www.visiontimes.com Open in urlscan Pro
104.26.2.228 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Submission: On October 25 via api (October 25th 2023, 1:04:44 pm UTC) from SG — Scanned from SG

Summary HTTP 140 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 23 domains to perform 140 HTTP transactions. The main IP is 104.26.2.228, located in and belongs to CLOUDFLARENET, US. The main domain is www.visiontimes.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 14th 2023. Valid for: a year.

This is the only time www.visiontimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	104.26.2.228 104.26.2.228	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.84.251.64 52.84.251.64	16509 (AMAZON-02) (AMAZON-02)
1 15	74.125.200.155 74.125.200.155	15169 (GOOGLE) (GOOGLE)
3	172.67.72.219 172.67.72.219	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.88.117 13.33.88.117	16509 (AMAZON-02) (AMAZON-02)
1	192.0.73.2 192.0.73.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	74.125.200.97 74.125.200.97	15169 (GOOGLE) (GOOGLE)
14	64.233.170.138 64.233.170.138	15169 (GOOGLE) (GOOGLE)
6	13.227.254.80 13.227.254.80	16509 (AMAZON-02) (AMAZON-02)
1	104.16.123.96 104.16.123.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	64.233.170.156 64.233.170.156	15169 (GOOGLE) (GOOGLE)
2	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
3	103.146.40.154 103.146.40.154	18229 (CTRLS-AS-...) (CTRLS-AS-IN CtrlS)
1	216.239.36.181 216.239.36.181	15169 (GOOGLE) (GOOGLE)
1	74.125.68.156 74.125.68.156	15169 (GOOGLE) (GOOGLE)
2	64.233.170.94 64.233.170.94	15169 (GOOGLE) (GOOGLE)
1 6	142.250.4.105 142.250.4.105	15169 (GOOGLE) (GOOGLE)
1	104.22.52.86 104.22.52.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.1.229 151.101.1.229	54113 (FASTLY) (FASTLY)
1	182.161.73.129 182.161.73.129	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
1	74.125.200.95 74.125.200.95	15169 (GOOGLE) (GOOGLE)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
8	74.125.130.157 74.125.130.157	15169 (GOOGLE) (GOOGLE)
2	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
8	87.250.250.90 87.250.250.90	13238 (YANDEX) (YANDEX)
1	172.217.194.132 172.217.194.132	15169 (GOOGLE) (GOOGLE)
15	64.233.170.132 64.233.170.132	15169 (GOOGLE) (GOOGLE)
4	13.225.4.200 13.225.4.200	16509 (AMAZON-02) (AMAZON-02)
140	31

28 104.26.2.228 (None, )

ASN13335 (CLOUDFLARENET, US)

www.visiontimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.visiontimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.84.251.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-64.sin5.r.cloudfront.net

sdki.truepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 74.125.200.155 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.72.219 (United States)

ASN13335 (CLOUDFLARENET, US)

intothebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.88.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-117.sin2.r.cloudfront.net

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.73.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.200.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 64.233.170.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f138.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.227.254.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-80.sin52.r.cloudfront.net

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.123.96 (None, )

ASN13335 (CLOUDFLARENET, US)

www.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.233.170.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f156.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.235.1 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.146.40.154 (India)

ASN18229 (CTRLS-AS-IN CtrlS, IN)

sdk.truepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.36.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.170.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f94.1e100.net

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.4.105 (Oxford, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sm-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.235.35 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.125.130.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f157.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 87.250.250.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru

bs.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net

02a14cbc2a5808a18f6a1abb9cc6ea50.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 64.233.170.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.225.4.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-4-200.sin52.r.cloudfront.net

gw.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	visiontimes.com www.visiontimes.com img.visiontimes.com	1 MB
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 02a14cbc2a5808a18f6a1abb9cc6ea50.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	668 KB
21	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1474 analytics.google.com — Cisco Umbrella Rank: 178 www.google.com — Cisco Umbrella Rank: 2	68 KB
16	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	255 KB
10	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 2304 gw.geoedge.be — Cisco Umbrella Rank: 2732	202 KB
8	yandex.ru bs.yandex.ru — Cisco Umbrella Rank: 13295	2 KB
6	truepush.com sdki.truepush.com — Cisco Umbrella Rank: 78869 sdk.truepush.com — Cisco Umbrella Rank: 106680	22 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	236 KB
3	intothebid.com intothebid.com — Cisco Umbrella Rank: 139397	141 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 478	665 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1156 id5-sync.com — Cisco Umbrella Rank: 470 Failed	32 KB
2	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 12369	562 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	88 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	164 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1145	279 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	185 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 728	13 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	896 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 153	2 KB
1	cloudflare.com www.cloudflare.com — Cisco Umbrella Rank: 6224	453 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 2418	2 KB
1	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 18979
140	23

	Domain	Requested by
19	www.visiontimes.com	www.visiontimes.com
15	tpc.googlesyndication.com	rumcdn.geoedge.be
14	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net rumcdn.geoedge.be www.visiontimes.com
14	securepubads.g.doubleclick.net	www.visiontimes.com securepubads.g.doubleclick.net rumcdn.geoedge.be
9	img.visiontimes.com	www.visiontimes.com
8	bs.yandex.ru	intothebid.com
8	pagead2.googlesyndication.com	rumcdn.geoedge.be securepubads.g.doubleclick.net tpc.googlesyndication.com
6	www.google.com	1 redirects rumcdn.geoedge.be
6	rumcdn.geoedge.be	intothebid.com rumcdn.geoedge.be www.visiontimes.com
4	gw.geoedge.be	rumcdn.geoedge.be
4	www.googletagservices.com	rumcdn.geoedge.be
3	sdk.truepush.com	sdki.truepush.com
3	intothebid.com	www.visiontimes.com
3	sdki.truepush.com	www.visiontimes.com sdki.truepush.com
2	gum.criteo.com	intothebid.com
2	www.google.com.sg	www.visiontimes.com
2	connect.facebook.net	www.visiontimes.com connect.facebook.net
2	www.googletagmanager.com	www.visiontimes.com www.googletagmanager.com
1	02a14cbc2a5808a18f6a1abb9cc6ea50.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	id5-sync.com	intothebid.com cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	fonts.googleapis.com	client
1	www.facebook.com	www.visiontimes.com
1	static.criteo.net	rumcdn.geoedge.be
1	cdn.jsdelivr.net	rumcdn.geoedge.be
1	cdn.id5-sync.com	rumcdn.geoedge.be
1	googleads.g.doubleclick.net	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.cloudflare.com	intothebid.com
1	secure.gravatar.com	www.visiontimes.com
1	cdn.matomo.cloud	www.visiontimes.com
140	33

This site contains links to these domains. Also see Links.

Domain
www.secretchina.com
es.visiontimes.com
www.visiontimes.fr
visiontimesjp.com
visiontimes.us1.list-manage.com
e-paper.visiontimes.com
myaccount.visiontimes.com
twitter.com
www.facebook.com
pinterest.com
www.linkedin.com
ethan-gutmann.com
www.breitbart.com
www.pgurus.com
www.haaretz.com
onlinelibrary.wiley.com
www.congress.gov
www.visiontimes.it
www.visiontimesjp.com
www.youtube.com
t.me
safechat.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-14` - `2024-02-14`	a year	crt.sh
sdki.truepush.com Amazon RSA 2048 M01	`2023-07-26` - `2024-08-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
intothebid.com GTS CA 1P5	`2023-10-13` - `2024-01-11`	3 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M01	`2023-02-24` - `2023-12-25`	10 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-08-12` - `2024-09-09`	a year	crt.sh
www.cloudflare.com GTS CA 1P5	`2023-09-19` - `2023-12-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2023-11-01`	3 months	crt.sh
*.truepush.com R3	`2023-09-14` - `2023-12-13`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-09-24` - `2024-03-24`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Frame ID: CC9E8078D10CCECB7B0F5271F69995A6
Requests: 97 HTTP requests in this frame

Frame: https://02a14cbc2a5808a18f6a1abb9cc6ea50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 245C07C82A20E787CF93CA7B9B8D1820
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Frame ID: 0AE5A1C4B182A87FA20AC03F7ABCEECB
Requests: 9 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Frame ID: A93C90751EED1767FDB92ED66D69375A
Requests: 10 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Frame ID: 1C8B65BDE7696EA90BA706B7BB23B679
Requests: 10 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Frame ID: 2F778594DFCB878DB67770F6376A7F43
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2CA6882E1C7500A4ECB0884A0ED5C2A1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 14DB0B3DC7275480CAD3E1A5A2FABA32
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Chinese Regime Harvests Over 150,000 Organs From Jailed Prisoners Each Year: Expert - Vision Times

