dab8a5d-00d4-4cb7-8223-d06b910f97ec

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/676906137/ 42 B
64 B 37ms
37ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/676906137/?random=1675691259242&cv=11&fst=1675688400000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&data=event%3Dpage_view%3Bpage_path%3D%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html%3Bpost_id%3D5033767%3Bprimary_category_name%3DAudience%20Comments%3Beet_tags%3Dshen%20yun%3Ball_term_ids%3Daudience-comments-31712%5C%3Bcity-2-31714%5C%3Bcompany-2-31711%5C%3Beditors-picks-31718%5C%3Bnashville-united-states-32922%5C%3Bshenyun-north-america-company-99751%5C%3Bshen-yun-9&fmt=3&is_vtc=1&random=2588085288&rmt_tld=0&ipr=y

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/676906137/ 42 B
64 B 69ms
69ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/676906137/?random=1675691259242&cv=11&fst=1675688400000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&data=event%3Dpage_view%3Bpage_path%3D%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html%3Bpost_id%3D5033767%3Bprimary_category_name%3DAudience%20Comments%3Beet_tags%3Dshen%20yun%3Ball_term_ids%3Daudience-comments-31712%5C%3Bcity-2-31714%5C%3Bcompany-2-31711%5C%3Beditors-picks-31718%5C%3Bnashville-united-states-32922%5C%3Bshenyun-north-america-company-99751%5C%3Bshen-yun-9&fmt=3&is_vtc=1&random=2588085288&rmt_tld=1&ipr=y

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 49P44R50YP54GMKNGTOHPGAN Show response
sdk-02.moengage.com/v3/sdkconfig/web/ 218 B
658 B 73ms
66ms XHR
application/json 2600:9000:2190:1400:11:652e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-02.moengage.com/v3/sdkconfig/web/49P44R50YP54GMKNGTOHPGAN?
Requested by: Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:1400:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e1b5b0996602d2197c430000af48fb14e2f47c81d782eed2a46df40e10f4bbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b78.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: ZRH50-C1
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Iw7bH_KYfWlM1kD41sjzpwzzpjA-9bYeTtf4PnmvUFH-GmlW8G2bCg==
expires: Mon, 06 Feb 2023 13:47:38 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 6662 4 KB
2 KB 143ms
67ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 13:47:39 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ Frame 6A2E 37 KB
37 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@300;400;500&family=Noto+Sans+SC:wght@300;400;500&family=Inter:wght@300;400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ganjing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:51 GMT
x-content-type-options: nosniff
age: 230568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 21:44:51 GMT

GET
H2 200 categories.json Show response
gw.ganjing.com/v1.0c/config/ Frame 6A2E 6 KB
2 KB 547ms
482ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/config/categories.json?ver=1675691259900
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/pages/_app-d4ee09ae49f77dfb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e5f2685526bc2da6a708b16d11c5c1efa3beb373f01fd03a7bc6de993be2339

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ganjing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 795456c6dfba9067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

GET
H2 200 web-config.json Show response
gw.ganjing.com/v1.0c/config/ Frame 6A2E 2 KB
1 KB 555ms
491ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/config/web-config.json?ver=1675691259904
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/pages/_app-d4ee09ae49f77dfb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15570c864faef9d090c6a96f669fd463431b5070f8d40c1348e084d9df967100

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ganjing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 795456c6dfbd9067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

GET
H2 200 matomo.js Show response
tracking.cloudokyo.cloud/ Frame 6A2E 64 KB
21 KB 119ms
36ms Script
application/javascript 2606:4700::6812:1bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.cloudokyo.cloud/matomo.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/pages/_app-d4ee09ae49f77dfb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: public
date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 01:15:14 GMT
server: cloudflare
age: 1113
etag: W/"63d86ba2-10132"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 795456c73cca35f3-FRA
expires: Mon, 06 Feb 2023 17:47:40 GMT

GET
DATA 200
OK truncated
/ Frame 6A2E 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 672.jpg
image1-us-west.cloudokyo.cloud/image/v1/1b/b4/04/1bb404b1-c114-47ee-9a4d-d3ad1b6962e6/ Frame 6A2E 20 KB
20 KB 93ms
28ms Image
image/jpeg 2606:4700::6812:1bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image1-us-west.cloudokyo.cloud/image/v1/1b/b4/04/1bb404b1-c114-47ee-9a4d-d3ad1b6962e6/672.jpg
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b93f7f6f8220bcc6f5b338c14b9c5707c25818283a06ffe73881a2dbf80c112

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
cf-cache-status: HIT
age: 8763
content-length: 20317
cf-bgj: h2pri
last-modified: Sat, 24 Dec 2022 19:27:16 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 795456c739339bc2-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,If-Range,Range
expires: Tue, 07 Feb 2023 13:47:40 GMT

GET
DATA 200
OK truncated
/ Frame 6A2E 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://www.ganjing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ Frame AA86 37 KB
37 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@300;400;500&family=Noto+Sans+SC:wght@300;400;500&family=Inter:wght@300;400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ganjing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:51 GMT
x-content-type-options: nosniff
age: 230568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 21:44:51 GMT

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ Frame EB98 37 KB
37 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@300;400;500&family=Noto+Sans+SC:wght@300;400;500&family=Inter:wght@300;400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ganjing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:51 GMT
x-content-type-options: nosniff
age: 230569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 21:44:51 GMT

GET
H2 200 categories.json Show response
gw.ganjing.com/v1.0c/config/ Frame EB98 6 KB
2 KB 489ms
489ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/config/categories.json?ver=1675691260047
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/pages/_app-d4ee09ae49f77dfb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e5f2685526bc2da6a708b16d11c5c1efa3beb373f01fd03a7bc6de993be2339

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ganjing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 795456c7585a9067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

GET
H2 200 web-config.json Show response
gw.ganjing.com/v1.0c/config/ Frame EB98 2 KB
1 KB 501ms
501ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/config/web-config.json?ver=1675691260048
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/pages/_app-d4ee09ae49f77dfb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15570c864faef9d090c6a96f669fd463431b5070f8d40c1348e084d9df967100

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ganjing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 795456c7585c9067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

GET
DATA 200
OK truncated
/ Frame EB98 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 matomo.js Show response
tracking.cloudokyo.cloud/ Frame EB98 64 KB
21 KB 30ms
30ms Script
application/javascript 2606:4700::6812:1bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.cloudokyo.cloud/matomo.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/pages/_app-d4ee09ae49f77dfb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: public
date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 01:15:14 GMT
server: cloudflare
age: 1113
etag: W/"63d86ba2-10132"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 795456c77d1535f3-FRA
expires: Mon, 06 Feb 2023 17:47:40 GMT

GET
H2 200 672.jpg
image3-us-west.cloudokyo.cloud/image/v1/23/84/ea/2384ea75-18f4-400a-a0a7-447dc2f58e21/ Frame EB98 77 KB
77 KB 813ms
797ms Image
image/jpeg 2606:4700::6812:1bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image3-us-west.cloudokyo.cloud/image/v1/23/84/ea/2384ea75-18f4-400a-a0a7-447dc2f58e21/672.jpg
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 275d51547ad5f87b0047cfa43ecffc2fa8e3c1d80bf638f0267ceae148278db1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
cf-cache-status: MISS
last-modified: Sat, 31 Dec 2022 16:31:50 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 795456c7a9d49bc2-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,If-Range,Range
content-length: 78414
expires: Tue, 07 Feb 2023 13:47:40 GMT

GET
H2 200 categories.json Show response
gw.ganjing.com/v1.0c/config/ Frame AA86 6 KB
2 KB 492ms
492ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/config/categories.json?ver=1675691260117
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/pages/_app-d4ee09ae49f77dfb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e5f2685526bc2da6a708b16d11c5c1efa3beb373f01fd03a7bc6de993be2339

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ganjing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 795456c7c8be9067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

GET
H2 200 web-config.json Show response
gw.ganjing.com/v1.0c/config/ Frame AA86 2 KB
1 KB 475ms
475ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/config/web-config.json?ver=1675691260118
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/pages/_app-d4ee09ae49f77dfb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15570c864faef9d090c6a96f669fd463431b5070f8d40c1348e084d9df967100

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ganjing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 795456c7c8c09067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

GET
DATA 200
OK truncated
/ Frame AA86 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 matomo.js Show response
tracking.cloudokyo.cloud/ Frame AA86 64 KB
21 KB 31ms
31ms Script
application/javascript 2606:4700::6812:1bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.cloudokyo.cloud/matomo.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/pages/_app-d4ee09ae49f77dfb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: public
date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 01:15:14 GMT
server: cloudflare
age: 1113
etag: W/"63d86ba2-10132"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 795456c7eda035f3-FRA
expires: Mon, 06 Feb 2023 17:47:40 GMT

GET
H2 200 672.jpg
image4-us-west.cloudokyo.cloud/image/v1/22/22/d8/2222d8bd-c49b-4be7-ae33-d9383c906b31/ Frame AA86 41 KB
41 KB 805ms
794ms Image
image/jpeg 2606:4700::6812:1bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4-us-west.cloudokyo.cloud/image/v1/22/22/d8/2222d8bd-c49b-4be7-ae33-d9383c906b31/672.jpg
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f498b2bed6d0b7bd02481eded6c63524dd77c5cbdbb6cfbe147e499d6ee9b760

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
cf-cache-status: MISS
last-modified: Wed, 21 Dec 2022 06:09:36 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 795456c82a769bc2-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,If-Range,Range
content-length: 41873
expires: Tue, 07 Feb 2023 13:47:40 GMT

GET
DATA 200
OK truncated
/ Frame AA86 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://www.ganjing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 3108.56c426595bf9b341.js Show response
www.ganjing.com/_next/static/chunks/ Frame 6A2E 106 KB
30 KB 27ms
26ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/3108.56c426595bf9b341.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/webpack-7d0f7d7cd10a9aaa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4444bed4afba1dd71df8b62ebfa1a1fc5094f3e7c56db9701ba4d136778b4cb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384242
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"1a938-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c87ae235fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:40 GMT

POST
H2 200 get-content-url Show response
gw.ganjing.com/v1.0c/ Frame 6A2E 838 B
678 B 184ms
183ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/get-content-url
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/pages/_app-d4ee09ae49f77dfb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32c3e05675bf5eec12631d7c825fae1152ff1ab36d1002050086e8e3be3114b1

Request headers

Accept: application/json, text/plain, */*
X-Cdk-Dsid: d3c7a8cc-8d1e-1ade-f44b-85d3ad4b06e5
Referer: https://www.ganjing.com/
accept-language: de-DE,de;q=0.9
X-Cdk-Lrtm: 2023-02-06 13:47:40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 795456cb9d379067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

OPTIONS
H2 204 get-content-url
gw.ganjing.com/v1.0c/ Frame 0
0 494ms
494ms Preflight 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/get-content-url
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cdk-dsid,x-cdk-lrtm
Access-Control-Request-Method: POST
Origin: https://www.ganjing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 795456c889a19067-FRA
date: Mon, 06 Feb 2023 13:47:40 GMT
server: cloudflare

GET
H2 200 3108.56c426595bf9b341.js Show response
www.ganjing.com/_next/static/chunks/ Frame EB98 106 KB
29 KB 28ms
28ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/3108.56c426595bf9b341.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/webpack-7d0f7d7cd10a9aaa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4444bed4afba1dd71df8b62ebfa1a1fc5094f3e7c56db9701ba4d136778b4cb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384242
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"1a938-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c8bb3a35fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:40 GMT

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 136ms
135ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1204&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 06 Feb 2023 13:47:40 GMT
server: nginx/1.20.1
via: 1.1 google

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 135ms
134ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1202&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 06 Feb 2023 13:47:40 GMT
server: nginx/1.20.1
via: 1.1 google

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 170ms
169ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=6201&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 06 Feb 2023 13:47:40 GMT
server: nginx/1.20.1
via: 1.1 google

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 135ms
134ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=6202&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 06 Feb 2023 13:47:40 GMT
server: nginx/1.20.1
via: 1.1 google

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 135ms
134ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11200&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 06 Feb 2023 13:47:40 GMT
server: nginx/1.20.1
via: 1.1 google

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 135ms
134ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11208&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 06 Feb 2023 13:47:40 GMT
server: nginx/1.20.1
via: 1.1 google

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 137ms
136ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11212&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 06 Feb 2023 13:47:40 GMT
server: nginx/1.20.1
via: 1.1 google

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 136ms
135ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11204&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 06 Feb 2023 13:47:40 GMT
server: nginx/1.20.1
via: 1.1 google

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 135ms
135ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=12201&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 06 Feb 2023 13:47:40 GMT
server: nginx/1.20.1
via: 1.1 google