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

140
Requests

97 %
HTTPS

0 %
IPv6

23
Domains

33
Subdomains

31
IPs

6
Countries

3323 kB
Transfer

7347 kB
Size

18
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://www.secretchina.com/
Title: Chinese

Search URL Search Domain Scan URL

URL: https://es.visiontimes.com/
Title: Spanish

Search URL Search Domain Scan URL

URL: https://www.visiontimes.fr/
Title: French

Search URL Search Domain Scan URL

URL: https://visiontimesjp.com/
Title: Japanese

Search URL Search Domain Scan URL

URL: https://visiontimes.us1.list-manage.com/subscribe?u=7e5b1c29f989d8d053d774db4&id=3feabe35e7
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://e-paper.visiontimes.com/
Title: e-Paper

Search URL Search Domain Scan URL

URL: https://myaccount.visiontimes.com/subscribe/print.php
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://myaccount.visiontimes.com/accountprofile.php
Title: Account Settings

Search URL Search Domain Scan URL

URL: https://myaccount.visiontimes.com/newsletter.php?code=en
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://myaccount.visiontimes.com/subscribe.php?code=en
Title: Subscriptions

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Chinese%20Regime%20Harvests%20Over%20150%2C000%20Organs%20From%20Jailed%20Prisoners%20Each%20Year%3A%20Expert&url=https%3A%2F%2Fwww.visiontimes.com%2F2022%2F05%2F18%2Fchinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.visiontimes.com%2F2022%2F05%2F18%2Fchinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fwww.visiontimes.com%2F2022%2F05%2F18%2Fchinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html&media=https%3A%2F%2Fimg.visiontimes.com%2F2022%2F05%2FOrgan-Harvest-GettyImages-94918540.jpg&description=

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fwww.visiontimes.com%2F2022%2F05%2F18%2Fchinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=1&url=https%3A%2F%2Fwww.visiontimes.com%2F2022%2F05%2F18%2Fchinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html&title=Chinese%20Regime%20Harvests%20Over%20150%2C000%20Organs%20From%20Jailed%20Prisoners%20Each%20Year%3A%20Expert&source=https%3A%2F%2Fwww.visiontimes.com
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://ethan-gutmann.com/
Title: Ethan Gutmann

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/asia/2022/05/13/expert-china-is-harvesting-organs-from-up-to-50000-concentration-camp-victims-annually/
Title: Congressional hearing

Search URL Search Domain Scan URL

URL: https://www.pgurus.com/ex-ccp-surgeon-dr-enver-tohti-exposes-organ-harvesting-in-ccp-controlled-china/
Title: Enver Tohti

Search URL Search Domain Scan URL

URL: https://www.haaretz.com/israel-news/.premium.MAGAZINE-research-china-harvested-organs-from-living-people-doctors-helped-with-executions-1.10726687
Title: Haaretz

Search URL Search Domain Scan URL

URL: https://onlinelibrary.wiley.com/doi/10.1111/ajt.16969
Title: lengthy study

Search URL Search Domain Scan URL

URL: https://www.congress.gov/bill/117th-congress/house-bill/1592/text?r=2&s=1
Title: Stop Forced Organ Harvesting Act of 2021

Search URL Search Domain Scan URL

URL: https://www.visiontimes.it/
Title: Italian

Search URL Search Domain Scan URL

URL: https://www.visiontimesjp.com/
Title: Japanese

Search URL Search Domain Scan URL

URL: https://www.facebook.com/VisionTimesOfficial

Search URL Search Domain Scan URL

URL: https://twitter.com/vision_times

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/VisionTimesNews

Search URL Search Domain Scan URL

URL: https://t.me/visiontimes

Search URL Search Domain Scan URL

URL: https://safechat.com/channel/2788089756776450736

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/464712619/?random=1925542016&cv=11&fst=1698239072011&bg=ffffff&guid=ON&async=1&gtm=45He3an0v850631566&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes.com%2F2022%2F05%2F18%2Fchinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html&label=KWl_CLD7yuIDEKvny90B&hn=www.googleadservices.com&frm=0&tiba=Chinese%20Regime%20Harvests%20Over%20150%2C000%20Organs%20From%20Jailed%20Prisoners%20Each%20Year%3A%20Expert%20-%20Vision%20Times&value=0&auid=1924962688.1698239072&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=YBI5ZcSXFe3ImsMPsKOsuAk&sscte=1&crd=&eitems=ChEI8PniqQYQgr7knOiM7p2sARIdAEFUWwDFTb813AGrHcIVENAlSe87EWMpGR26nUc&pscrd=Ek9DaEVJOFBuaXFRWVE1TmY4aDRXTC1yeU1BUkltQUFGVk01WThhT1k1bnh3azlxTWJqX0xjOGltT0wxcUgyeWljaHQxS2pxLTNvRHVBTlFzGlhDaEFJOFBuaXFRWVEwcFA5bmFyNzdMTTZFaTRBS01ELTRVWUVITEZGZTFKUkI2WlNCcDBxQWROSDhnVUN1dks4bDNZa0VhOWZ6SERWMkptZkE5cTJiVE9NIhMIxMeaxaGRggMVbaRmAh2wEQuX HTTP 302
https://www.google.com/pagead/1p-conversion/464712619/?random=1925542016&cv=11&fst=1698239072011&bg=ffffff&guid=ON&async=1&gtm=45He3an0v850631566&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes.com%2F2022%2F05%2F18%2Fchinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html&label=KWl_CLD7yuIDEKvny90B&hn=www.googleadservices.com&frm=0&tiba=Chinese%20Regime%20Harvests%20Over%20150%2C000%20Organs%20From%20Jailed%20Prisoners%20Each%20Year%3A%20Expert%20-%20Vision%20Times&value=0&auid=1924962688.1698239072&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOFBuaXFRWVE1TmY4aDRXTC1yeU1BUkltQUFGVk01WThhT1k1bnh3azlxTWJqX0xjOGltT0wxcUgyeWljaHQxS2pxLTNvRHVBTlFzGlhDaEFJOFBuaXFRWVEwcFA5bmFyNzdMTTZFaTRBS01ELTRVWUVITEZGZTFKUkI2WlNCcDBxQWROSDhnVUN1dks4bDNZa0VhOWZ6SERWMkptZkE5cTJiVE9NIhMIxMeaxaGRggMVbaRmAh2wEQuX&is_vtc=1&ocp_id=YBI5ZcSXFe3ImsMPsKOsuAk&eitems=ChEI8PniqQYQgr7knOiM7p2sARIdAEFUWwBDPRf95u5ICryK7m24orh-yGI0EE6oA9s&random=1090142175 HTTP 302
https://www.google.com.sg/pagead/1p-conversion/464712619/?random=1925542016&cv=11&fst=1698239072011&bg=ffffff&guid=ON&async=1&gtm=45He3an0v850631566&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes.com%2F2022%2F05%2F18%2Fchinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html&label=KWl_CLD7yuIDEKvny90B&hn=www.googleadservices.com&frm=0&tiba=Chinese%20Regime%20Harvests%20Over%20150%2C000%20Organs%20From%20Jailed%20Prisoners%20Each%20Year%3A%20Expert%20-%20Vision%20Times&value=0&auid=1924962688.1698239072&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOFBuaXFRWVE1TmY4aDRXTC1yeU1BUkltQUFGVk01WThhT1k1bnh3azlxTWJqX0xjOGltT0wxcUgyeWljaHQxS2pxLTNvRHVBTlFzGlhDaEFJOFBuaXFRWVEwcFA5bmFyNzdMTTZFaTRBS01ELTRVWUVITEZGZTFKUkI2WlNCcDBxQWROSDhnVUN1dks4bDNZa0VhOWZ6SERWMkptZkE5cTJiVE9NIhMIxMeaxaGRggMVbaRmAh2wEQuX&is_vtc=1&ocp_id=YBI5ZcSXFe3ImsMPsKOsuAk&eitems=ChEI8PniqQYQgr7knOiM7p2sARIdAEFUWwBDPRf95u5ICryK7m24orh-yGI0EE6oA9s&random=1090142175&ipr=y

Request Chain 87

https://id5-sync.com/i/1009/8.gif?id5id=ID5*dFo9DQ7gY0T9BezlBaSFycQum9a8znKJf4sgvTsKXYNpz2YjWcgF3uIL-6h5JOvJadBTBk3_MPS21AHSWNjq3w&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=3bcc543b-5650-4377-9a60-4fed3384e04a&ttl=%%TTL%% HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/1009/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F1009%2F2%2F6%2F3.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/1009/2/6/3.gif?puid=3037169158889736907&gdpr=0&gdpr_consent= HTTP 302
https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F1009%2F821%2F5%2F4.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 307
https://id5-sync.com/c/1009/821/5/4.gif?puid=e8e65369-184f-4fce-a2ae-802319e9077d&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/1009/19/4/5.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/1009/19/4/5.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/1009/19/4/5.gif?puid=5198f556c72263663eac864902fe067b&gdpr=0&gdpr_consent=

140 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html Show response
www.visiontimes.com/2022/05/18/ 81 KB
15 KB 2789ms
2219ms Document
text/html 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bcd846b1730fa4ea82cb12544b3b239de2f8148b1ea02f06a9a2259d9a4cf64

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cf-apo-via: origin,no-cache
cf-cache-status: BYPASS
cf-edge-cache: cache,platform=wordpress
cf-ray: 81baaa606a0044a1-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 25 Oct 2023 13:04:30 GMT
link: <https://www.visiontimes.com/wp-json/>; rel="https://api.w.org/", <https://www.visiontimes.com/wp-json/wp/v2/posts/446111>; rel="alternate"; type="application/json", <https://www.visiontimes.com/?p=446111>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0RSLVS7%2Bljeg%2F4SR%2FTRB6c9qp0YbE%2FEWTk2eZNTbRi%2BOGaEw2pYe5hPT%2Bcmhj74nWJvOG7AJSv6pJJTtEIv1rBjNIFKgBY%2Bei2JJG1%2FkIRC30xilexfs0CM5PNa8io5dO2QZmA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache-status: STALE
x-device: desktop
x-elasticpress-query: true

GET
H2 200 autoptimize_037a2a3f336549e931f099e550ff88a8.css
www.visiontimes.com/wp-content/cache/autoptimize/css/ 322 KB
52 KB 121ms
120ms Stylesheet
text/css 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6056c1158aba2cc14ed73368b0580ca66a1605b2109b0ec682821786ab4c68df

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2167
x-cache-status: STALE
x-device: desktop
cf-bgj: minify
last-modified: Wed, 30 Aug 2023 14:56:14 GMT
server: cloudflare
etag: W/"64ef588e-506f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrGSTHLRzxivQ9fofCowcalen%2BHnKHauFK8CJealDHMAEe%2BvUWuaIhon3SrDr5pr1iRm5HvsZd7jHak9hUT5QA0CBKSHzDm4JN0dBKlIU5vaBkKDnpDBVqrAeI6pEjfYzUvNQJA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-ray: 81baaa6e49fc44a1-SIN
expires: Sat, 04 Nov 2023 12:25:53 GMT

GET
H2 200 app.js Show response
sdki.truepush.com/sdk/v2.0.4/ 1 KB
946 B 674ms
95ms Script
application/javascript 52.84.251.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdki.truepush.com/sdk/v2.0.4/app.js
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-64.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f14339d5f27bb4b1dfa21bcb66ee9b88cd8fae644c105c2d575f2e992e4877e2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 13:04:26 GMT
content-encoding: gzip
via: 1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jul 2022 04:37:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 2246406
etag: "e845fbcf21da794b6108ce90f9f43a77"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 581
x-amz-cf-id: WfiVIho6HSusvUUr30Sm--tdtld_GuHa7Ilro_X97cBlS_yqvU9_oA==

GET
H2 200 menu-mobile-926eb40a4c.svg
www.visiontimes.com/wp-content/themes/vt/dist/assets/images/ 1 KB
847 B 150ms
148ms Image
image/svg+xml 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.visiontimes.com/wp-content/themes/vt/dist/assets/images/menu-mobile-926eb40a4c.svg
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b92670afda59fa4ccc4a37cf5709f8452696eab3a58f2fc3e17a109e37c2d78

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2167
x-cache-status: STALE
x-device: desktop
last-modified: Wed, 30 Aug 2023 14:52:29 GMT
server: cloudflare
etag: W/"64ef57ad-4ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1fycLrQ3VPNMG%2BRiE8q1%2FK1xlcFY%2FuiFcwk%2BGiosHnzKvZ6dCiv7Kq9ADo0yvIHtGrwiCAZc5DDShonxB%2FXPNJ19mHNrvWtE8z%2Ba6x6mDOPbtu1pb4EhIKstuw0UVetJNNu1UM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 81baaa6e6a3f44a1-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vision-times-logo-fc9b3d60e2.svg
www.visiontimes.com/wp-content/themes/vt/dist/assets/images/ 12 KB
4 KB 150ms
149ms Image
image/svg+xml 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.visiontimes.com/wp-content/themes/vt/dist/assets/images/vision-times-logo-fc9b3d60e2.svg
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08ca7520df21a77ad6adfc790f9c1b6d76d91b7133040edf4c2769e2815dda10

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2162
x-cache-status: STALE
x-device: desktop
last-modified: Wed, 30 Aug 2023 14:52:29 GMT
server: cloudflare
etag: W/"64ef57ad-2e4b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95ARedLb9J5oKhTRXl6oN98T2aOFaIRUd5BxLmIQV8G8aVadPdQhqWCHq%2FCnqzUItzLGLkiJIZqkrkLiDMRMYaXLBTdBFgmhbsY65kA7ZSmDnAAn9Yn9oWyh7KTlTPMQecCqmjc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 81baaa6e6a4244a1-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vision-times-sm-logo-66a6be678b.svg
www.visiontimes.com/wp-content/themes/vt/dist/assets/images/ 11 KB
4 KB 105ms
105ms Image
image/svg+xml 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.visiontimes.com/wp-content/themes/vt/dist/assets/images/vision-times-sm-logo-66a6be678b.svg
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d034eebaa59c0d499dcbe8cbe0fba6d96b0d9abf6b0ab07942496965db4392d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2163
x-cache-status: STALE
x-device: desktop
last-modified: Wed, 30 Aug 2023 14:52:29 GMT
server: cloudflare
etag: W/"64ef57ad-2abb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R00F9E3RcsEsCVTcwZp5RVCT6iNURdCi4zpyqERxuoi8dwRjE8Ch9f%2B9sZ8XuiE11oIlW4bOKzAl%2F9b32lY7wjZvdyQ2LDU1hkxRxtO9YkbeMe5dNirhvjzrKQ26ezX5kbEaNiw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 81baaa6f6b9644a1-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 spinning-circles-0f629ba4d0.svg
www.visiontimes.com/wp-content/themes/vt/dist/assets/icons/ 2 KB
760 B 1810ms
1808ms Image
image/svg+xml 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.visiontimes.com/wp-content/themes/vt/dist/assets/icons/spinning-circles-0f629ba4d0.svg
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc72be1f398c3936fcee07760d5d76019228b5aeeaf74786e81aae8c899d915a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:32 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 30 Aug 2023 14:52:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ef57ad-891"
x-cache-status: STALE
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8%2F4K7BnzdLeQVaJY8tW%2FKPxU7DqKrE%2FAbVGvf6Rp%2FMWTm40GplgWjGpBba7VkyTksY9mMeOfehezd2N80KS8V%2FED9y73CPBu2%2FsVXxCR9TjABgGFIUV3qHnt4n%2FembKVVgf1Qk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 81baaa6f8bcf44a1-SIN
x-device: desktop
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 email-decode.min.js Show response
www.visiontimes.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 132ms
132ms Script
application/javascript 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.visiontimes.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Oct 2023 18:17:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6532c42f-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQTZT74p43de5%2BQJIWZ8Vk9ENLV1I5kqqQjdmFG%2FMEYxfn%2F5OzsVKe9Gue4UM1uS6uZwjbg9o4oBoPVvWvWyR4191ossgelPrYlgnGrhxTm9lw3K3yZrCUxxjwzY3t5UW15uZoI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 81baaa6f8bcc44a1-SIN
expires: Fri, 27 Oct 2023 13:04:30 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 709ms
110ms Script
text/javascript 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

8839c21250f05ecfa44db3c88b553c8ac6bf1f4690378b109eb65f3b063e19b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29257
x-xss-protection: 0
server: cafe
etag: 599 / 19655 / m202310190101 / config-hash: 8671707731930110642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 13:04:31 GMT

GET
H2 200 prebid.vt_en.js Show response
intothebid.com/wrapper/vt/ 226 KB
71 KB 1123ms
522ms Script
application/x-javascript 172.67.72.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intothebid.com/wrapper/vt/prebid.vt_en.js