GET
H2 200 clickly.js Show response
services.epoch.cloud/public-labs/epoch-ai/ 11 KB
3 KB 101ms
32ms Script
application/javascript 2606:4700:e0::ac40:6013
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.epoch.cloud/public-labs/epoch-ai/clickly.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6013 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a922ec72a886ec86707564deb4b9b27358b7ac42563dc11f9d26deca4f6b900a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 20:51:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6580
etag: W/"638670b8-2be0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMYdnlJ2ns2exqzNY7woGLCGrhVrf%2BoyM1DzRKbaRVJpvHWytvVnT2Qt%2BxZMPF4TcsQXFZ08bOr6C4TKJthb2sXEKT5u9u5JEy497IZPlvjTyYwRdO4tysjxqo4c7uX6YuSY9i%2F3tpMD5Y2yIvm%2Bv7MxpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 795456c97a3abb37-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 40 B
56 B 140ms
139ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1204&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length: 40
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 40 B
56 B 140ms
140ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1202&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length: 40
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 40 B
56 B 219ms
219ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=6201&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length: 40
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 40 B
56 B 140ms
140ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=6202&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length: 40
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 41 B
57 B 137ms
137ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11200&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length: 41
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 41 B
57 B 140ms
140ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11208&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length: 41
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 41 B
57 B 161ms
160ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11212&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length: 41
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 41 B
57 B 139ms
139ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11204&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length: 41
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 40 B
56 B 145ms
144ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=12201&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length: 40
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 get-content-url Show response
gw.ganjing.com/v1.0c/ Frame EB98 310 B
441 B 184ms
184ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/get-content-url
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/pages/_app-d4ee09ae49f77dfb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e154104a6d3411b293644c9879b7c1a1c4adeef9b1c5d9a737145281477892bf

Request headers

Accept: application/json, text/plain, */*
X-Cdk-Dsid: ec9ec9fe-f91e-5b17-ff42-ea51a64acc40
Referer: https://www.ganjing.com/
accept-language: de-DE,de;q=0.9
X-Cdk-Lrtm: 2023-02-06 13:47:40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 795456cc2dc69067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

OPTIONS
H2 204 get-content-url
gw.ganjing.com/v1.0c/ Frame 0
0 473ms
473ms Preflight 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/get-content-url
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cdk-dsid,x-cdk-lrtm
Access-Control-Request-Method: POST
Origin: https://www.ganjing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 795456c93a539067-FRA
date: Mon, 06 Feb 2023 13:47:40 GMT
server: cloudflare

GET
H2 200 3108.56c426595bf9b341.js Show response
www.ganjing.com/_next/static/chunks/ Frame AA86 106 KB
29 KB 27ms
27ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/_next/static/chunks/3108.56c426595bf9b341.js
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/webpack-7d0f7d7cd10a9aaa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4444bed4afba1dd71df8b62ebfa1a1fc5094f3e7c56db9701ba4d136778b4cb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 384242
last-modified: Wed, 01 Feb 2023 20:06:05 GMT
server: cloudflare
etag: W/"1a938-1860e961fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c94c0935fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Tue, 06 Feb 2024 13:47:40 GMT

POST
H2 200 get-content-url Show response
gw.ganjing.com/v1.0c/ Frame AA86 838 B
697 B 181ms
180ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/get-content-url
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/pages/_app-d4ee09ae49f77dfb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2781f04682159895f0e8169520c3499a7e3f21d289c987cfb28d3a97df5749ec

Request headers

Accept: application/json, text/plain, */*
X-Cdk-Dsid: ababb811-98bf-7b38-b437-2b50009f9908
Referer: https://www.ganjing.com/
accept-language: de-DE,de;q=0.9
X-Cdk-Lrtm: 2023-02-06 13:47:40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 13:47:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 795456cc6e009067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

OPTIONS
H2 204 get-content-url
gw.ganjing.com/v1.0c/ Frame 0
0 497ms
496ms Preflight 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/get-content-url
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cdk-dsid,x-cdk-lrtm
Access-Control-Request-Method: POST
Origin: https://www.ganjing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 795456c94a6a9067-FRA
date: Mon, 06 Feb 2023 13:47:40 GMT
server: cloudflare

GET
H2 200 icons.svg
www.ganjing.com/img/ Frame 6A2E 250 KB
91 KB 654ms
651ms Other
image/svg+xml 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/img/icons.svg?v=1.5.0.2-noPrebid
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/framework-79bce4a3a540b080.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3fb19c88200f32e38809a0104ca45cf8d916934ee77cceee19fd95c4fc1f6e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 17:13:52 GMT
server: cloudflare
etag: W/"3e825-186131ed080"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c94c1635fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Mon, 06 Feb 2023 17:47:40 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-d/s/0.7.1/ 55 KB
23 KB 54ms
53ms Script
application/javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-d/s/0.7.1/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/138003605
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
etag: W/"1d936557825629e"
vary: Accept-Encoding
x-azure-ref: 20230206T134740Z-yqtz5r772d7wp63x06ppfy8cds00000000f00000000054b7
content-type: application/javascript;charset=utf-8
x-cache: TCP_HIT
cache-control: public, max-age=86400
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 icons.svg
www.ganjing.com/img/ Frame EB98 250 KB
91 KB 642ms
641ms Other
image/svg+xml 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/img/icons.svg?v=1.5.0.2-noPrebid
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/framework-79bce4a3a540b080.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3fb19c88200f32e38809a0104ca45cf8d916934ee77cceee19fd95c4fc1f6e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 17:13:52 GMT
server: cloudflare
etag: W/"3e825-186131ed080"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c94c1b35fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Mon, 06 Feb 2023 17:47:40 GMT

GET
H2 200 / Show response
a.clickcertain.com/px/cont/ Frame 328F 1 KB
1012 B 124ms
124ms Document
text/html 2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&cn=DE
Requested by: Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f690f99d81101e80055dffdc306458f23089ff9a578e9e31a716013ecb89f2e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 795456c9598d9024-FRA
content-encoding: br
content-type: text/html
date: Mon, 06 Feb 2023 13:47:40 GMT
etag: W/"N2U0N2IyZDBnZWYzZWc0MTQ3Z2FiNzhnMzM4YzYwNjc0MGU3LXow"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fS13IR0VMV3tP8yaQw56CJLz32z2rNz5s4n6la9djILlmJsWp0KPcQ7yqBHBcPYMYUjodl%2B0UgrnaA2I4OuQ4psAPwe8gAkSZyfIo%2FB1rpmur9JxujDanqqVUrD0HvF1mR9mad5EpisIj%2F%2FLfcrW%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frontend: cc-nginx-64dcbdf744-nrsqj:cc-nginx-64dcbdf744-nrsqj
x-requestid: c9e68f61-0af8-489f-bbeb-b23088aaabeb

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/109/ Frame 6662 50 KB
15 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/109/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14851
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 15:07:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 06 Feb 2023 19:27:00 GMT

GET
H2 200 icons.svg
www.ganjing.com/img/ Frame AA86 250 KB
91 KB 655ms
654ms Other
image/svg+xml 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/img/icons.svg?v=1.5.0.2-noPrebid
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/framework-79bce4a3a540b080.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3fb19c88200f32e38809a0104ca45cf8d916934ee77cceee19fd95c4fc1f6e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:41 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 17:13:52 GMT
server: cloudflare
etag: W/"3e825-186131ed080"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456c96c3335fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Mon, 06 Feb 2023 17:47:40 GMT

POST
H2 204 matomo.php
tracking.cloudokyo.cloud/ Frame 6A2E 0
0 508ms
507ms Ping
text/html 2606:4700::6812:1bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.cloudokyo.cloud/matomo.php?action_name=Gan%20Jing%20World&idsite=3&rec=1&r=919425&h=13&m=47&s=40&url=https%3A%2F%2Fwww.ganjing.com%2Fembed%2F1f85ha3tqs04ybK5PQYbbDocj13v1c&urlref=https%3A%2F%2Fwww.theepochtimes.com%2F&_id=793c138f05bbcfc7&_idn=1&send_image=0&_refts=1675691260&_ref=https%3A%2F%2Fwww.theepochtimes.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=fbIbeI&pf_net=0&pf_srv=495&pf_tfr=0&pf_dm1=157&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: tracking.cloudokyo.cloud
URL: https://tracking.cloudokyo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ganjing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

POST
H2 204 matomo.php
tracking.cloudokyo.cloud/ Frame EB98 0
0 492ms
490ms Ping
text/html 2606:4700::6812:1bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.cloudokyo.cloud/matomo.php?action_name=Gan%20Jing%20World&idsite=3&rec=1&r=783523&h=13&m=47&s=40&url=https%3A%2F%2Fwww.ganjing.com%2Fembed%2F1fh48unhl3k7gGsykwlK2vwkT1q61c&urlref=https%3A%2F%2Fwww.theepochtimes.com%2F&_id=f2e3ee78c2da4ee6&_idn=1&send_image=0&_refts=1675691260&_ref=https%3A%2F%2Fwww.theepochtimes.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=Y7iQ4K&pf_net=0&pf_srv=491&pf_tfr=1&pf_dm1=101&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: tracking.cloudokyo.cloud
URL: https://tracking.cloudokyo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ganjing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

GET
H2 200 send Show response
gw.ganjing.com/v1.0c/uba/ Frame EB98 49 B
325 B 492ms
491ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/uba/send?en=loadvast&cid=e399ff30-981f-88c6-f01a-f31210b0499e&cnt_id=1fh48unhl3k7gGsykwlK2vwkT1q61c&host=www.theepochtimes.com
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/3108.56c426595bf9b341.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8995ee4141c011fb83a3e22382c7d1a9e9f4dc41fde975fe8fe4d2cedccc8b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 795456c9bae39067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

GET
H2 404 get-vast-xml Show response
api-a.ganjingworld.com/v1s/adsserver/ Frame EB98 0
488 B 554ms
145ms XHR
text/xml 3.228.92.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api-a.ganjingworld.com/v1s/adsserver/get-vast-xml?lang=en-US&cid=e399ff30-981f-88c6-f01a-f31210b0499e&cnt_id=1fh48unhl3k7gGsykwlK2vwkT1q61c&chl=1fgvsk19rtp1jHk2ve5WEeuzC10l0c&host=www.theepochtimes.com
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/3108.56c426595bf9b341.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.92.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-92-45.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
x-amzn-requestid: 2efdaf6c-e06b-4889-be49-56777824ff0a
x-amz-apigw-id: f623iHX1IAMFvnA=
content-length: 0
x-proc-time: 0
pragma: no-cache
x-atask-state: 0
x-amzn-trace-id: Root=1-63e104fc-70a715523b26dba36ab8a8ff
vary: Origin
access-control-allow-methods: POST, GET, PUT, DELETE
content-type: text/xml
access-control-allow-origin: *
access-control-expose-headers: X-Num-2, X-Num-3, X-Num-4, X-Num-5
cache-control: no-cache, no-store, must-revalidate
access-control-max-age: 600
access-control-allow-headers: Content-Type,Role,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Cdk-Dsid,X-Cdk-Lrtm
expires: 0

POST
H2 204 matomo.php
tracking.cloudokyo.cloud/ Frame AA86 0
0 490ms
488ms Ping
text/html 2606:4700::6812:1bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.cloudokyo.cloud/matomo.php?action_name=Gan%20Jing%20World&idsite=3&rec=1&r=488806&h=13&m=47&s=40&url=https%3A%2F%2Fwww.ganjing.com%2Fembed%2F1ellvldt380LQXQvrQHdPnUUx1m91c&urlref=https%3A%2F%2Fwww.theepochtimes.com%2F&_id=c89dc346037955bc&_idn=1&send_image=0&_refts=1675691260&_ref=https%3A%2F%2Fwww.theepochtimes.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=vAPIIf&pf_net=60&pf_srv=510&pf_tfr=2&pf_dm1=152&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: tracking.cloudokyo.cloud
URL: https://tracking.cloudokyo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ganjing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

GET
H2 200 send Show response
gw.ganjing.com/v1.0c/uba/ Frame 6A2E 49 B
324 B 202ms
202ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/uba/send?en=loadvast&cid=251be712-a9bd-7b6b-237b-1f7df55bf872&cnt_id=1f85ha3tqs04ybK5PQYbbDocj13v1c&host=www.theepochtimes.com
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/3108.56c426595bf9b341.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8995ee4141c011fb83a3e22382c7d1a9e9f4dc41fde975fe8fe4d2cedccc8b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 795456c9baf39067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

GET
H2 404 get-vast-xml Show response
api-a.ganjingworld.com/v1s/adsserver/ Frame 6A2E 0
487 B 627ms
223ms XHR
text/xml 3.228.92.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api-a.ganjingworld.com/v1s/adsserver/get-vast-xml?lang=en-US&cid=251be712-a9bd-7b6b-237b-1f7df55bf872&cnt_id=1f85ha3tqs04ybK5PQYbbDocj13v1c&chl=1eiqjdnq7go12YJJLqH6qcFfJ1020c&host=www.theepochtimes.com
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/3108.56c426595bf9b341.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.92.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-92-45.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:41 GMT
x-amzn-requestid: 113d7ac1-93f6-4663-8aea-ca0c8b1f0248
x-amz-apigw-id: f623iFTboAMFnqw=
content-length: 0
x-proc-time: 0
pragma: no-cache
x-atask-state: 0
x-amzn-trace-id: Root=1-63e104fc-70307e8d3547edb717bca408
vary: Origin
access-control-allow-methods: POST, GET, PUT, DELETE
content-type: text/xml
access-control-allow-origin: *
access-control-expose-headers: X-Num-2, X-Num-3, X-Num-4, X-Num-5
cache-control: no-cache, no-store, must-revalidate
access-control-max-age: 600
access-control-allow-headers: Content-Type,Role,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Cdk-Dsid,X-Cdk-Lrtm
expires: 0