Requested by

Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.219 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f52cf597bb33d0c695497d6b3beb0e1e52b2e82675ebc7f6ed59145106a91b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:31 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=232164
alt-svc: h3=":443"; ma=86400
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 19:38:19 GMT
server: cloudflare
etag: W/"38ae4-64a5c6ab-0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4BsS0jqLnNKR%2BoHpRpxsGEGSKd5CNGRFtlUhwtZBMxnKESHEHhMsR5TvaYWV%2BILleuNIz0jcimj2fSM1HHGTuaYySNgkAXAtSjShLJ7MCTsdOvYBVu2uWByt7Lkg6Nu"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=3600
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 81baaa734c9091b1-SIN
expires: Thu, 24 Oct 2024 12:37:27 GMT

GET
H2 200 hp_vt_en.js Show response
intothebid.com/wrapper/vt/ 0
623 B 999ms
399ms Script
application/x-javascript 172.67.72.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intothebid.com/wrapper/vt/hp_vt_en.js

Requested by

Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.219 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:31 GMT
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Tue, 08 Feb 2022 18:28:05 GMT
server: cloudflare
etag: "0-6202b635-0;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vV7xliYTf3oRpFwfy1Rkj5Vfx9ZjiwOjMiFbJ6jUh8a6v52mQDaGTX%2FGZvlwo6e7513FDG9%2FpNhMXnNWnhSmXQDIzeYiRt4YDURVmWPz0CPOHVsCbN7ydjZJ%2BSsMsYW5"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=3600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 81baaa734c9591b1-SIN
expires: Thu, 24 Oct 2024 12:54:23 GMT

GET
H2 200 hb_vt_en.js Show response
intothebid.com/wrapper/vt/ 243 KB
70 KB 1006ms
406ms Script
application/x-javascript 172.67.72.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intothebid.com/wrapper/vt/hb_vt_en.js

Requested by

Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.219 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a183be88772a486884e3c720c0996861e349e957e14f396708cc5d43e8d5a923

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:31 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 19:46:25 GMT
server: cloudflare
etag: W/"3ca4e-64a5c891-0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZL9Pkxz1XVm%2BzXoTNgMUsvQYX6sOoGnXGgPaQ7V8dlYoPBPhqAYn6BFmnnzHh%2FAukFoFMtYn6NM6Qhv7PxgETARej79X6ty1VbOU64kqFaKfE3mMwM7jkBILX1dFnyZ"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=3600
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 81baaa734c9691b1-SIN
expires: Thu, 24 Oct 2024 12:41:30 GMT

GET
H2 200 autoptimize_eadc4a144fea6318dc3d637b34d8b20d.js Show response
www.visiontimes.com/wp-content/cache/autoptimize/js/ 1 MB
234 KB 134ms
133ms Script
application/javascript 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visiontimes.com/wp-content/cache/autoptimize/js/autoptimize_eadc4a144fea6318dc3d637b34d8b20d.js
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0fab35005a7ccf2c705c2c1b147012083d48cff048c5e66c0862d600380e574

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2163
cf-polished: origSize=1196637
x-cache-status: STALE
x-device: desktop
cf-bgj: minify
last-modified: Wed, 30 Aug 2023 14:56:14 GMT
server: cloudflare
etag: W/"64ef588e-12425d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rC%2FnRwv109kpHCv32U%2B%2BMUFMgvz9TxUvAAanalIub8VggX%2FA3x2lExu%2ByRVV6kP922A1zOs2lNB%2F2nbyMxlH57P82924%2FTxAK2N%2FGLTEHp36PCF%2Fu2P7lIsDJscooeh0BBr1gE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=864000
cf-ray: 81baaa6f8bd044a1-SIN
expires: Sat, 04 Nov 2023 12:25:55 GMT

GET
H2 403 matomo.js
cdn.matomo.cloud/kreativreason.matomo.cloud/ 0
0 1440ms
840ms Script
application/xml 13.33.88.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/kreativreason.matomo.cloud/matomo.js
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-117.sin2.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 200 three-dots-03739ca6ce.svg
www.visiontimes.com/wp-content/themes/vt/dist/assets/icons/ 1 KB
746 B 2721ms
2720ms Image
image/svg+xml 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.visiontimes.com/wp-content/themes/vt/dist/assets/icons/three-dots-03739ca6ce.svg
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 543c813be0525f2c048c1c3976f9a8291df8adec2b57e6d0e6891c2670909ea1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 30 Aug 2023 14:52:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ef57ad-4dc"
x-cache-status: STALE
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyrNM6XJA5l1gbEZ95o15uwgAZsspx4vxGkG86vpCXgUlRLQoOpGgAaG%2FSGVDLcNeh3iD%2B%2BPI5zyh9%2BFJDGdXTPQQUh5%2FsBbMJ%2FqkQ%2BfPa6UrrbzfHG5ABbGglqD%2FnjU60%2FtscY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 81baaa6fabf044a1-SIN
x-device: desktop
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 red-bg-long-f63d9b889b.png
www.visiontimes.com/wp-content/themes/vt/dist/Components/GridNewsFour/Assets/ 6 KB
6 KB 5147ms
5146ms Image
image/png 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.visiontimes.com/wp-content/themes/vt/dist/Components/GridNewsFour/Assets/red-bg-long-f63d9b889b.png
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abefa59fd4da2a604317561896c55aaec82198cbbc69d6a218a5bd5451ef9c5d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:35 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
content-length: 6116
x-device: desktop
last-modified: Wed, 30 Aug 2023 14:52:29 GMT
server: cloudflare
etag: "64ef57ad-17e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQBxJ%2BFFyjSe6gJ4NGIrgBMgSrdPo048cSf%2BZTLxLaASdicWCEPsYzPAF14lkiLkSbA6V3QkT%2FFrGE7Mv17I%2BUCKVE7WhdBlxkCPXB05ImRPFAM%2B89WpkkieaoKt7H6bAEOuJEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81baaa6fabf344a1-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 red-bg-pix-7d7408dba4.png
www.visiontimes.com/wp-content/themes/vt/dist/assets/images/ 110 B
577 B 382ms
382ms Image
image/webp 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.visiontimes.com/wp-content/themes/vt/dist/assets/images/red-bg-pix-7d7408dba4.png
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a75c6f77d0be8906f6b1845fd5a8bd7611e3f25533c61ff054a35c4a1758e6d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:30 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=510
x-cache-status: STALE
content-disposition: inline; filename="red-bg-pix-7d7408dba4.webp"
content-length: 110
x-device: desktop
cf-bgj: imgq:100,h2pri
last-modified: Wed, 30 Aug 2023 14:52:29 GMT
server: cloudflare
etag: "64ef57ad-1fe"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIkccjjhy3BvlMm2to2NlOFCs6Jx50VW2Xb68QF%2FZ1UUTJbvRd%2Fw13WyEzENKHWNNczZUfiOkbaW%2BMpvWLPVNAuYIni%2FD9to5FrKag1W3iiiKq3W%2BlPHjnNSPkraR8mJQ8I91oU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81baaa6fabf544a1-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 load-more-bg-33d8317938.png
www.visiontimes.com/wp-content/themes/vt/dist/Components/ListMostRead/Assets/ 7 KB
7 KB 1941ms
1941ms Image
image/png 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.visiontimes.com/wp-content/themes/vt/dist/Components/ListMostRead/Assets/load-more-bg-33d8317938.png
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 857c25b7523733b88952a25344cd212bcc6fd526837e7e35b227ee661b8f6dac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
content-length: 6677
x-device: desktop
last-modified: Wed, 30 Aug 2023 14:52:29 GMT
server: cloudflare
etag: "64ef57ad-1a15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ja3zkxYfeZAE30Btk%2FytrzBNCgNcHwxpXlfKhVPvV3p45O2UEb1hHVVFqhPHYoPwtja5iCHIcMD%2Bh6XtciB8CsJHk0eZlaJ6OfhxIde%2F3KWhqYxc6dJCDTEeepYaxuaXkPkjXTU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81baaa6fabf744a1-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 924b00ecb2d3b22c84dfd3e73f23d8ccabba0f1810b9bc1828a0b5aa4c9e0310

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Calisto-MT-583e9c844f.ttf
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/ 71 KB
72 KB 196ms
193ms Font
application/octet-stream 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/Calisto-MT-583e9c844f.ttf
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcfb32778237c4943934f45b8373ddc2dac1ff2bce0758f1206919d6b771935c

Request headers

Referer: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Origin: https://www.visiontimes.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2163
x-cache-status: HIT
content-length: 73048
x-device: desktop
last-modified: Wed, 30 Aug 2023 14:52:29 GMT
server: cloudflare
etag: "64ef57ad-11d58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1QDgPKxAhzvjU0wdOuVMVpAX2SdnE8RvLDwf%2BaEqJG4fL5DDsIQyErTlbyPiIXbzCjoiJHrJr1vAd9ocE3RNFOAYXsubNu8vyU%2Beu4wEhc%2BY9Y40coWkoQCtja5x3gqyWqmcsk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81baaa6fcc1244a1-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 OpenSans-Bold-5bc6b83602.ttf
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/ 127 KB
127 KB 221ms
219ms Font
application/octet-stream 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/OpenSans-Bold-5bc6b83602.ttf
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8229f8206a0b49a2dc74820a78380eaf807c3d0f2066a53562d2b650aa21139

Request headers

Referer: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Origin: https://www.visiontimes.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2163
x-cache-status: STALE
content-length: 129784
x-device: desktop
last-modified: Wed, 30 Aug 2023 14:52:29 GMT
server: cloudflare
etag: "64ef57ad-1faf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2F2CLI9amI1jny0RKb%2BH8lPHTbtp0nu1sY50r32T9UNH9MNsKz2ERCcKdl6WI41se36BwXk5Y9c2gEVlr6n%2BxKS3K7TRCtCFJ81dhgIm6fCKMdZ%2FBGYBOr5wBeoX7jyluY%2BKook%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81baaa6fcc1444a1-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-solid-900.woff2
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/webfonts/ 76 KB
77 KB 222ms
219ms Font
application/octet-stream 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/webfonts/fa-solid-900.woff2
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Origin: https://www.visiontimes.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2164
x-cache-status: STALE
content-length: 78196
x-device: desktop
last-modified: Fri, 11 Mar 2022 18:40:17 GMT
server: cloudflare
etag: "622b9791-13174"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qkhBG0brS0j%2FFP28axfKmiS%2Fu7PGziVaRyR60%2F%2BIuQwy%2FpXcjQaazTcmIbj3fs4rOeiswdIHerV3vTUe3Kojr0LXqQysW9MnmmSb9aHHipuVXbrpNvA%2BRWl%2BioTYqQ48MV2xrs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 81baaa6fcc1744a1-SIN
expires: Fri, 24 Nov 2023 12:25:55 GMT

GET
H2 200 OpenSans_SemiCondensed-Bold-f0d9656ed3.ttf
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/ 127 KB
128 KB 206ms
204ms Font
application/octet-stream 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/OpenSans_SemiCondensed-Bold-f0d9656ed3.ttf
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa6978820330032ed14523dbcc082cbb7c621e7061ed75192981cc22324292a2

Request headers

Referer: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Origin: https://www.visiontimes.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2163
x-cache-status: HIT
content-length: 130080
x-device: desktop
last-modified: Wed, 30 Aug 2023 14:52:29 GMT
server: cloudflare
etag: "64ef57ad-1fc20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4DPz15xybsH6MQsIksZIwbUhHtecQshHK3sod6dFEWqYnjvVrhMcYD0BO8wzl9nbA8DsAHj%2FE9BOraVd7a6FZ3DUa9WX8DRTxhL%2F3uCFbri6BDY9oxI%2Fpzr6rE6fwci5Aqo2sk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81baaa6fcc1844a1-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-brands-400.woff2
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/webfonts/ 75 KB
75 KB 221ms
220ms Font
application/octet-stream 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/webfonts/fa-brands-400.woff2
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Origin: https://www.visiontimes.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2163
x-cache-status: STALE
content-length: 76764
x-device: desktop
last-modified: Fri, 11 Mar 2022 18:40:17 GMT
server: cloudflare
etag: "622b9791-12bdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QNW9gMsdPVuSaL6kbLJadFj0Bxi4JX44o28Tpc9scIaAbNzmG2IxNjxfJcqzfEiZL5tG5RE5LzDr6AWb23Y9SoUdYHQyqrPwrR8HR9we%2BIEsTSTPUIGT8MVWhR6oM%2FTLb5e9DA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 81baaa6fcc1a44a1-SIN
expires: Fri, 24 Nov 2023 12:25:55 GMT

GET
H2 200 fa-regular-400.woff2
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/webfonts/ 13 KB
13 KB 1846ms
1845ms Font
application/octet-stream 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/webfonts/fa-regular-400.woff2
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Request headers

Referer: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Origin: https://www.visiontimes.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:32 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: HIT
content-length: 13276
x-device: desktop
last-modified: Fri, 11 Mar 2022 18:40:17 GMT
server: cloudflare
etag: "622b9791-33dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MXOPCXdfHA3TomkCuLgWIwnSJ8%2BgLWVxNAXdlxZp1DT5B1eJZoUp3JMQPbG1JEMjiN%2FVDhc1AO%2FC01D1%2BbG7decMd6OEF0rIk%2B3C%2BQfyBpgbfVnZS9VXIs0PnTvM30QOnnL3Gg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 81baaa6fcc1d44a1-SIN
expires: Fri, 24 Nov 2023 13:03:40 GMT

GET
H2 200 OpenSans-Medium-0cbcac22e7.ttf
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/ 127 KB
127 KB 221ms
220ms Font
application/octet-stream 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/OpenSans-Medium-0cbcac22e7.ttf
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ed28e4bb6c0fa26885f2d3e9d27e18049defe9594cf54a62acfe730b5f67397

Request headers

Referer: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_037a2a3f336549e931f099e550ff88a8.css
Origin: https://www.visiontimes.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2163
x-cache-status: STALE
content-length: 129948
x-device: desktop
last-modified: Wed, 30 Aug 2023 14:52:29 GMT
server: cloudflare
etag: "64ef57ad-1fb9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pN3AmP94lBi4NeAHrJbQOEX87IGAXC3WRkk9nG8O%2F2bFGP%2FONCVImet3xKzhZcMhDhRHvukSbm4CLG2LYTULEy1ik3rdp7ZlUQME7IP1kOwsGwE6Ze4b6dmDU7kMKSNB3hNifQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 81baaa6fcc1e44a1-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a2fa1f0c9aa46eb5cc5ef94986739440
secure.gravatar.com/avatar/ 1 KB
2 KB 682ms
91ms Image
image/jpeg 192.0.73.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/a2fa1f0c9aa46eb5cc5ef94986739440?s=30&r=g
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9338a851ce40548846c98e951ba26e4c3b3619e32dd4a0296eb0efae9cf06851

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Wed, 25 Oct 2023 13:04:31 GMT
last-modified: Fri, 11 Jul 2014 04:48:02 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="a2fa1f0c9aa46eb5cc5ef94986739440.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/a2fa1f0c9aa46eb5cc5ef94986739440?s=30&r=g>; rel="canonical"
content-length: 1272
expires: Wed, 25 Oct 2023 13:09:31 GMT

GET
H2 200 Organ-Harvest-GettyImages-94918540.jpg
img.visiontimes.com/2022/05/ 133 KB
134 KB 2681ms
2676ms Image
image/jpeg 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.visiontimes.com/2022/05/Organ-Harvest-GettyImages-94918540.jpg
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7460bd9faa16196fcd3cef31df52056d3f856c1c3d26645c70bc152d520ca0e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:33 GMT
cf-cache-status: MISS
last-modified: Wed, 18 May 2022 20:53:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62855ce0-21439"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8pt1rRlRA2FklgFEYrebMIQYFxVkXXhprIOKPXQxoM%2FEGYc6%2FoZL7vl2aYHtpBNDAYi9%2BPDcoZL684VtO48S%2BZ%2BQLTduXZoqA3oKuUtDv4OraUgtUWz6eJYgYGJ1slqg21tsgM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 81baaa701cab44a1-SIN
content-length: 136249
expires: Wed, 08 Nov 2023 13:04:32 GMT

GET
H2 200 GettyImages-1503892859-485x360.jpg
img.visiontimes.com/2023/10/ 18 KB
19 KB 1428ms
1425ms Image
image/jpeg 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.visiontimes.com/2023/10/GettyImages-1503892859-485x360.jpg
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 749800653c805756388ad8d27be9aec1bdc9752525767da57979e97234e2d55f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:32 GMT
cf-cache-status: MISS
last-modified: Fri, 06 Oct 2023 15:41:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65202abe-496a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BKXNHCkO7%2BRvTT9AfxmZcebAHMZlwSnvjkxcCBshDO5bObanmvf9qSbkkwAyaHlbdjQpJ8%2F4gZLWYJghtPQwdC6hTHkxjvZZWkLTbPC6ee8ek%2FNn45NQc6v%2BwH1hIwedYOK60U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 81baaa701cac44a1-SIN
content-length: 18794
expires: Wed, 08 Nov 2023 13:04:31 GMT