GET
H2 200 send Show response
gw.ganjing.com/v1.0c/uba/ Frame AA86 49 B
325 B 192ms
192ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/uba/send?en=loadvast&cid=f1009ffd-2bc4-d9e9-61f3-dcc896a4e1c9&cnt_id=1ellvldt380LQXQvrQHdPnUUx1m91c&host=www.theepochtimes.com
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/3108.56c426595bf9b341.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8995ee4141c011fb83a3e22382c7d1a9e9f4dc41fde975fe8fe4d2cedccc8b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 795456c9db0f9067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

GET
H2 404 get-vast-xml Show response
api-a.ganjingworld.com/v1s/adsserver/ Frame AA86 0
486 B 537ms
145ms XHR
text/xml 3.228.92.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api-a.ganjingworld.com/v1s/adsserver/get-vast-xml?lang=en-US&cid=f1009ffd-2bc4-d9e9-61f3-dcc896a4e1c9&cnt_id=1ellvldt380LQXQvrQHdPnUUx1m91c&chl=1eiqjdnq7go12YJJLqH6qcFfJ1020c&host=www.theepochtimes.com
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/3108.56c426595bf9b341.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.92.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-92-45.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
x-amzn-requestid: 9ae98e7f-7cfa-4c30-8d1d-a11f4eb59095
x-amz-apigw-id: f623iFS0oAMFtFw=
content-length: 0
x-proc-time: 0
pragma: no-cache
x-atask-state: 0
x-amzn-trace-id: Root=1-63e104fc-0a1ab62b4621e63f72658924
vary: Origin
access-control-allow-methods: POST, GET, PUT, DELETE
content-type: text/xml
access-control-allow-origin: *
access-control-expose-headers: X-Num-2, X-Num-3, X-Num-4, X-Num-5
cache-control: no-cache, no-store, must-revalidate
access-control-max-age: 600
access-control-allow-headers: Content-Type,Role,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Cdk-Dsid,X-Cdk-Lrtm
expires: 0

GET
H2 200 wiki.json Show response
gw.ganjing.com/v1.0c/config/ Frame 6A2E 799 B
615 B 478ms
478ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/config/wiki.json?ver=1675691260485
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/pages/_app-d4ee09ae49f77dfb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac52503cb4e2312bf4bc111e50f819368be649df3d19dd844722964a9ff02911

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ganjing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 795456ca1b5c9067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

GET
H2

204

/
a.clickcertain.com/px/ta/ Frame 328F
Redirect Chain

https://a.clickcertain.com/px/ta/?ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=7e47b2d0-ef3e-4147-ab78-338c606740e7&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=7e47b2d0-ef3e-4147-ab78-338c606740e7&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
https://a.clickcertain.com/px/ta/?done=true&ta_id=865eafce-2c98-4a27-9c64-388146cfe6c0

0
437 B

140ms
140ms

Image
text/plain

2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/ta/?done=true&ta_id=865eafce-2c98-4a27-9c64-388146cfe6c0
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&cn=DE
Protocol: H2
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:41 GMT
x-frontend: cc-nginx-64dcbdf744-ht6nt:cc-nginx-64dcbdf744-ht6nt
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 0b712306-8128-4ef0-8e01-f119d8636cae
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLaqz%2Ba%2FjIygVOMNL96RXFaUrIosaTc1uuXLI3AD2aejF%2FaaI4l%2B3nYlRPKf%2BtPVM2YM2Bb0KlN3oks2fg%2BAm3PXJ6DbSAdyehGIHrBRWMT3QggbHv6piag2cNnRPvZ932n78hwFDi3KzNQMGulKVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 795456ccacb29024-FRA

Redirect headers

date: Mon, 06 Feb 2023 13:47:40 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://a.clickcertain.com/px/ta/?done=true&ta_id=865eafce-2c98-4a27-9c64-388146cfe6c0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

/
a.clickcertain.com/px/t/ Frame 328F
Redirect Chain

https://a.usbrowserspeed.com/cs?puid=1e1a275e-0168-563d-b881-609c9ef32ab4&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256...
https://a.clickcertain.com/px/t/?done=true&uid=a0539d18-de23-40be-8747-17efa8f0f618&hem=

0
334 B

136ms
136ms

Image
text/plain

2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/t/?done=true&uid=a0539d18-de23-40be-8747-17efa8f0f618&hem=
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&cn=DE
Protocol: H2
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:41 GMT
x-frontend: cc-nginx-64dcbdf744-nrsqj:cc-nginx-64dcbdf744-nrsqj
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 57dc604e-0b9b-49c4-9ad7-b8b22b405872
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1kbMeMLICpdZ5OTJioPRxDln%2BnLmw5udjhvs7qDc1RlyAX92PR9UcyQcMRk%2FFSksEEKImPUvDfA%2BFRc110VmxQLSM5zYJ%2B9uZG7WRUa5jiuukiWo5depDm2xMiQxr7ZSDRKyzGbl5MrroQWBJSCFw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 795456cf3f3b9024-FRA

Redirect headers

location: https://a.clickcertain.com/px/t/?done=true&uid=a0539d18-de23-40be-8747-17efa8f0f618&hem=
date: Mon, 06 Feb 2023 13:47:41 GMT
server: awselb/2.0
content-length: 119
content-type: text/html; charset=utf-8

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 328F
Redirect Chain

https://a.clickcertain.com/px/r/?ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=7e47b2d0-ef3e-4147-ab78-338c606740e7&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%2...
https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%2...
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D7e47b2d0%2Def3e%2D414...
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&anx_uId=$UID
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D7e47b2d0-ef3e-4147-ab78-338c606740e7%26anx_uId%3D%24UID
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&anx_uId=2914621564580346733
https://x.bidswitch.net/sync?dsp_id=179&user_id=7e47b2d0-ef3e-4147-ab78-338c606740e7&expires=5&user_group=0
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=7e47b2d0-ef3e-4147-ab78-338c606740e7&expires=5&user_group=0

43 B
344 B

28ms
28ms

Image
image/gif

18.193.251.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=7e47b2d0-ef3e-4147-ab78-338c606740e7&expires=5&user_group=0
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&cn=DE
Protocol: H2
Server: 18.193.251.179 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-251-179.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=7e47b2d0-ef3e-4147-ab78-338c606740e7&expires=5&user_group=0
date: Mon, 06 Feb 2023 13:47:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 wiki.json Show response
gw.ganjing.com/v1.0c/config/ Frame EB98 799 B
615 B 181ms
181ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/config/wiki.json?ver=1675691260540
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/pages/_app-d4ee09ae49f77dfb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac52503cb4e2312bf4bc111e50f819368be649df3d19dd844722964a9ff02911

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ganjing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 795456ca6bb99067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

POST
H2 204 collect Show response
j.clarity.ms/ 0
169 B 395ms
113ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-d/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: https://www.theepochtimes.com
date: Mon, 06 Feb 2023 13:47:40 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 40 B
56 B 157ms
157ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1209&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length: 40
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 151ms
151ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=1209&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 06 Feb 2023 13:47:40 GMT
server: nginx/1.20.1
via: 1.1 google

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 40 B
56 B 135ms
135ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11214&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length: 40
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 get Show response
subs.theepochtimes.com/template/ 205 B
222 B 142ms
142ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/template/get?tid=924e14b9-3ed2-41d0-ae93-07246a558b57&sid=www.theepochtimes.com
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: fbd96f97dfabbb444dd155929e9632f5049251e4a8885989179fffb74ea6348a

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length: 205
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 wiki.json Show response
gw.ganjing.com/v1.0c/config/ Frame AA86 799 B
913 B 182ms
181ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/config/wiki.json?ver=1675691260612
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/pages/_app-d4ee09ae49f77dfb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac52503cb4e2312bf4bc111e50f819368be649df3d19dd844722964a9ff02911

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ganjing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 795456cadc369067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

POST
H3 200 auth Show response
subs.theepochtimes.com/subs/ 40 B
56 B 161ms
161ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11217&subscribed=
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 13:47:40 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
content-length: 40
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 135ms
135ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11214&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 06 Feb 2023 13:47:40 GMT
server: nginx/1.20.1
via: 1.1 google

OPTIONS
H3 200 auth
subs.theepochtimes.com/subs/ Frame 0
0 135ms
135ms Preflight 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/subs/auth?siteid=www.theepochtimes.com&planid=4c14e06e-dead-4a19-833b-f676ae9d77da&nid=11217&subscribed=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.theepochtimes.com
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 06 Feb 2023 13:47:40 GMT
server: nginx/1.20.1
via: 1.1 google

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1174897216&t=event&_s=2&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&ul=en-us&de=UTF-8&dt=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Impression&ea=anonymous&el=&ev=0&_u=aHBACEABBAAAACAAI~&jid=&gjid=&cid=1234335394.1675691259&uid=anonb09f-18b3-4164-8de8-ac416d6ed5b8&tid=UA-10465455-30&_gid=798903115.1675691259&cd1=31712&cd3=%3Baudience-comments-31712%3Bcity-2-31714%3Bcompany-2-31711%3Beditors-picks-31718%3Bnashville-united-states-32922%3Bshenyun-north-america-company-99751%3Bshen-yun-9%3B&cd4=%3Btop-stories-98893%3B&cd5=%3Baudience-comments-31712%3Bcity-2-31714%3Bcompany-2-31711%3Beditors-picks-31718%3Bnashville-united-states-32922%3Bshenyun-north-america-company-99751%3Bshen-yun-9%3B&cd21=5033767&cd23=Epoch%20Newsroom&cd26=Audience%20Comments&cd28=%3BAudience%20Comments%3BCity%3BCompany%3BEditor%27s%20Picks%3BNashville%3BNorth%20America%20Company%3BShen%20Yun%3BUnited%20States%3B&cd29=%3Bshen%20yun%3B&cd30=20230204&cd31=20230204&cd33=1014&cd42=%3Bshen-yun%3B&cd43=post&cd18=anonb09f-18b3-4164-8de8-ac416d6ed5b8&z=1880706649

Requested by

Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 11:06:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9695
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 master-m3u8 Show response
gw.ganjing.com/v1.0c/ Frame 6A2E 1 KB
733 B 192ms
192ms XHR
application/x-mpegurl 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/master-m3u8?id=1f85ha3tqs04ybK5PQYbbDocj13v1c&auth=i39OYji2Pw-qdp2ph8wiGp77MbHGUvNmps3ScwozYdPIl23i3SizlXp07h8vaIWebJ15aRcR68MwF6iDFgeF-1iP40V6phxAEaLQJUJJfRG8TvgNNMpLfgSchi7V8txElmII3lWruRpIh7M5QC37Db8BN_9kh8vvwWZry3B1BVsjn8-fpyyEsgH_Yb_l5OCHIQ0tN7tXe06FBrBIOIZ07uGPtIMCvOO7langO1D5kT2URnRRzFpJhZURux9b0lwnTIfIUbGyTZBBqQ&no_360=1
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/1502-7aee2157a1c21dc0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08373e7a30d6290c2589892e38680856f5bd5ddf68cae2d51cabdbb7ae59a06c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/x-mpegURL
access-control-allow-credentials: true
cf-ray: 795456ccee6b9067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

GET
BLOB 200
OK f01e20e8-01fd-4c64-bf58-caa6d62f6e94
https://www.ganjing.com/ Frame 6A2E 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ganjing.com/f01e20e8-01fd-4c64-bf58-caa6d62f6e94
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6edb4ac16ca9fae56a54c7424635ec19dd1f3d0dfb3d79d7a9d2f25eea174dd3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 5952
Content-Type: application/javascript

GET
BLOB 200
OK 1146c7e6-bf81-44af-8abf-0c77a4f2aa64
https://www.ganjing.com/ Frame 6A2E 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ganjing.com/1146c7e6-bf81-44af-8abf-0c77a4f2aa64
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dfa8f9f287331eb5f03ea97738e4e2f71d988728a85c7983f11156cdb283932

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 80664
Content-Type: application/javascript

GET
BLOB 200
OK 59b38481-5871-4ccd-829d-ccd62de1c5ca
https://www.ganjing.com/ Frame 6A2E 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ganjing.com/59b38481-5871-4ccd-829d-ccd62de1c5ca
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dfa8f9f287331eb5f03ea97738e4e2f71d988728a85c7983f11156cdb283932

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 80664
Content-Type: application/javascript