GET
H2 200 Chinese-Communist-Party-Fake-Tourist-Spy-UK-Parliament-Hong-Kong-Activists-485x360.jpg
img.visiontimes.com/2023/07/ 43 KB
44 KB 209ms
207ms Image
image/jpeg 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.visiontimes.com/2023/07/Chinese-Communist-Party-Fake-Tourist-Spy-UK-Parliament-Hong-Kong-Activists-485x360.jpg
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd2d2ecb9a7bfb8503737d8e9e65cd3f7123ef8037cda64a9616d7ed43599add

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33726
cf-polished: origSize=47147
content-length: 44059
cf-bgj: imgq:100,h2pri
last-modified: Fri, 14 Jul 2023 07:45:35 GMT
server: cloudflare
etag: "64b0fd1f-b82b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3YIe3WW1Rxh%2B%2F4DDwZmt479m01FBCxXh6T0kForb%2BmjrmEy8FvHpBEeNai6dun9iZkIBx5HaS1S6wwNARC5j3mkJRgMTRAAvJx8zZRM9YSABkrj3oDhkCOxwE8%2BaAYNxHfwci8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 81baaa701ca644a1-SIN
expires: Wed, 08 Nov 2023 03:42:24 GMT

GET
H2 200 Zhang-485x341.jpg
img.visiontimes.com/2023/10/ 36 KB
36 KB 102ms
102ms Image
image/jpeg 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.visiontimes.com/2023/10/Zhang-485x341.jpg
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76b9fab52e90e596cfee777b12037337ab1a85dacc8c13b40d1be6c5f705a9f9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 75890
cf-polished: origSize=38430
content-length: 36639
cf-bgj: imgq:100,h2pri
last-modified: Fri, 13 Oct 2023 16:55:12 GMT
server: cloudflare
etag: "65297670-961e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67mVBGw8zSItwtRIUPn7DoVR%2BHyDi%2FAVqqnxWbUmFJfQ%2BAWeRqXenQvFG%2FmjSP2cuVXugCjlDO5toLHnlRf4iHxvqd%2F6O42zqq%2BHLuojlSDJKQ2tYpHKRxkP534C3KgDsZgkRdU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 81baaa713e6844a1-SIN
expires: Tue, 07 Nov 2023 15:59:39 GMT

GET
H2 200 Nhan-Huynh-Campaign-Run-Virignia-House-of-Delegates-485x360.jpeg
img.visiontimes.com/2023/10/ 43 KB
43 KB 3168ms
3168ms Image
image/jpeg 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.visiontimes.com/2023/10/Nhan-Huynh-Campaign-Run-Virignia-House-of-Delegates-485x360.jpeg
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597f807c8a4dfde7eb8ab1a393c2d946fb52fbd83d9f34135ee110d60796a768

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:34 GMT
cf-cache-status: MISS
last-modified: Wed, 11 Oct 2023 22:50:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652726c8-ab45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzU48Cu64VQn0K66nPMr0qRXebnYSd94X564%2FChO3ndTnb0b%2BzMd3iaSXNM%2BX3%2BbdjVNM8cUEloUYuUxu%2F301DqIoblLbodKkHmbEv8Dmb50c%2F4y2e1zTl35U9N7THXfQMySbow%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 81baaa71ff5c44a1-SIN
content-length: 43845
expires: Wed, 08 Nov 2023 13:04:32 GMT

GET
H2 200 Otisville-Fall-Fun-Festival-Dragon-Dancing-485x360.jpeg
img.visiontimes.com/2023/10/ 42 KB
43 KB 2537ms
2537ms Image
image/jpeg 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.visiontimes.com/2023/10/Otisville-Fall-Fun-Festival-Dragon-Dancing-485x360.jpeg
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d096c122dca23f0882dbed2412e8fdee45c7e171600515170c9825b13431c445

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:33 GMT
cf-cache-status: MISS
last-modified: Tue, 10 Oct 2023 22:40:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6525d2c0-a89d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkLqc8Yo2liKFGGyiOR2MiVnNW8atKE9dd8z70fo67kJ9EGVM94Rk7eKssst8giGy5A0wuHbpcvHM4%2B8IhMYSUX9C9XvjPzKeozqfbCtTQIyLgo2WBJioRRZK9JJ7dofxWfFW1M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 81baaa71ff6044a1-SIN
content-length: 43165
expires: Wed, 08 Nov 2023 13:04:32 GMT

GET
H2 200 2023July4_PatHerrity_1-485x360.jpg
img.visiontimes.com/2023/09/ 57 KB
57 KB 2552ms
2552ms Image
image/jpeg 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.visiontimes.com/2023/09/2023July4_PatHerrity_1-485x360.jpg
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a00df51954f5df5bc54685cb1fb85b2ee0826edb562df145eb196c690733824

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:33 GMT
cf-cache-status: MISS
last-modified: Tue, 26 Sep 2023 00:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65122794-e2a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcZfIdzO%2Fg87dJpEuhhqeILvyzdrRVkVmNkV671kzZ8QIaabY59Yg%2FzPMxu%2BbFUT6gjKZp7LX86O5ww%2F07JMTm3k6%2B1Z7CF3NfKf1DSojlSQzFOaub%2BrbECOmLA2nFUCw%2BhNJ4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 81baaa71ff6344a1-SIN
content-length: 58020
expires: Wed, 08 Nov 2023 13:04:32 GMT

GET
H2 200 Liz-and-husband-485x360.jpg
img.visiontimes.com/2023/09/ 41 KB
41 KB 127ms
127ms Image
image/jpeg 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.visiontimes.com/2023/09/Liz-and-husband-485x360.jpg
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d788adb14202ffaf084341c3a408c4b1cd0ba7ae90e6a2818f20608bbf3e8a2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 446330
cf-polished: origSize=44249
content-length: 41629
cf-bgj: imgq:100,h2pri
last-modified: Wed, 27 Sep 2023 22:18:26 GMT
server: cloudflare
etag: "6514aa32-acd9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nw8jZcUpbVUpjEGNGdZ6DSTt8ptFcfp9YXe1%2FLT4t8RaebB%2BSL09atzJFIpnBb7Vl9eV6gk6VsD5O25ZxTi%2FMBENC%2FGOqWqKFtTM6ZGB5DdZFqoyQ%2FppIGU9tG98w96Sq%2BaRbBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 81baaa71ff6644a1-SIN
expires: Fri, 03 Nov 2023 09:05:41 GMT

GET
H2 200 signal-2023-10-02-162011_002-485x360.jpeg
img.visiontimes.com/2023/10/ 64 KB
65 KB 1973ms
1973ms Image
image/jpeg 104.26.2.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.visiontimes.com/2023/10/signal-2023-10-02-162011_002-485x360.jpeg
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7521a82bfe702f747876c9aca6df4a9d7b79d13a4f276f32da53632bd9293fa

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:33 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Oct 2023 16:48:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "651c45dc-1019a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIEivVLWXhucbdovq7dJohSnT6WeK0LZJWDaMn7x61A01tQRryVyIN3zftvMM%2FpBrtfReEhaS4fEG9gowkcqyVDCzhTK4FWwuidrdBl7tKlXAINj93vNNxYYqt6rt0uMh2unrPw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 81baaa72e86544a1-SIN
content-length: 65946
expires: Wed, 08 Nov 2023 13:04:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 216 KB
78 KB 729ms
150ms Script
application/javascript 74.125.200.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W8PQVQT

Requested by

Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4fa4b198cfb6d05ba423ca91dbcccf63b1661005d555d19a671cff5934b2916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78965
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 Oct 2023 13:04:31 GMT

GET
H2 200 version.json Show response
sdki.truepush.com/sdk/ 176 B
568 B 669ms
93ms XHR
application/json 52.84.251.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdki.truepush.com/sdk/version.json
Requested by: Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.4/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-64.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ecf24b7db78a8e99bb3c0581cc859f5edc4ef62e682d91e963ff3e9f8763c62

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 06:54:45 GMT
via: 1.1 34a84b82ff144b427f99aaae61510d20.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jul 2022 05:36:06 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 1836587
etag: "327739750637fd5a1dd49dd855637862"
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=300
accept-ranges: bytes
content-length: 176
x-amz-cf-id: nKe97zyOotoyRwlmpujZ4SrqaBlN6F__LjHds1mZaXa_W5JIJ_Ie9A==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/ 422 KB
132 KB 94ms
93ms Script
text/javascript 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:59:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 327
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135316
x-xss-protection: 0
server: cafe
etag: 9779678222609117831
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 24 Oct 2024 12:59:04 GMT

GET
H2 200 22652677200 Show response
fundingchoicesmessages.google.com/i/ 158 KB
52 KB 971ms
146ms Script
application/javascript 64.233.170.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22652677200?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f138.1e100.net