GET
H2 200 master.m3u8 Show response
media3-us-east.cloudokyo.cloud/video/v5/1c/ae/0e/1cae0eb5-2fc3-4abb-95ac-68a42c28eb0b/ Frame EB98 465 B
633 B 434ms
43ms XHR
application/x-mpegurl 2a02:26f0:11a::217:9a73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media3-us-east.cloudokyo.cloud/video/v5/1c/ae/0e/1cae0eb5-2fc3-4abb-95ac-68a42c28eb0b/master.m3u8
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/1502-7aee2157a1c21dc0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a73 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5d9e7e9f3bd902b6a64768afcf04ddebe7756b7807de36c2426049b2f6514e72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:41 GMT
content-encoding: gzip
akamai-mon-iucid-del: 1264050
content-length: 198
last-modified: Fri, 06 Jan 2023 19:30:53 GMT
server: nginx
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control: max-age=15715966
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 master-m3u8 Show response
gw.ganjing.com/v1.0c/ Frame AA86 1 KB
725 B 187ms
187ms XHR
application/x-mpegurl 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/master-m3u8?id=1ellvldt380LQXQvrQHdPnUUx1m91c&auth=94CvdYIyDOaR1CeT_6SKTgh5nSqvUKDFGpH7fAtb4k98tg9rxbZvxoSmQV40lIRAaAGCKRBpPM0G5Xk2XkLuL__ZiA3vPgybEsCR4E0WxFJcCUhRhCkzgT50v7g5wqoPSsySJXH9FUGaWtcowldq0DCSnMymZkCls-tsKDlErniTw1OX1PvSFqQpM4HpgqBseLQFhUZHFgTSn6ODE4ryPjFdf8dWM9R2VbfuOAhw97dcpH3lSHhqniEP2vs2zt49RuSXAWgbAKlT-g&no_360=1
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/1502-7aee2157a1c21dc0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f20acc2c6c582f72db6ba295b8ae453e621b3b596ba4ed01744eeb87945d024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/x-mpegURL
access-control-allow-credentials: true
cf-ray: 795456cddf549067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

GET
BLOB 200
OK 217fefea-4fa4-4676-b366-b5655010d629
https://www.ganjing.com/ Frame EB98 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ganjing.com/217fefea-4fa4-4676-b366-b5655010d629
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6edb4ac16ca9fae56a54c7424635ec19dd1f3d0dfb3d79d7a9d2f25eea174dd3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 5952
Content-Type: application/javascript

GET
BLOB 200
OK 8ea48c5d-9d42-4e8a-a85c-df2a2c4b8c87
https://www.ganjing.com/ Frame EB98 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ganjing.com/8ea48c5d-9d42-4e8a-a85c-df2a2c4b8c87
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dfa8f9f287331eb5f03ea97738e4e2f71d988728a85c7983f11156cdb283932

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 80664
Content-Type: application/javascript

GET
BLOB 200
OK d9183e9c-3eb5-4a2e-a01d-c59d94a34a69
https://www.ganjing.com/ Frame EB98 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ganjing.com/d9183e9c-3eb5-4a2e-a01d-c59d94a34a69
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dfa8f9f287331eb5f03ea97738e4e2f71d988728a85c7983f11156cdb283932

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 80664
Content-Type: application/javascript

GET
BLOB 200
OK 16cac062-ba9d-4558-8a32-0f71152a687a
https://www.ganjing.com/ Frame AA86 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ganjing.com/16cac062-ba9d-4558-8a32-0f71152a687a
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6edb4ac16ca9fae56a54c7424635ec19dd1f3d0dfb3d79d7a9d2f25eea174dd3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 5952
Content-Type: application/javascript

GET
BLOB 200
OK 6b95bb72-c1a5-4bf0-afc3-8dfd3bcd0d96
https://www.ganjing.com/ Frame AA86 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ganjing.com/6b95bb72-c1a5-4bf0-afc3-8dfd3bcd0d96
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dfa8f9f287331eb5f03ea97738e4e2f71d988728a85c7983f11156cdb283932

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 80664
Content-Type: application/javascript

GET
BLOB 200
OK cee7e88c-2195-4ba7-99ee-c9d36041f594
https://www.ganjing.com/ Frame AA86 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ganjing.com/cee7e88c-2195-4ba7-99ee-c9d36041f594
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dfa8f9f287331eb5f03ea97738e4e2f71d988728a85c7983f11156cdb283932

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 80664
Content-Type: application/javascript

GET
H2 200 index-m3u8 Show response
gw.ganjing.com/v1.0c/ Frame 6A2E 2 KB
1 KB 193ms
193ms XHR
application/x-mpegurl 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/index-m3u8?v=v480p&id=1f85ha3tqs04ybK5PQYbbDocj13v1c&auth=i39OYji2Pw-qdp2ph8wiGp77MbHGUvNmps3ScwozYdPIl23i3SizlXp07h8vaIWebJ15aRcR68MwF6iDFgeF-1iP40V6phxAEaLQJUJJfRG8TvgNNMpLfgSchi7V8txElmII3lWruRpIh7M5QC37Db8BN_9kh8vvwWZry3B1BVsjn8-fpyyEsgH_Yb_l5OCHIQ0tN7tXe06FBrBIOIZ07uGPtIMCvOO7langO1D5kT2URnRRzFpJhZURux9b0lwnTIfIUbGyTZBBqQ
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/1502-7aee2157a1c21dc0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af8ef53c6c60414819ee640a637d4cec43ce03a0e9a14449efe0e4a944a4ff54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/x-mpegURL
access-control-allow-credentials: true
cf-ray: 795456ce1fc29067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

GET
H2 200 index-m3u8 Show response
gw.ganjing.com/v1.0c/ Frame AA86 14 KB
2 KB 198ms
198ms XHR
application/x-mpegurl 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/index-m3u8?v=v480p&id=1ellvldt380LQXQvrQHdPnUUx1m91c&auth=94CvdYIyDOaR1CeT_6SKTgh5nSqvUKDFGpH7fAtb4k98tg9rxbZvxoSmQV40lIRAaAGCKRBpPM0G5Xk2XkLuL__ZiA3vPgybEsCR4E0WxFJcCUhRhCkzgT50v7g5wqoPSsySJXH9FUGaWtcowldq0DCSnMymZkCls-tsKDlErniTw1OX1PvSFqQpM4HpgqBseLQFhUZHFgTSn6ODE4ryPjFdf8dWM9R2VbfuOAhw97dcpH3lSHhqniEP2vs2zt49RuSXAWgbAKlT-g
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/1502-7aee2157a1c21dc0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9773358aaf874e5925868ae1087185ca7e491992df5df49dccf083a151589d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1728000
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/x-mpegURL
access-control-allow-credentials: true
cf-ray: 795456cf08b39067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role

POST
H2 200 senddata Show response
subsapi.epoch.cloud/db/ 16 B
322 B 142ms
142ms XHR
text/plain 2606:4700:e0::ac40:6113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subsapi.epoch.cloud/db/senddata
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 13:47:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIAp4%2BQijrn4kooKfc8Mp%2Fva6%2FL0EC7jYdASvl4vb8a%2BZBkGr90VHUl6GHwIB459yxWouHVTdUOUEKhqwj9rOEJJU4abRFRh3BThrjlsMhPglzhDL8NwZgFSUZYaj8g667xIk0yaZv26V48sRjKGrC6P"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
cf-ray: 795456d09909bbc5-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 16
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 senddata
subsapi.epoch.cloud/db/ Frame 0
0 209ms
132ms Preflight 2606:4700:e0::ac40:6113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subsapi.epoch.cloud/db/senddata
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 795456cfcf6ebbc5-FRA
content-length: 0
date: Mon, 06 Feb 2023 13:47:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfI6bePQscSDYxVaT5m8svUh1khBLhG3KvQktuYU4Q48msfVlQAl5eyMsJgkgEcriS37sGBxVyGGsKrPLx2FY6KuJtP7usG5gPdm40tpEbtMtmmnbG37tAaqXyCwB5V%2FyLwMJGmXsdPtowPbyppIImy9"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 get-video-key Show response
gw.ganjing.com/v1.0c/ Frame 6A2E 16 B
293 B 177ms
177ms XHR
application/octet-stream 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/get-video-key?id=1f85ha3tqs04ybK5PQYbbDocj13v1c&auth=i39OYji2Pw-qdp2ph8wiGp77MbHGUvNmps3ScwozYdPIl23i3SizlXp07h8vaIWebJ15aRcR68MwF6iDFgeF-1iP40V6phxAEaLQJUJJfRG8TvgNNMpLfgSchi7V8txElmII3lWruRpIh7M5QC37Db8BN_9kh8vvwWZry3B1BVsjn8-fpyyEsgH_Yb_l5OCHIQ0tN7tXe06FBrBIOIZ07uGPtIMCvOO7langO1D5kT2URnRRzFpJhZURux9b0lwnTIfIUbGyTZBBqQ
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/1502-7aee2157a1c21dc0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec100bb81ce9e5f4bcaa8015c1be65b4b98f60ea4ddefb81a5c4facda2d271ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 1728000
access-control-allow-credentials: true
cf-ray: 795456cf59079067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
content-length: 16

GET
H2 206 segment.ts Show response
media1-us-west.cloudokyo.cloud/video/v3/9c/6b/1d/9c6b1d06-71f6-4456-a680-a576bb024a2f/ab702fdf33ac1b2d/v480p/ Frame 6A2E 555 KB
557 KB 333ms
67ms XHR
video/mp2t 2a02:26f0:11a::217:9a71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media1-us-west.cloudokyo.cloud/video/v3/9c/6b/1d/9c6b1d06-71f6-4456-a680-a576bb024a2f/ab702fdf33ac1b2d/v480p/segment.ts
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/1502-7aee2157a1c21dc0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a71 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f2f77ab9e297524f71a6b8485b5edeaf1fad2bd362cce8bc4c640a20bd1e49e2

Request headers

Referer: https://www.ganjing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range: bytes=0-568527

Response headers

date: Mon, 06 Feb 2023 13:47:41 GMT
last-modified: Thu, 08 Sep 2022 15:56:10 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
Content-Range: bytes 0-568527/6404720
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control: max-age=15708637
access-control-allow-credentials: true
akamai-mon-iucid-del: 1264050
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length: 568528

GET
H2 200 index.m3u8 Show response
media3-us-east.cloudokyo.cloud/video/v5/1c/ae/0e/1cae0eb5-2fc3-4abb-95ac-68a42c28eb0b/v360p/ Frame EB98 775 B
694 B 93ms
93ms XHR
application/x-mpegurl 2a02:26f0:11a::217:9a73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media3-us-east.cloudokyo.cloud/video/v5/1c/ae/0e/1cae0eb5-2fc3-4abb-95ac-68a42c28eb0b/v360p/index.m3u8
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/1502-7aee2157a1c21dc0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a73 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 379fa6d12c2e4423529ef7f16d2d359db84e926c7e94933bd78d4c0edc623f16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:41 GMT
content-encoding: gzip
akamai-mon-iucid-del: 1264050
content-length: 259
last-modified: Fri, 06 Jan 2023 19:30:53 GMT
server: nginx
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control: max-age=15717059
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 206 segment.ts Show response
media3-us-east.cloudokyo.cloud/video/v5/1c/ae/0e/1cae0eb5-2fc3-4abb-95ac-68a42c28eb0b/v360p/ Frame EB98 787 KB
790 KB 114ms
114ms XHR
video/mp2t 2a02:26f0:11a::217:9a73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media3-us-east.cloudokyo.cloud/video/v5/1c/ae/0e/1cae0eb5-2fc3-4abb-95ac-68a42c28eb0b/v360p/segment.ts
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/1502-7aee2157a1c21dc0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a73 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 32bb585261c36ace1782599587f8d8e07b33cd5862b22992ae16e0038e9a41ac

Request headers

Referer: https://www.ganjing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range: bytes=0-805955

Response headers

date: Mon, 06 Feb 2023 13:47:41 GMT
last-modified: Fri, 06 Jan 2023 19:30:53 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
Content-Range: bytes 0-805955/5506708
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control: max-age=15757413
access-control-allow-credentials: true
akamai-mon-iucid-del: 1264050
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length: 805956

GET
H2 200 get-video-key Show response
gw.ganjing.com/v1.0c/ Frame AA86 16 B
275 B 185ms
185ms XHR
application/octet-stream 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.ganjing.com/v1.0c/get-video-key?id=1ellvldt380LQXQvrQHdPnUUx1m91c&auth=94CvdYIyDOaR1CeT_6SKTgh5nSqvUKDFGpH7fAtb4k98tg9rxbZvxoSmQV40lIRAaAGCKRBpPM0G5Xk2XkLuL__ZiA3vPgybEsCR4E0WxFJcCUhRhCkzgT50v7g5wqoPSsySJXH9FUGaWtcowldq0DCSnMymZkCls-tsKDlErniTw1OX1PvSFqQpM4HpgqBseLQFhUZHFgTSn6ODE4ryPjFdf8dWM9R2VbfuOAhw97dcpH3lSHhqniEP2vs2zt49RuSXAWgbAKlT-g
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/1502-7aee2157a1c21dc0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a838889736482c9db2512016d13c92eccd121b3cfe4c974aad90ec46bf1020ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 1728000
access-control-allow-credentials: true
cf-ray: 795456d13ad59067-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
content-length: 16

GET
H2 206 segment.ts Show response
media1-us-west.cloudokyo.cloud/video/v3/d4/0b/c8/d40bc8bc-c8da-4203-b797-696fb8025fb4/620d06cf3534faa9/v480p/ Frame AA86 266 KB
268 KB 735ms
735ms XHR
video/mp2t 2a02:26f0:11a::217:9a71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media1-us-west.cloudokyo.cloud/video/v3/d4/0b/c8/d40bc8bc-c8da-4203-b797-696fb8025fb4/620d06cf3534faa9/v480p/segment.ts
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/1502-7aee2157a1c21dc0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a71 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4c71178b4f9376a4d0acd7def1014a4d13641c9a618b9f584e3111de7ac34aa0