Software

ESF /

Resource Hash

0ab1f01bfcec1006fd8ca557b761f7037bc4b71d8354e9de99e2faab01d227f3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0HDcvywufJbODhFpMWGWuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0HDcvywufJbODhFpMWGWuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/ 15 KB
6 KB 710ms
114ms Script
application/javascript 13.227.254.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/hb_vt_en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-80.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccf7b12ecc8e9e8ffdde253ba24560e0b8742463ad4868c7659fc90968ffcb3a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:30:01 GMT
x-amz-version-id: pGAIKWaXLf_B5x9OZKgI7Cq1c7r7pSuX
content-encoding: br
last-modified: Sat, 30 Sep 2023 14:56:13 GMT
server: AmazonS3
via: 1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
etag: W/"4c4f4bf824d2aa120a5e0b665b4c9828"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=14400, stale-while-revalidate=14400, immutable
age: 2072
x-amz-cf-id: -L8PzNXKEeWJhABts_FTjk5kaEELPdIcVc38-86cgxB2t_1UD8P7og==

GET
H2 200 main.js Show response
sdki.truepush.com/sdk/v2.0.4/ 80 KB
19 KB 125ms
123ms Script
application/javascript 52.84.251.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdki.truepush.com/sdk/v2.0.4/main.js
Requested by: Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.4/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-64.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6dc50509c75d563ba18f32e35c8aa2ff630f46492df8dad7c66515fe6eaf34ef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 16:32:48 GMT
content-encoding: gzip
via: 1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jul 2022 04:37:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 2579504
etag: "3d47f45ecfb765f8b8b58d2a4b1883fb"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 18934
x-amz-cf-id: kHRzJHSom3Gu9mi6QOrcEQ94L829P-Fwl3W20juY4qIjmv6wOJwZIg==

GET
H2 200 trace Show response
www.cloudflare.com/cdn-cgi/ 319 B
453 B 682ms
101ms XHR
text/plain 104.16.123.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cloudflare.com/cdn-cgi/trace

Requested by

Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/hb_vt_en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.123.96 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31f073d4d3fc0402739752b2e1cec04eba91d033a93f5563a39947ab9825d831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 81baaa7bbb824118-SIN
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
87 KB 105ms
105ms Script
application/javascript 74.125.200.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7LEG9MJJ0Q&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8PQVQT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

5f79437210e2b63cd872593aa10464208aff99604328eed9ea4355b3cec436ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88821
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 13:04:32 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/464712619/ 3 KB
2 KB 380ms
101ms Script
text/javascript 64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/464712619/?random=1698239072011&cv=11&fst=1698239072011&bg=ffffff&guid=ON&async=1&gtm=45He3an0v850631566&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes.com%2F2022%2F05%2F18%2Fchinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html&label=KWl_CLD7yuIDEKvny90B&hn=www.googleadservices.com&frm=0&tiba=Chinese%20Regime%20Harvests%20Over%20150%2C000%20Organs%20From%20Jailed%20Prisoners%20Each%20Year%3A%20Expert%20-%20Vision%20Times&value=0&bttype=purchase&auid=1924962688.1698239072&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8PQVQT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f156.1e100.net

Software

cafe /

Resource Hash

c8f85f9719fb9a209a22f0266ad8cca6fa05e449da92e5fafd21f6eb0627f76e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 13:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1736
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 199 KB
53 KB 690ms
109ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 25 Oct 2023 13:04:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53588
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Jb/MelULa9DhSOIvJZljaB+/nQTBjOniO/GZl7FQTxyQ0QUKQdblfzk/bFywUICkPV2PtTPtNc75OYHoZEm06w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK truepushSDKPlatfromDetails Show response
sdk.truepush.com/api/v2/ 1 KB
2 KB 697ms
266ms XHR
application/json 103.146.40.154
CTRLS-AS-IN CtrlS

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.truepush.com/api/v2/truepushSDKPlatfromDetails

Requested by

Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.4/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.146.40.154 , India, ASN18229 (CTRLS-AS-IN CtrlS, IN),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

583a34a1ddf917cf80500d1fd0cf9f6d34c39ba1f6392654e7b1bfef30a43fb3

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 25 Oct 2023 13:04:33 GMT
Content-Security-Policy: img-src * data:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
X-DNS-Prefetch-Control: off
Connection: keep-alive
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: nginx/1.16.1
ETag: W/"422-9Rlcd3tHFwzJapO0a2+nNiYtKcM"
Expect-CT: max-age=0
Vary: Origin, X-HTTP-Method-Override, Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.visiontimes.com
X-Download-Options: noopen
Access-Control-Allow-Credentials: true

OPTIONS
H/1.1 204
No Content truepushSDKPlatfromDetails
sdk.truepush.com/api/v2/ Frame 0
0 698ms
263ms Preflight 103.146.40.154
CTRLS-AS-IN CtrlS

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.truepush.com/api/v2/truepushSDKPlatfromDetails
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.146.40.154 , India, ASN18229 (CTRLS-AS-IN CtrlS, IN),
Reverse DNS
Software: nginx/1.16.1 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.visiontimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.visiontimes.com
Connection: keep-alive
Content-Length: 0
Date: Wed, 25 Oct 2023 13:04:32 GMT
Server: nginx/1.16.1
Vary: Origin, Access-Control-Request-Headers
X-Powered-By: Express

POST
H2 204 collect
analytics.google.com/g/ 0
257 B 678ms
96ms Ping
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-7LEG9MJJ0Q&gtm=45je3an0v882325150z8850631566&_p=225935892&_gaz=1&cid=2041818263.1698239072&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698239072&sct=1&seg=0&dl=https%3A%2F%2Fwww.visiontimes.com%2F2022%2F05%2F18%2Fchinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html&dt=Chinese%20Regime%20Harvests%20Over%20150%2C000%20Organs%20From%20Jailed%20Prisoners%20Each%20Year%3A%20Expert%20-%20Vision%20Times&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&ep.page_author=Alina%20Wang
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7LEG9MJJ0Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 13:04:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visiontimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 677ms
96ms Ping
text/plain 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7LEG9MJJ0Q&cid=2041818263.1698239072&gtm=45je3an0v882325150z8850631566&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7LEG9MJJ0Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 13:04:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visiontimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
408 B 730ms
152ms Image
image/gif 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7LEG9MJJ0Q&cid=2041818263.1698239072&gtm=45je3an0v882325150z8850631566&aip=1&z=1421777984

Requested by

Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 13:04:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com.sg/pagead/1p-conversion/464712619/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/464712619/?random=1925542016&cv=11&fst=1698239072011&bg=ffffff&guid=ON&async=1&gtm=45He3an0v850631566&u_w=1600&u_h=1200&url=https%3A...
https://www.google.com/pagead/1p-conversion/464712619/?random=1925542016&cv=11&fst=1698239072011&bg=ffffff&guid=ON&async=1&gtm=45He3an0v850631566&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes...
https://www.google.com.sg/pagead/1p-conversion/464712619/?random=1925542016&cv=11&fst=1698239072011&bg=ffffff&guid=ON&async=1&gtm=45He3an0v850631566&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visionti...

42 B
154 B

101ms
101ms

Image
image/gif

64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-conversion/464712619/?random=1925542016&cv=11&fst=1698239072011&bg=ffffff&guid=ON&async=1&gtm=45He3an0v850631566&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes.com%2F2022%2F05%2F18%2Fchinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html&label=KWl_CLD7yuIDEKvny90B&hn=www.googleadservices.com&frm=0&tiba=Chinese%20Regime%20Harvests%20Over%20150%2C000%20Organs%20From%20Jailed%20Prisoners%20Each%20Year%3A%20Expert%20-%20Vision%20Times&value=0&auid=1924962688.1698239072&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOFBuaXFRWVE1TmY4aDRXTC1yeU1BUkltQUFGVk01WThhT1k1bnh3azlxTWJqX0xjOGltT0wxcUgyeWljaHQxS2pxLTNvRHVBTlFzGlhDaEFJOFBuaXFRWVEwcFA5bmFyNzdMTTZFaTRBS01ELTRVWUVITEZGZTFKUkI2WlNCcDBxQWROSDhnVUN1dks4bDNZa0VhOWZ6SERWMkptZkE5cTJiVE9NIhMIxMeaxaGRggMVbaRmAh2wEQuX&is_vtc=1&ocp_id=YBI5ZcSXFe3ImsMPsKOsuAk&eitems=ChEI8PniqQYQgr7knOiM7p2sARIdAEFUWwBDPRf95u5ICryK7m24orh-yGI0EE6oA9s&random=1090142175&ipr=y