Request headers

Referer: https://www.ganjing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range: bytes=0-272799

Response headers

date: Mon, 06 Feb 2023 13:47:42 GMT
last-modified: Fri, 19 Aug 2022 04:25:37 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
Content-Range: bytes 0-272799/24511296
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control: max-age=15768000
access-control-allow-credentials: true
akamai-mon-iucid-del: 1264050
access-control-allow-headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Content-Length: 272800

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 6662 28 B
54 B 61ms
61ms XHR
application/json 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-Goog-Request-Time: 1675691261753
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/zTAtXS8E_Do?wmode=transparent&wmode=opaque
X-YouTube-Client-Version: 1.20230131.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtWMEx2X2NYcFlkNCj6iYSfBg%3D%3D
X-YouTube-Ad-Signals: dt=1675691259190&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C400%2C225&vis=1&wgl=true&ca_type=image&bid=ANyPxKoDKz7oSsJo9jIunyn7UiZ7MqHWy0CWGY48Yp7B6YnoM219PcdO8rDsnnXuTQVeXtsQ53msFDcBiPKvK6FGdXbe3YPI7Q

Response headers

date: Mon, 06 Feb 2023 13:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Mon, 06 Feb 2023 13:47:41 GMT

GET
H2 200 icons.svg
www.ganjing.com/img/ Frame 6A2E 250 KB
91 KB 186ms
185ms Other
image/svg+xml 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/img/icons.svg?v=1.5.0.2-noPrebid
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/framework-79bce4a3a540b080.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3fb19c88200f32e38809a0104ca45cf8d916934ee77cceee19fd95c4fc1f6e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1f85ha3tqs04ybK5PQYbbDocj13v1c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:42 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 17:13:52 GMT
server: cloudflare
etag: W/"3e825-186131ed080"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456d2ab4b35fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Mon, 06 Feb 2023 17:47:42 GMT

GET
H2 200 icons.svg
www.ganjing.com/img/ Frame EB98 250 KB
91 KB 186ms
186ms Other
image/svg+xml 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/img/icons.svg?v=1.5.0.2-noPrebid
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/framework-79bce4a3a540b080.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3fb19c88200f32e38809a0104ca45cf8d916934ee77cceee19fd95c4fc1f6e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1fh48unhl3k7gGsykwlK2vwkT1q61c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:42 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 17:13:52 GMT
server: cloudflare
etag: W/"3e825-186131ed080"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456d30bd835fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Mon, 06 Feb 2023 17:47:42 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=3272B255934146CF901A24F8BF78B455&RedC=c.clarity.ms&MXFR=3A2163A195CB64173585711191CB6AD6
https://c.clarity.ms/c.gif?CtsSyncId=3272B255934146CF901A24F8BF78B455&MUID=3F9FEC73886966FD1783FEC389C367BE

42 B
370 B

46ms
45ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=3272B255934146CF901A24F8BF78B455&MUID=3F9FEC73886966FD1783FEC389C367BE
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:41 GMT
last-modified: Tue, 17 Jan 2023 20:36:49 GMT
server: Microsoft-IIS/10.0
etag: "b1c8df6cb32ad91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D8472977B8E14122B76887BFE213E590 Ref B: DUS30EDGE0919 Ref C: 2023-02-06T13:47:42Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=3272B255934146CF901A24F8BF78B455&MUID=3F9FEC73886966FD1783FEC389C367BE
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/855967303/ 2 KB
2 KB 104ms
35ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/855967303/?random=1675691262151&cv=11&fst=1675691262151&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&value=0&bttype=purchase&auid=969631595.1675691259&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z8H4H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ba2d8631f69b8348a8a73e2d12a2ca85d1a7e94504058c7adbd5d88841f5f9a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 push_notif.js Show response
services.epoch.cloud//public-labs/src/push_notifications/ 6 KB
2 KB 30ms
29ms Script
application/javascript 2606:4700:e0::ac40:6013
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.epoch.cloud//public-labs/src/push_notifications/push_notif.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6013 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0523c13750f634735ff97f98cc6b2d0100bc0aab4d8f703ad3b6952731d7a545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Sep 2020 15:46:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5157
etag: W/"5f6384bb-18fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvRJzu62vPH2M6lBHYDHrk%2BxPCrYZa92hZtSztvOdUKQ2oZ07j%2Foi9L8o9TKVkW1mSpEumURHq%2FSdB%2FHMKonFAL0pyozqZSp8C%2BNSuK6N%2FpjoBbc0L3KXvhDAGlqL2mmbqHwYzDdvI4Ru08%2FoiiRFY7BkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 795456d48886bb37-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK ge.js Show response
s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ 37 KB
37 KB 607ms
209ms Script
application/javascript 52.218.213.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ge.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.213.80 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1126eb1de2ad0f7664b948938653a18e1f8d89be694224e9b13e86cc339c0b41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 13:47:43 GMT
Last-Modified: Wed, 21 Dec 2022 17:30:08 GMT
Server: AmazonS3
x-amz-request-id: E9X78GP0298G7JZN
ETag: "0d4ece7d60f7d92cef4112ff2c393358"
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 37541
x-amz-id-2: RLY7omr7mzOrgK+eS0BHpILCY2Hpd+e3c8XUkrdpg01am8BO2i3nmtJi2F27nW52hzYVzXAjLhI=
Expires: Fri, 20 Jan 2023 17:30:07 GMT

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
https://a.clickcertain.com/px/smart/a/?seg=musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&c=244b81b94c69796
https://a.clickcertain.com/px/?c=244b81b94c69796

3 KB
2 KB

134ms
134ms

Script
text/javascript

2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=244b81b94c69796
Protocol: H2
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f54cef955b135bb24e862669e43151da6424b8a462e9a780e0ab48c98a9c453c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:42 GMT
content-encoding: br
x-frontend: cc-nginx-64dcbdf744-xchwx:cc-nginx-64dcbdf744-xchwx
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: a75aa6df-483f-48f7-8b35-a7326d86df81
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2Fqqv35cOmhkgu88lZERe5bMepd%2BeaNYR83REiBT%2Bz5FTiOW3ClUsIDQDqkwE0eBLQZtzk%2FA%2FHPl0eg4mKgzcqp7koyHlHTAf%2FyukDcF1c%2F5XVkHwlxeY2w9hk7TvvK58ZiVP%2BQk9oYis9GZ%2FYz8%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 795456d65d899024-FRA

Redirect headers

date: Mon, 06 Feb 2023 13:47:42 GMT
x-frontend: cc-nginx-64dcbdf744-khdmr:cc-nginx-64dcbdf744-khdmr
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: f0aba132-8a63-40e6-ac08-b27f8b460efb
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8E9xjVPb9bhS8rL7IhbgVpJUIOXPL80zss8srG1i9sA9IXyhUEbdIv0p1JFe36AWTEjd3oTN2RQQnodp5OR2lRZhIps5kmZxX7Bd1kx3fgMNXHlFFx9x%2FN8QAxxdTZ%2BBGxSvfE9Vi%2BAccDhHPmEJiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=244b81b94c69796
cf-ray: 795456d54c9c9024-FRA

GET
H/1.1

200
OK

container.js Show response
tags.wdsvc.net/
Redirect Chain

https://tags.wdsvc.net/controller.js?id=100415
https://tags.wdsvc.net/container.js?id=100415&v=4.10&t=1675691262522

27 KB
27 KB

232ms
231ms

Script
text/javascript

52.5.212.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.wdsvc.net/container.js?id=100415&v=4.10&t=1675691262522
Protocol: HTTP/1.1
Server: 52.5.212.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-212-88.compute-1.amazonaws.com
Software: /
Resource Hash: 93e6305b42d27ddfad16e074bb46c7869ff73614c07e8b4f97c19d7e77593345

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Feb 2023 13:47:42 GMT
Content-Type: text/javascript
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Content-length: 27637
Expires: Mon, 3 Jan 2005 13:00:00 GMT

Redirect headers

location: https://tags.wdsvc.net/container.js?id=100415&v=4.10&t=1675691262522
Date: Mon, 06 Feb 2023 13:47:42 GMT
Cache-Control: private, no-cache
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/24003086/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
358 B

29ms
29ms

Script
application/javascript

13.224.103.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 13.224.103.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-60.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:31:36 GMT
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 968
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: Z85OO6izRpY_p57Hj6YBLYWo88_t1jD-rCT5-plzEyvsJBz5zRPtuA==

Redirect headers

location: /internal-c2/default/cs.js
date: Mon, 06 Feb 2023 13:47:42 GMT
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
content-length: 0
x-amz-cf-id: 8HVqX9rABJkoseBEEY9dPY5Do_vFX3xnfIAXDb3Md-StkkagQWd2Uw==
x-cache: Miss from cloudfront

GET
H2 200 b413bf4fa936cc351ac6476e0df69b50.js Show response
clientcdn.pushengage.com/core/ 114 KB
28 KB 217ms
45ms Script
application/javascript 2400:52e0:1e00::1078:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/b413bf4fa936cc351ac6476e0df69b50.js
Requested by: Host: www.theepochtimes.com
URL: https://www.theepochtimes.com/assets/themes/eet/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1078:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1078 /
Resource Hash: 77e250a2b21e347884a901952cef97d53fa5692efd05391b499050a9ec10a009

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:42 GMT
content-encoding: br
cdn-edgestorageid: 860
cdn-cachedat: 02/06/2023 13:28:32
cdn-pullzone: 1148540
server: BunnyCDN-DE1-1078
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=3600
cdn-requestid: c3d203f7679ea8c6e6593a929fe5b44a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3

200

/
www.google.de/pagead/1p-conversion/855967303/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855967303/?random=2064278906&cv=11&fst=1675691262151&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&label=HsWbCMacxuUDEMeM...
https://www.google.com/pagead/1p-conversion/855967303/?random=2064278906&cv=11&fst=1675691262151&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleads...
https://www.google.de/pagead/1p-conversion/855967303/?random=2064278906&cv=11&fst=1675691262151&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadse...

42 B
64 B

65ms
64ms

Image
image/gif

2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/855967303/?random=2064278906&cv=11&fst=1675691262151&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&value=0&auid=969631595.1675691259&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ09lQ253WVF5cExGN1ppdHk2LW9BUklsQUxsZHJiQzhjeWJ4QkhWT1lxMVlNX2hWZk4xNkVxZjJsaXJESEw5NHExS2hsUDZKT1EaV0NoQUlnT2VDbndZUTFjemx3dUszbUxRX0VpMEFyQWlyV1BmN0NVenFPV2xQVEh0Z1RlWWkzNm54QXFoWDBIODR4VmpENXNmR1BRWko5dTRVbndWTFRjRQ&is_vtc=1&ocp_id=_gThY-66DtDR1gaD2rbIBA&cid=CAQSKQDUE5ymZm9FJRNwLJ8cJOmf9kIw0K8iJIFC0GtzQ3Z8dB85vKPPPfsw&eitems=ChEIgOeCnwYQwOSKueKEpcbiARIdAG0XhA0IkVNcClIf_feHnx-RGEEyNudGwxkZblQ&random=2871523201&ipr=y&prhg=0

Protocol

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/855967303/?random=2064278906&cv=11&fst=1675691262151&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&label=HsWbCMacxuUDEMeMlJgD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&tiba=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&value=0&auid=969631595.1675691259&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ09lQ253WVF5cExGN1ppdHk2LW9BUklsQUxsZHJiQzhjeWJ4QkhWT1lxMVlNX2hWZk4xNkVxZjJsaXJESEw5NHExS2hsUDZKT1EaV0NoQUlnT2VDbndZUTFjemx3dUszbUxRX0VpMEFyQWlyV1BmN0NVenFPV2xQVEh0Z1RlWWkzNm54QXFoWDBIODR4VmpENXNmR1BRWko5dTRVbndWTFRjRQ&is_vtc=1&ocp_id=_gThY-66DtDR1gaD2rbIBA&cid=CAQSKQDUE5ymZm9FJRNwLJ8cJOmf9kIw0K8iJIFC0GtzQ3Z8dB85vKPPPfsw&eitems=ChEIgOeCnwYQwOSKueKEpcbiARIdAG0XhA0IkVNcClIf_feHnx-RGEEyNudGwxkZblQ&random=2871523201&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
a.clickcertain.com/px/cont/ Frame 1630 1 KB
845 B 122ms
122ms Document
text/html 2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&cn=DE
Requested by: Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=244b81b94c69796&seg=musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f690f99d81101e80055dffdc306458f23089ff9a578e9e31a716013ecb89f2e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 795456d73e7c9024-FRA
content-encoding: br
content-type: text/html
date: Mon, 06 Feb 2023 13:47:42 GMT
etag: W/"N2U0N2IyZDBnZWYzZWc0MTQ3Z2FiNzhnMzM4YzYwNjc0MGU3LXow"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNcrt0n2GBz1%2BOnEjKC%2BO%2F%2Bew0S1%2FwPc%2BEeT58mwuHYtytpLlsSYTeDNrnqBOADCs2tmPrYm%2BpRrceDp88IvlaG262e4%2BcUuDL9U53FoLWesUGp2Kfujo66sn0MNNxeT9t9xehILxKnUSVe5lxCTYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frontend: cc-nginx-64dcbdf744-xchwx:cc-nginx-64dcbdf744-xchwx
x-requestid: a74e2e88-3d4a-43a0-93d1-82acf0e573c8

GET
H2

204

/
a.clickcertain.com/px/ta/ Frame 1630
Redirect Chain

https://a.clickcertain.com/px/ta/?ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=7e47b2d0-ef3e-4147-ab78-338c606740e7&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
https://a.clickcertain.com/px/ta/?done=true&ta_id=865eafce-2c98-4a27-9c64-388146cfe6c0

0
454 B

130ms
130ms

Image
text/plain

2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/ta/?done=true&ta_id=865eafce-2c98-4a27-9c64-388146cfe6c0
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&cn=DE
Protocol: H2
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:42 GMT
x-frontend: cc-nginx-64dcbdf744-7q862:cc-nginx-64dcbdf744-7q862
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 46531e8c-826b-4c53-8206-eb02585c304b
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1THTaekNazIXamQPW7YRK6SOtyjTpOQME3QqnFIu9IXPfw82VUrmfZaDyI9NzY0KBQBA5mJwYbzNxhUNEnJkmSDQyb7XNdjHydgrZ0aLMPGJMSubo95tggfwPjF3vdxv%2BBHgFpMkFg8Zgp9w45zbA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 795456d90ff69024-FRA

Redirect headers

date: Mon, 06 Feb 2023 13:47:42 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://a.clickcertain.com/px/ta/?done=true&ta_id=865eafce-2c98-4a27-9c64-388146cfe6c0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

/
a.clickcertain.com/px/t/ Frame 1630
Redirect Chain

https://a.usbrowserspeed.com/cs?puid=1e1a275e-0168-563d-b881-609c9ef32ab4&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256...
https://a.clickcertain.com/px/t/?done=true&uid=a0539d18-de23-40be-8747-17efa8f0f618&hem=

0
340 B

150ms
149ms

Image
text/plain

2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/t/?done=true&uid=a0539d18-de23-40be-8747-17efa8f0f618&hem=
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&cn=DE
Protocol: H2
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:43 GMT
x-frontend: cc-nginx-64dcbdf744-xqmcv:cc-nginx-64dcbdf744-xqmcv
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 280b355e-9d6a-4984-8072-cd144fa95e68
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FP9OSSbV0hV%2B6nEOGW6521zrx%2FbfT7QF3j834mQOI3%2Fd%2F8djByhqiNaN7Ni2MCGxYqeEexKWawY4Pd2SUZR4jS56gRQ8WbDi74EL3IFhO%2Bn2u0jmtPWT9ddpdFZH8Mh%2FjalavTL6G1jMXUvGYjE%2BuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 795456d988699024-FRA

Redirect headers

location: https://a.clickcertain.com/px/t/?done=true&uid=a0539d18-de23-40be-8747-17efa8f0f618&hem=
date: Mon, 06 Feb 2023 13:47:42 GMT
server: awselb/2.0
content-length: 119
content-type: text/html; charset=utf-8

GET
H2

200

sync
x.bidswitch.net/ Frame 1630
Redirect Chain

https://a.clickcertain.com/px/r/?ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=7e47b2d0-ef3e-4147-ab78-338c606740e7&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
https://a.clickcertain.com/px/li/?ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redi...
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D7e47b2d0%2Def3e%2D414...
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&anx_uId=$UID
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&anx_uId=2914621564580346733
https://x.bidswitch.net/sync?dsp_id=179&user_id=7e47b2d0-ef3e-4147-ab78-338c606740e7&expires=5&user_group=0

43 B
145 B

23ms
23ms

Image
image/gif

18.193.251.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=179&user_id=7e47b2d0-ef3e-4147-ab78-338c606740e7&expires=5&user_group=0
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=244b81b94c69796&ccid=7e47b2d0-ef3e-4147-ab78-338c606740e7&cn=DE
Protocol: H2
Server: 18.193.251.179 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-251-179.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

date: Mon, 06 Feb 2023 13:47:43 GMT
x-frontend: cc-nginx-64dcbdf744-7q862:cc-nginx-64dcbdf744-7q862
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: aea0dbcd-36c3-402b-8d9b-563317b4dc55
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2B%2FUC6BbFoiRgaYiewO5BAWWe1k9Cx6kEyTtYiX1BcNrRNvQIuu2YHV%2FP%2FhZubjB7TQaWZxCEvbpstLzo629m7avp7tYHEn%2FBB7GbYQFpdMwEEKgQdrBFYJHooIx%2BAbJPZhaSBxjzWdlJZLxSM4R6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://x.bidswitch.net/sync?dsp_id=179&user_id=7e47b2d0-ef3e-4147-ab78-338c606740e7&expires=5&user_group=0
cf-ray: 795456dbba389024-FRA

GET
H/1.1 200
OK / Show response
tags.wdsvc.net/tpc-eval/ 21 B
284 B 116ms
116ms Script
text/javascript 52.5.212.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.wdsvc.net/tpc-eval/?lid=18626fb82ae-tags7-16d3b2f18342bf
Requested by: Host: tags.wdsvc.net
URL: https://tags.wdsvc.net/controller.js?id=100415
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.212.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-212-88.compute-1.amazonaws.com
Software: /
Resource Hash: b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Feb 2023 13:47:42 GMT
Content-Type: text/javascript
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Content-length: 21
Expires: Mon, 3 Jan 2005 13:00:00 GMT

GET
H2 200 lc2.js Show response
b-code.liadm.com/ 33 KB
12 KB 90ms
24ms Script
application/javascript 2600:9000:2057:1e00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/lc2.js
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1e00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 08d6358b84e668ff9b1b13c3a29b3c89fc526173ac75e060174268bdb6bb44d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 00:24:26 GMT
content-encoding: gzip
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 48197
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: 4TfSHHjgkkWb0iXVgbfgxEh1hLJ3rwyysa6QJpyrNWS_Fo2TbkqSGw==

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1675691263173&se=e30&duid=57b4458eb59c--01grkfq12chqx323b5bdbajr4d&tna=v2.6.0&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-pe...
https://rp4.liadm.com/j?dtstmp=1675691263173&se=e30&duid=57b4458eb59c--01grkfq12chqx323b5bdbajr4d&tna=v2.6.0&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-p...

13 B
552 B

421ms
116ms

XHR
application/json

34.232.54.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1675691263173&se=e30&duid=57b4458eb59c--01grkfq12chqx323b5bdbajr4d&tna=v2.6.0&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDEyOmI4NjU6NDYwZDpmMjQ1

Protocol

Server

34.232.54.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-54-150.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:43 GMT
x-pixel-event-id: 4c1a65fd-b899-4b87-8d14-2b643dec9d8c
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 90d9bc2234c14cc8
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Mon, 06 Feb 2023 13:47:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1675691263173&se=e30&duid=57b4458eb59c--01grkfq12chqx323b5bdbajr4d&tna=v2.6.0&pu=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MjoxMDEyOmI4NjU6NDYwZDpmMjQ1
access-control-allow-origin: https://www.theepochtimes.com
request-time: 0
access-control-allow-credentials: true
trace-id: 5f5657e0adc68006
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 72731 Show response
idx.liadm.com/idex/unknown/ 42 B
424 B 356ms
118ms XHR
application/json 54.159.56.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/unknown/72731?duid=57b4458eb59c--01grkfq12chqx323b5bdbajr4d&resolve=md5

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/lc2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.159.56.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-159-56-141.compute-1.amazonaws.com

Software

Resource Hash

743d7b64ad5347adc3bb6f81184b58aee13b98b9a30e94f82ec744a2d1187b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 3
content-type: application/json
access-control-allow-origin: https://www.theepochtimes.com
access-control-allow-credentials: true
trace-id: ddfa0ecb85ad57b0
content-length: 42
expires: Tue, 07 Feb 2023 13:47:44 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 84ms
31ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RD0QM5H02Q&gtm=45je3210&_p=1174897216&cid=1234335394.1675691259&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1675691259&sct=1&seg=1&dl=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&dt=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&en=page_view&ep.eet_cat_names=Audience%20Comments%3BCity%3BCompany%3BEditor%27s%20Picks%3BNashville%3BNorth%20America%20Company%3BShen%20Yun%3BUnited%20States&ep.eet_all_term_ids=audience-comments-31712%3Bcity-2-31714%3Bcompany-2-31711%3Beditors-picks-31718%3Bnashville-united-states-32922%3Bshenyun-north-america-company-99751%3Bshen-yun-98923%3Bunited-states-90068%3Btop-stories-98893&ep.eet_primary_category_name=Audience%20Comments&ep.eet_author_name=Epoch%20Newsroom&_et=109
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 13:47:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theepochtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 li Show response
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/ 312 B
515 B 202ms
201ms Fetch
application/json 52.32.66.192

General

Check archive.org

Show headers Download Go to

Full URL: https://ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/li
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ge.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.66.192 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc36f94848372510f8e30788fc642345a3de68bc71bd6644bac5948c48623c90

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 06 Feb 2023 13:47:45 GMT
x-amzn-trace-id: Root=1-63e10501-2f4e2d8a4fb6ae5668308a85
x-amzn-requestid: 98555e1e-5a60-42f2-89e9-8d9c2c17ed71
content-length: 312
x-amz-apigw-id: f624MEixPHcF3xQ=
content-type: application/json

OPTIONS
H2 200 li
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/ Frame 0
0 600ms
197ms Preflight
application/json 52.32.66.192

General

Check archive.org

Show headers Download Go to

Full URL: https://ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/li
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.66.192 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Mon, 06 Feb 2023 13:47:44 GMT
x-amz-apigw-id: f624KFMsPHcFxKw=
x-amzn-requestid: 1179e2c8-ffa0-4729-a1a0-21cab34916e8

POST
H2 204 c Show response
ea.epochbase.com/api/pw/ 0
232 B 825ms
825ms XHR
text/plain 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false&ver=20221006
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Naples, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.theepochtimes.com
date: Mon, 06 Feb 2023 13:47:45 GMT
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE

OPTIONS
H2 200 c
ea.epochbase.com/api/pw/ Frame 0
0 109ms
109ms Preflight 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Naples, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Content-Type
access-control-allow-methods: GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin: *
allow: GET, POST, OPTIONS, PUT, DELETE
content-length: 0
date: Mon, 06 Feb 2023 13:47:44 GMT
server: nginx/1.20.1

GET
H2 200 icons.svg
www.ganjing.com/img/ Frame AA86 250 KB
91 KB 213ms
212ms Other
image/svg+xml 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ganjing.com/img/icons.svg?v=1.5.0.2-noPrebid
Requested by: Host: www.ganjing.com
URL: https://www.ganjing.com/_next/static/chunks/framework-79bce4a3a540b080.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3fb19c88200f32e38809a0104ca45cf8d916934ee77cceee19fd95c4fc1f6e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ganjing.com/embed/1ellvldt380LQXQvrQHdPnUUx1m91c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:47:44 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 17:13:52 GMT
server: cloudflare
etag: W/"3e825-186131ed080"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 795456e45de635fe-FRA
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Cdk-Dsid,X-Cdk-Lrtm,Role
expires: Mon, 06 Feb 2023 17:47:44 GMT

POST
H/1.1 200
OK post-log Show response
tags.wdsvc.net/ 0
440 B 116ms
116ms XHR
text/html 52.5.212.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.wdsvc.net/post-log?v=4.10&t=1675691262638
Requested by: Host: tags.wdsvc.net
URL: https://tags.wdsvc.net/controller.js?id=100415
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.212.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-212-88.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theepochtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.theepochtimes.com
Date: Mon, 06 Feb 2023 13:47:44 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=5
Content-length: 0
Content-Type: text/html

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
260 B 523ms
46ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=4tgsadn&ct=0:h4y4ikc&fmt=3&td1=18626fb82ae-tags7-16d3b2f18342bf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 06 Feb 2023 13:47:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
260 B 522ms
45ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=4tgsadn&ct=0:cbmj8de&fmt=3&orderid=&vf=&v=&td1=18626fb82ae-tags7-16d3b2f18342bf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 06 Feb 2023 13:47:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
261 B 522ms
45ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=4tgsadn&ct=0:idisnfs&fmt=3&orderid=&vf=&v=&td1=18626fb82ae-tags7-16d3b2f18342bf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theepochtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 06 Feb 2023 13:47:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: certify.alexametrics.com
URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&time=1675691259263&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&random_number=16755688614&sess_cookie=9f3c872518626fb757f8a9585bc&sess_cookie_flag=1&user_cookie=9f3c872518626fb757f8a9585bc&user_cookie_flag=1&dynamic=true&domain=theepochtimes.com&account=Tmrwl1aYizr0uP&jsv=20130128&user_lang=en-US

Verdicts & Comments Add Verdict or Comment

229 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 10:11:23	Name: _li_ss Value: CggKBgiSARChFA
.theepochtimes.com/	1970-01-20 11:37:47	Name: epoch_persistent_user_id Value: anonb09f-18b3-4164-8de8-ac416d6ed5b8
.theepochtimes.com/	1970-01-20 09:29:37	Name: _gid Value: GA1.2.798903115.1675691259
.theepochtimes.com/	1970-01-20 09:28:11	Name: _gat Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: kHEqeUPb6Cg
.youtube.com/	1970-01-20 13:47:23	Name: DEVICE_INFO Value: ChxOekU1TnpBek9URTFNak00TmpJeU5EY3pNQT09EPqJhJ8GGPqJhJ8G
.youtube.com/	1970-01-20 13:47:23	Name: VISITOR_INFO1_LIVE Value: V0Lv_cXpYd4
.theepochtimes.com/	1970-01-20 19:04:11	Name: _ga Value: GA1.1.1234335394.1675691259
.theepochtimes.com/	1970-01-20 10:11:23	Name: epoch_geo_country Value: de
.theepochtimes.com/	1970-01-20 10:11:23	Name: epoch_geo_subdivision Value: nw
www.theepochtimes.com/	1969-12-31 23:59:59	Name: epoch_user_dna Value: %7B%22pid%22%3A%22anonb09f-18b3-4164-8de8-ac416d6ed5b8%22%2C%22x%22%3A%22703-209-779%22%2C%22vt%22%3A0%2C%22g1%22%3A%22de%22%2C%22g2%22%3A%22nw%22%7D
.theepochtimes.com/	1970-01-20 11:37:47	Name: _gcl_au Value: 1.1.969631595.1675691259
.theepochtimes.com/	1970-01-20 09:38:16	Name: pageviewCount_fb Value: 1,none,https://www.theepochtimes.com/musician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html
.theepochtimes.com/	1970-01-20 19:04:11	Name: _ga_RD0QM5H02Q Value: GS1.1.1675691259.1.1.1675691259.0.0.0
.theepochtimes.com/	1970-01-20 09:28:13	Name: __asc Value: 9f3c872518626fb757f8a9585bc
.theepochtimes.com/	1970-01-20 18:15:13	Name: __auc Value: 9f3c872518626fb757f8a9585bc
.theepochtimes.com/	1970-01-20 09:29:37	Name: _uetsid Value: d220bcc0a62411eda7c9f161c704a9fa
.theepochtimes.com/	1970-01-20 18:49:47	Name: _uetvid Value: d220ca90a62411ed83cab541d08cda2b
.bing.com/	1970-01-20 18:49:47	Name: MUID Value: 3F9FEC73886966FD1783FEC389C367BE
.doubleclick.net/	1970-01-20 18:49:47	Name: IDE Value: AHWqTUlrI3MB-HabuErgqKomek6r9qHTR3d69NdKQLZ6sUH1erGlyFzCD2H5-jKP
.ganjing.com/	1970-01-20 09:28:13	Name: __cf_bm Value: SyWxaAxUXEaWXOXTqqfm5g7JhhqJJCj1J2F4jHSwQKM-1675691259-0-ATd/b+vIVlu7Vtz7JXunBHfgqfsjxhXpGP3ufOOd+pjyYm1OfIhqLZd3ZerH4gDqIObuGqjTB81nC90gO4wcSLE=
.twitter.com/	1970-01-20 19:04:11	Name: guest_id_marketing Value: v1%3A167569125938294013
.twitter.com/	1970-01-20 19:04:11	Name: guest_id_ads Value: v1%3A167569125938294013
.twitter.com/	1970-01-20 19:04:11	Name: personalization_id Value: "v1_M8ZXlceOF8ywzE7+3kWqgg=="
.twitter.com/	1970-01-20 19:04:11	Name: guest_id Value: v1%3A167569125938294013
.t.co/	1970-01-20 19:04:11	Name: muc_ads Value: 30914010-a903-4d88-a018-9b881b091028
a.clickcertain.com/	1970-01-20 18:13:47	Name: _ccpx_u Value: 7e47b2d0%2def3e%2d4147%2dab78%2d338c606740e7
.quantserve.com/	1970-01-20 18:58:25	Name: mc Value: 63e104fb-a528c-490a2-679d0
www.clarity.ms/	1970-01-20 18:13:47	Name: CLID Value: 54cd921204a94c9586088acbbb40a03f.20230206.20240206
a.clickcertain.com/	1970-01-20 18:13:47	Name: _ccpx Value: 244b81b94c69796
.theepochtimes.com/	1969-12-31 23:59:59	Name: moe_uuid Value: e11fd3ae-aa22-463f-ae78-4b0d271ccc6f
.theepochtimes.com/	1970-01-20 18:52:40	Name: __qca Value: P0-485116192-1675691259260
.theepochtimes.com/	1970-01-20 09:38:16	Name: e_ab_es Value: 0.4171679328202589
.theepochtimes.com/	1970-01-20 18:13:47	Name: _clck Value: hrh4cw\|1\|f8w\|0
.tapad.com/	1970-01-20 10:54:35	Name: TapAd_TS Value: 1675691260842
.tapad.com/	1970-01-20 10:54:35	Name: TapAd_DID Value: 865eafce-2c98-4a27-9c64-388146cfe6c0
.tapad.com/	1970-01-20 10:54:35	Name: TapAd_3WAY_SYNCS Value:
.theepochtimes.com/	1970-01-20 10:11:23	Name: epoch_user_type Value: anonymous
.theepochtimes.com/	1970-01-20 09:29:37	Name: _clsk Value: 1wkxu2k\|1675691260950\|1\|0\|j.clarity.ms/collect
.liadm.com/	1970-01-20 19:04:11	Name: lidid Value: 6fb3cc49-3bdb-40d1-9c2e-fb9319896bdc
.a.usbrowserspeed.com/	1970-01-20 18:13:47	Name: tuid Value: a0539d18-de23-40be-8747-17efa8f0f618
.adnxs.com/	1970-01-20 11:37:47	Name: uuid2 Value: 2914621564580346733
.bidswitch.net/	1970-01-20 18:13:47	Name: tuuid Value: 06f18e1e-5702-4eda-81d2-011beb3aa459
.bidswitch.net/	1970-01-20 18:13:47	Name: c Value: 1675691262
.bidswitch.net/	1970-01-20 18:13:47	Name: tuuid_lu Value: 1675691262
.c.bing.com/	1970-01-20 18:49:47	Name: SRM_B Value: 3F9FEC73886966FD1783FEC389C367BE
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 18:49:47	Name: MUID Value: 3F9FEC73886966FD1783FEC389C367BE
.c.clarity.ms/	1970-01-20 09:28:11	Name: ANONCHK Value: 0
.wdsvc.net/	1970-01-20 09:28:11	Name: _wdTest Value: accept
.wdsvc.net/	1970-01-20 19:04:11	Name: wds_random Value: 2023-02-06T13:47:42.522Z~2023-02-06T13:47:42.522Z\|6425214997185215\|82\|
a.clickcertain.com/	1970-01-20 18:13:47	Name: _ccpx_244b81b94c69796 Value: 2
www.theepochtimes.com/	1970-01-20 13:47:23	Name: _geuid Value: 3478575f-c955-40fc-89a5-72b1474379d6
www.theepochtimes.com/	1970-01-20 13:47:23	Name: _gepi Value: true
www.theepochtimes.com/	1970-01-20 10:11:23	Name: _geps Value: true
.theepochtimes.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .theepochtimes.com
.theepochtimes.com/	1970-01-20 19:04:11	Name: _lc2_fpi Value: 57b4458eb59c--01grkfq12chqx323b5bdbajr4d
.theepochtimes.com/	1970-01-20 09:29:37	Name: __li_idex_cache_eyJxZiI6MCwicmVzb2x2ZSI6Im1kNSJ9 Value: {%22md5%22:%221ac29c494e71c1a9e8693ca6a8660fa7%22}

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Musician%20Moved%20by%20Hope%20and%20Beauty%20in%20Shen%20Yun%20Performance%20in%20Nashville&time=1675691259263&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.theepochtimes.com%2Fmusician-moved-by-hope-and-beauty-in-shen-yun-performance-in-nashville_5033767.html&random_number=16755688614&sess_cookie=9f3c872518626fb757f8a9585bc&sess_cookie_flag=1&user_cookie=9f3c872518626fb757f8a9585bc&user_cookie_flag=1&dynamic=true&domain=theepochtimes.com&account=Tmrwl1aYizr0uP&jsv=20130128&user_lang=en-US Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://api-a.ganjingworld.com/v1s/adsserver/get-vast-xml?lang=en-US&cid=e399ff30-981f-88c6-f01a-f31210b0499e&cnt_id=1fh48unhl3k7gGsykwlK2vwkT1q61c&chl=1fgvsk19rtp1jHk2ve5WEeuzC10l0c&host=www.theepochtimes.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api-a.ganjingworld.com/v1s/adsserver/get-vast-xml?lang=en-US&cid=f1009ffd-2bc4-d9e9-61f3-dcc896a4e1c9&cnt_id=1ellvldt380LQXQvrQHdPnUUx1m91c&chl=1eiqjdnq7go12YJJLqH6qcFfJ1020c&host=www.theepochtimes.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api-a.ganjingworld.com/v1s/adsserver/get-vast-xml?lang=en-US&cid=251be712-a9bd-7b6b-237b-1f7df55bf872&cnt_id=1f85ha3tqs04ybK5PQYbbDocj13v1c&chl=1eiqjdnq7go12YJJLqH6qcFfJ1020c&host=www.theepochtimes.com Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clickcertain.com
a.remarketstats.com
a.usbrowserspeed.com
acdn.adnxs.com
analytics.twitter.com
api-a.ganjingworld.com
b-code.liadm.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.moengage.com
certify.alexametrics.com
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com
clientcdn.pushengage.com
cm.g.doubleclick.net
d31qbv1cthcecs.cloudfront.net
ea.epochbase.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gw.ganjing.com
i.liadm.com
i.ytimg.com
ib.adnxs.com
idx.liadm.com
image1-us-west.cloudokyo.cloud
image3-us-west.cloudokyo.cloud
image4-us-west.cloudokyo.cloud
img.theepochtimes.com
insight.adsrvr.org
j.clarity.ms
jnn-pa.googleapis.com
media1-us-west.cloudokyo.cloud
media3-us-east.cloudokyo.cloud
pixel.quantserve.com
pixel.tapad.com
pwe.epochbase.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
sdk-02.moengage.com
secure.adnxs.com
secure.quantserve.com
services.epoch.cloud
static.ads-twitter.com
static.doubleclick.net
stats.g.doubleclick.net
subs.theepochtimes.com
subsapi.epoch.cloud
t.co
tags.wdsvc.net
tracking.cloudokyo.cloud
www.clarity.ms
www.ganjing.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.theepochtimes.com
www.youmaker.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
certify.alexametrics.com
104.244.42.197
104.244.42.3
13.224.103.60
13.224.103.75
13.32.27.107
142.250.185.130
142.250.185.162
146.75.116.157
151.101.1.108
151.139.128.11
18.117.44.170
18.193.251.179
18.213.140.229
185.89.210.153
185.89.210.46
193.108.153.24
20.234.93.27
20.85.30.134
2001:4860:4802:32::36
2400:52e0:1e00::1078:1
2600:1f18:730:b110:a59:b678:f846:a75d
2600:9000:2057:1e00:8:8845:1500:93a1
2600:9000:2190:1400:11:652e:c280:93a1
2600:9000:2190:2e00:6:44e3:f8c0:93a1
2606:4700:20::681a:832
2606:4700:20::ac43:4549
2606:4700::6812:1bac
2606:4700::6812:1d65
2606:4700:e0::ac40:6013
2606:4700:e0::ac40:6113
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:4f:1::45
2620:1ec:c11::200
2a00:1450:4001:806::200a
2a00:1450:4001:806::200e
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2006
2a00:1450:400c:c00::9c
2a00:1450:400d:803::2001
2a00:1450:400d:806::2003
2a00:1450:400d:808::200e
2a00:1450:400d:808::2016
2a00:1450:400d:80d::2008
2a02:26f0:11a::217:9a71
2a02:26f0:11a::217:9a73
3.228.92.45
34.102.198.207
34.110.129.224
34.232.54.150
35.201.68.206
35.227.248.159
35.71.131.137
4.7.168.74
52.218.213.80
52.32.66.192
52.5.212.88
54.159.56.141
54.200.220.102
02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55
0523c13750f634735ff97f98cc6b2d0100bc0aab4d8f703ad3b6952731d7a545
05e5fdbb4584a14bada945155524cb5ca5c2efcf2d5863b06d2e370817728ca6
0737b1096b1bd010bf286d49154e99e22b0861f50c874d97f6caec5067f8cd80
079f967858d232181201f54bc649796ce9b009c5252b706596001176c51ba6ea
08373e7a30d6290c2589892e38680856f5bd5ddf68cae2d51cabdbb7ae59a06c
08d6358b84e668ff9b1b13c3a29b3c89fc526173ac75e060174268bdb6bb44d3
09dc90b25fbb44b8507fea14bc809c166367297c89d01094070648615ca3de8b
1126eb1de2ad0f7664b948938653a18e1f8d89be694224e9b13e86cc339c0b41
122a490a084a6175bcc01130e8b1aaa58bfadcfe89cfee6336631d1cc324bb8a
139ca15ebf4f1cbb7858ab393d1bb9411cce901317c59acb7a2d2f30b5753a76
15570c864faef9d090c6a96f669fd463431b5070f8d40c1348e084d9df967100
189a780f525a326043432b080d375db0482358f51303d25161a44f06f3c5816d
1b93f7f6f8220bcc6f5b338c14b9c5707c25818283a06ffe73881a2dbf80c112
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
1ecf9f90d652825de64101e89e99a59b2da53eccaa67a9efc5c86b976b185b42
1ef2f7f6511861add1af033f12c1fd49a116835b5c8b4e745a423ab359900107
22d063d3e9da920b29f89c92d2351d506e9f412cacc750d56f72c915a9230f5c
24f1446d3e5e0e8f6f9d1b8e740f871c81ecb56f22044cf25ee7083fa509c081
25cad5d9e016ff8fc766034922a6ec515d37461b4ae089bd58d5ac964b85f247
26b494029cb2e7555cb08fb664e2eb803520da837ed3491d3718987947caa472
2745ad6feddaa508e21201e1395ba9f64a7ba532dad5ade2d76ee0a6b562ca80
275d51547ad5f87b0047cfa43ecffc2fa8e3c1d80bf638f0267ceae148278db1
2781f04682159895f0e8169520c3499a7e3f21d289c987cfb28d3a97df5749ec
27ebd972626ddfa63177e4dd073d790bf373726a080faf9ebf37b563a9530f94
28cba19b623eaa4975db177c15c82820f0632394f6a28face8a64f9d06e15f60
29cc91344fa42a2ddf205c2d26b851ae379f940eb5c0e321cc274d32bc629ced
2a15822e997e4b7b172e4b1e4c1366dd01f10ff936a8971ce15510f207b5d25c
2d894dfa6ceca04c90c9fa26bff61333b00a658ae1df5076f4baeda7f416b2c0
2db1e1d64ea8bfd67c5fe89d8a1bf7f3edd08b8079de7c85e5c631469f7d871c
2e3026adb47ff75d18a9436adb59ddf825e6ff5cab9683d03bff82033a92064a
30df671c8b7f6ac560d2787134a5c1c03b9fd82e0d2e7109fc2c0b6abb9b99ff
312bfda2e178bfe325c61f50b2a43a9f4b807776de8d13adfaf9c309aaacbb87
32bb585261c36ace1782599587f8d8e07b33cd5862b22992ae16e0038e9a41ac
32c3e05675bf5eec12631d7c825fae1152ff1ab36d1002050086e8e3be3114b1
3528e14e3ef71156adcbeac11ac4495f093564a3703bbfb34eef557d6f25ca03
357c942b0c277320c079e01a8ae48185dfae6101662dea2b3aeb53fdb72a5e9b
379fa6d12c2e4423529ef7f16d2d359db84e926c7e94933bd78d4c0edc623f16
387fc42e5f283653be73b1db1b304db27b540bb180fa9bf7b378bb3bce5c2408
38f915335fe629f2736910592b999a5cc13138f931118f5d67026b072c37d6b9
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e8c42bd576aeaea9f3cd8b493674845bad32810e4e1341b22ccd02bff8f23d4
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4444bed4afba1dd71df8b62ebfa1a1fc5094f3e7c56db9701ba4d136778b4cb9
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
48802a9821531893534300fc83937ddb65b96274972a5ed70063d5f6718a3078
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4c71178b4f9376a4d0acd7def1014a4d13641c9a618b9f584e3111de7ac34aa0
4c834812ad0c6ab8e9cddcf914f1f922d2b52cf81f306bdc361a05641bb0798c
4e1ed3e7276bf8b560850c71198a44ab3eab8defcac282815de774d7fe395f5c
4e977ff92f99f8a489faedf36d615cbf1e937820d69d6bf58dea3a2a3a43fc0f
509ccee1c341e53e2d51588a3fa00a787601ed76c7095e93e90beb73746c296c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a7615859698d8516017f2209b87a64d9ee8f11fcf1fd479f05eac785367bb62
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b169400c72045d965aac2010ff973d4184849800eac9e3ced121b38cabf8317
5d9e7e9f3bd902b6a64768afcf04ddebe7756b7807de36c2426049b2f6514e72
5dfa8f9f287331eb5f03ea97738e4e2f71d988728a85c7983f11156cdb283932
5e1b5b0996602d2197c430000af48fb14e2f47c81d782eed2a46df40e10f4bbd
5e5f2685526bc2da6a708b16d11c5c1efa3beb373f01fd03a7bc6de993be2339
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f20acc2c6c582f72db6ba295b8ae453e621b3b596ba4ed01744eeb87945d024
609e643dc8112d361569e8d5e0effab9b2992359aed48f5a77963d5ca86a3228
6506f4cc5b0125db66ac440560ef195636f56f744196ef9b0ee715417b6bf9a4
67a19947df4e23cd523fd968a39ea92bf2c2409b11696a6fc07b3bac77ab57a4
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69048a3af55a36885708c7b08b1785e8267d06c21950d3cc9676c1f2f0ef3af0
6b79087a577ea18b0d400cf7bffc4fb393adffe0fa3fffdde1c4687f8605697b
6d67834e2a76646c456c087ce42a6bd6b6b0c85c88dd9918618a8b4c563c2bdf
6edb4ac16ca9fae56a54c7424635ec19dd1f3d0dfb3d79d7a9d2f25eea174dd3
73a2b9940c854d43bfa4b864f5a75e0fd64615b9b541505516414a449b2555eb
743d7b64ad5347adc3bb6f81184b58aee13b98b9a30e94f82ec744a2d1187b73
745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44
7697bb9c3b10b590ff893af78c80b7d472a3a5e295815c2133572d6d54e7f102
77e250a2b21e347884a901952cef97d53fa5692efd05391b499050a9ec10a009
7bd73880faa1fe39de4fa4d875f92fb9ca65a7f73e3d58a9ed717948d5f454b4
7f059cad72441c3cc43c6d89b19bb51bf6ce07ab63195ab78df221bc243be666
7f690f99d81101e80055dffdc306458f23089ff9a578e9e31a716013ecb89f2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86ad39b005997d03b39726be2259383a5b6ce287fdcff0ed51eaaf82adb303ad
8719ad2274487868fa9d126449106f983acb227103fcb55d2ad06e3bef424358
8995ee4141c011fb83a3e22382c7d1a9e9f4dc41fde975fe8fe4d2cedccc8b92
8aedf6cfea0cab0b1f40f53ec29e95bd9f6fa480a13050e877e2a29bc3875ded
8b0daf8b0fadec4104ec807b0f4432698777a2a61078c1cf38b91e1fb238ed4d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da32af77026023e902dd9fe5612041380d371b1703ca79f49fadd43091f28d5
8eda1600837fe2b7e74f4ae8025797b1594846d596f60e7011e1986bbd18e907
9055f93e91dfcce6dc69d95a489f3c24f6b30a346a5e4da168076e5d2b526425
919d50a4381f12ae6488e4cafc6c21ea912bf114ee10df717eb7418ffe467796
93e6305b42d27ddfad16e074bb46c7869ff73614c07e8b4f97c19d7e77593345
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d1cbb5ca33f3d1e2f5179edc5e0ac51975ac5f7b05c36c340c6ffb2567b0d81
9fcb61a58041827488263f99804c06203cd9a47a61e2627d2cdb1060b28cf3de
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a186717e4fa6f3aa9beba1181902e669a2515daed065589ff48cdf74adc85c97
a1c3b720fb7ce71ab6a38d07d5b7f75b4fceba10265032033bb4d788163f024b
a27c8fa43cd1daac356ba5f18247dc83bd13a3e5994b1508818d4807b55918c9
a72e4bec1a42a780a85e5d0dd32b4a9f77f9ce02f8e930c6016cb18060bbb9dd
a7dea370ce238867cd473775fec2a26a7dbd52f9e1aab1988011d5a07be3e8a6
a838889736482c9db2512016d13c92eccd121b3cfe4c974aad90ec46bf1020ac
a922ec72a886ec86707564deb4b9b27358b7ac42563dc11f9d26deca4f6b900a
ac52503cb4e2312bf4bc111e50f819368be649df3d19dd844722964a9ff02911
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af8ef53c6c60414819ee640a637d4cec43ce03a0e9a14449efe0e4a944a4ff54
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d
b20501a48ee082623ce336731775a7669b651aee98dea6551b98c8b1b05a2df3
b2aa4f49d32c72d2872fd58f4ff09606906c3b4dc1bb632721107fdaaefd0606
b363b21bc03d5188a43ede2219616eaade9819d6b10f395ad66c7ee60c71ace2
b3fb19c88200f32e38809a0104ca45cf8d916934ee77cceee19fd95c4fc1f6e8
b58a54319b4c750bf312dbdad69538ddcea68a33af95fc176e6f25cd3cdedb72
b95164237b524353d235fd03cdc0ddf54a489315c59ee4e744cf120657a1ee33
ba2d8631f69b8348a8a73e2d12a2ca85d1a7e94504058c7adbd5d88841f5f9a8
bc5bc42b3cf19b3a904113e33a5d08ab3fafac6ff5cc0cbe7dbec48b282dda76
be7a220d60a7bd51ac606b90a4d550042c87433780d7da8d81b62399c878c92e
bef8a6b0abd844fce449dd12cf99dd3add3ed4dabaa9822270da359b5174c9c1
c0f7aea0d0e606f6c7b1db424f12a67f4e9b7004ec6a842fb0cd3348a52cacb5
c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154
c766e2d54c20077cfeecfd3e018f2353915846587286cdfddabc8e2b3a131966
c76ffbd44647ad17ecb389ca25d271a4281f147b7e8276f13bdde5512c2c6ca8
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9773358aaf874e5925868ae1087185ca7e491992df5df49dccf083a151589d1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caadba3769fc1035b841d7d194441098a5883f203ad1501837a78497d0355ecd
cb48f78552da3389169807e48d0286c47e999c18baf08262b39ee7fcbabec7b9
cf309534fd85ce30dd71b6ed6e5182df609d05de10e0155f0c70bdfb974db410
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d1a4a7aa00e62b62538f84f4f380c16796c88078656d204c4f5ceebb59d84fe8
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
d36ddc90f104f54c0d9b9a5ffef6aeb21194de337098d8905707ec506d2e4ec5
d6773630205280499f0360a8fb9cefdbd748a52dfcdcac8c4b068749ef4714e3
d6b130690d1bd94273360c2c6e565fe24131f50d587a692b0ac50c8525c1e1a1
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
d9892bcc6928635616f5798e2da84159d8fc82dea14df38f2fbd32c1b4495f1f
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf
dbc7ba0be01a277464fa7f3afc5b0755fdd435fa4f590c37ede474678b29e6c1
dc36f94848372510f8e30788fc642345a3de68bc71bd6644bac5948c48623c90
dc702a12bc89a9a27cbe7ac664e90ea2e7e81afd2dc0345674599aa66af2ee13
e154104a6d3411b293644c9879b7c1a1c4adeef9b1c5d9a737145281477892bf
e394553837d6f0e24d8f7a9fc9480686f6a63b75fd32ee1457bbbfb927cf1995
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec100bb81ce9e5f4bcaa8015c1be65b4b98f60ea4ddefb81a5c4facda2d271ca
ee128a2172c11d4875ad80aee713d58f5afe8b5931cef4a2fea31d96ae08071b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f158db2378cbf9a9c1152fc64817c1b2b4518d8949fbbe4dca6d685ae717b0f5
f2f77ab9e297524f71a6b8485b5edeaf1fad2bd362cce8bc4c640a20bd1e49e2
f498b2bed6d0b7bd02481eded6c63524dd77c5cbdbb6cfbe147e499d6ee9b760
f54cef955b135bb24e862669e43151da6424b8a462e9a780e0ab48c98a9c453c
f5f5d659d9cd04e4e66aea29ffba5105b522d8abfcfbee2fa3582c0ae249303f
f8443f9254e462014a63ec61a6bc46e1fc8f5af743a48c403bb3475692d493f3
f8c4969a41533e71d05522204208332aa7840f5ed08ef26188965582e590ee3a
faf65bcd4bbbe03627619eb646afbda21bbf0a74e5f2c17015aca7330b27caa9
fbd96f97dfabbb444dd155929e9632f5049251e4a8885989179fffb74ea6348a

www.theepochtimes.com Open in urlscan Pro 151.139.128.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

287 Requests

92 %HTTPS

50 %IPv6

41 Domains

69 Subdomains

56 IPs

6 Countries

8738 kBTransfer

22868 kBSize

58 Cookies

17 Outgoing links

Redirected requests

287 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.theepochtimes.com Open in urlscan Pro
151.139.128.11 Public Scan

Screenshot
Live screenshot

Full Image

287
Requests

92 %
HTTPS

50 %
IPv6

41
Domains

69
Subdomains

56
IPs

6
Countries

8738 kB
Transfer

22868 kB
Size

58
Cookies

287 HTTP transactions
9 data transactions