Requested by

Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html

Protocol

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 13:04:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 13:04:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.com.sg/pagead/1p-conversion/464712619/?random=1925542016&cv=11&fst=1698239072011&bg=ffffff&guid=ON&async=1&gtm=45He3an0v850631566&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes.com%2F2022%2F05%2F18%2Fchinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html&label=KWl_CLD7yuIDEKvny90B&hn=www.googleadservices.com&frm=0&tiba=Chinese%20Regime%20Harvests%20Over%20150%2C000%20Organs%20From%20Jailed%20Prisoners%20Each%20Year%3A%20Expert%20-%20Vision%20Times&value=0&auid=1924962688.1698239072&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOFBuaXFRWVE1TmY4aDRXTC1yeU1BUkltQUFGVk01WThhT1k1bnh3azlxTWJqX0xjOGltT0wxcUgyeWljaHQxS2pxLTNvRHVBTlFzGlhDaEFJOFBuaXFRWVEwcFA5bmFyNzdMTTZFaTRBS01ELTRVWUVITEZGZTFKUkI2WlNCcDBxQWROSDhnVUN1dks4bDNZa0VhOWZ6SERWMkptZkE5cTJiVE9NIhMIxMeaxaGRggMVbaRmAh2wEQuX&is_vtc=1&ocp_id=YBI5ZcSXFe3ImsMPsKOsuAk&eitems=ChEI8PniqQYQgr7knOiM7p2sARIdAEFUWwBDPRf95u5ICryK7m24orh-yGI0EE6oA9s&random=1090142175&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/ 119 KB
39 KB 120ms
120ms Script
text/javascript 13.227.254.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-80.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74bc44085ff5b51bde6a2a8f757695484b82a6b9221507b61e31f3ee5a455251

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:30:02 GMT
x-amz-version-id: oDnxT_CEjyrPh31GSTplnhet4paADMHU
content-encoding: br
last-modified: Wed, 25 Oct 2023 12:02:48 GMT
server: AmazonS3
via: 1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
etag: W/"edec3876e932afb5beec906d171ade5c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 2071
x-amz-cf-id: kxjwgUTCrvzsN2X7-YtzRWegOR7sMwkoJbtynl9Tf9ajgI51RZHYCg==

GET
H2 200 AGSKWxVvUzvTsEqBa-st4GNxwQ9e98t74FPSqrtqTqgzOqKHL8zSWGn6b3eBFDqWi1EM5UbEs8ieXbw7jM84XmVMqZv1HWtidr6A2uGcoQG6y-DZsxyYxsfAS0aRt77bTii84noNd9OK Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 140ms
139ms Script
application/javascript 64.233.170.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVvUzvTsEqBa-st4GNxwQ9e98t74FPSqrtqTqgzOqKHL8zSWGn6b3eBFDqWi1EM5UbEs8ieXbw7jM84XmVMqZv1HWtidr6A2uGcoQG6y-DZsxyYxsfAS0aRt77bTii84noNd9OK?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4MjM5MDcyLDYxMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cudmlzaW9udGltZXMuY29tLzIwMjIvMDUvMTgvY2hpbmVzZS1yZWdpbWUtaGFydmVzdHMtb3Zlci0xNTAwMDAtb3JnYW5zLWZyb20tamFpbGVkLXByaXNvbmVycy1lYWNoLXllYXItZXhwZXJ0Lmh0bWwiLG51bGwsW1s4LCI3Z1lYWHlabXJ2cyJdLFs5LCJ6aC1DTiJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f138.1e100.net

Software

ESF /

Resource Hash

05e367972fb2b4ee73f4b5314983457174cda021634f7abbca83da485bc1e0b0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BcLhxO7wbfoRDVG5yG34dA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-BcLhxO7wbfoRDVG5yG34dA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 143 KB
31 KB 681ms
105ms Script
text/javascript 104.22.52.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 08:11:43 GMT
server: cloudflare
x-amz-request-id: KBRP0Q32824HGV06
age: 2764
etag: W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 81baaa7fd9c691a7-SIN
x-amz-id-2: TAvAo3zckGHWaVy8/C3FsmwswIt7IybBVhQxRvA7787XSpnvbCxYe35Tq6IE7ZlrNZWxUm3SPx6GUIRFi1909Q==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
896 B 672ms
96ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 25 Oct 2023 13:04:33 GMT
x-content-type-options: nosniff
content-encoding: br
age: 40376
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-qpg1263-QPG
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 667ms
96ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 11 Oct 2023 08:53:04 GMT
server: nginx
etag: W/"65266270-a892"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 26 Oct 2023 13:04:33 GMT

GET
H2 200 AGSKWxXUVm9aS6y_-ocTjdYe7YtWiciRQ-Gb9TLZkBacumpn2kkHJyabcJzMQi9zbH6qdSR7g5VNFWknkZyyEKJIvoItu1s4RSU2Jh_O4VRPQvjXRkCq_cjpQi0t_LwvG7GcLCdqAx2O Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 166ms
165ms Script
application/javascript 64.233.170.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXUVm9aS6y_-ocTjdYe7YtWiciRQ-Gb9TLZkBacumpn2kkHJyabcJzMQi9zbH6qdSR7g5VNFWknkZyyEKJIvoItu1s4RSU2Jh_O4VRPQvjXRkCq_cjpQi0t_LwvG7GcLCdqAx2O?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4MjM5MDcyLDc1NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyXSwiaHR0cHM6Ly93d3cudmlzaW9udGltZXMuY29tLzIwMjIvMDUvMTgvY2hpbmVzZS1yZWdpbWUtaGFydmVzdHMtb3Zlci0xNTAwMDAtb3JnYW5zLWZyb20tamFpbGVkLXByaXNvbmVycy1lYWNoLXllYXItZXhwZXJ0Lmh0bWwiLG51bGwsW1s4LCI3Z1lYWHlabXJ2cyJdLFs5LCJ6aC1DTiJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f138.1e100.net

Software

ESF /

Resource Hash

7f6adea3811e429b1b6b2941e9635e983e62b0844b44c28d6fe0d2f12888bba3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8UUFILg4vf8iCm0AmVUl0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8UUFILg4vf8iCm0AmVUl0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 448123030045464 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 96ms
95ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/448123030045464?v=2.9.135&r=stable&domain=www.visiontimes.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

7a0c2492156c5455f879cfd55e664ec58ca5d9b62455e9449e18f64f9a3b6f96

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 25 Oct 2023 13:04:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35233
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: YfbadeGDF9xxwGbaSJlm1sapKdHJrGuPbedP06gu1jCSU8v5E3/46ybLBb9lVSb+LHYr90oO2jX6O1h5jwq3fw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 663ms
93ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=448123030045464&ev=PageView&dl=https%3A%2F%2Fwww.visiontimes.com%2F2022%2F05%2F18%2Fchinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html&rl=&if=false&ts=1698239072916&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.1.1698239072915.1368710449&ler=empty&it=1698239072790&coo=false&rqm=GET

Requested by

Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 25 Oct 2023 13:04:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H/1.1 204
No Content updateOriginalUrl
sdk.truepush.com/api/v1/ Frame 0
0 173ms
172ms Preflight 103.146.40.154
CTRLS-AS-IN CtrlS

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.truepush.com/api/v1/updateOriginalUrl
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.146.40.154 , India, ASN18229 (CTRLS-AS-IN CtrlS, IN),
Reverse DNS
Software: nginx/1.16.1 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.visiontimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.visiontimes.com
Connection: keep-alive
Content-Length: 0
Date: Wed, 25 Oct 2023 13:04:33 GMT
Server: nginx/1.16.1
Vary: Origin, Access-Control-Request-Headers
X-Powered-By: Express

POST updateOriginalUrl
sdk.truepush.com/api/v1/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 688ms
107ms Stylesheet
text/css 74.125.200.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f95.1e100.net

Software

ESF /

Resource Hash

466798fae129eb3899a28dc6cd8aaab04bfbad6e4a9f51d598a225041ea64165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 25 Oct 2023 13:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 12:44:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Oct 2023 13:04:34 GMT

GET
H2 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
518 B 102ms
101ms Image
image/gif 64.233.170.138
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=9.013606781827317

Requested by

Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f138.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-8mWvJTD5DaO7IBoQYGe67Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-8mWvJTD5DaO7IBoQYGe67Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
254 B 110ms
110ms Image
image/gif 64.233.170.138
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=6.984486738325042

Requested by

Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f138.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-s47Lb9uUx2CJ_mPl3EJxCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-s47Lb9uUx2CJ_mPl3EJxCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxXZOo3hagmB2pURxtbBPoyOLuwr1uvSD0INE1lofaYR_JQnaDbbw93BGOzY3SHc_g07XEEwIDqbU_ZFzaHtbEiP7jgUJhArn4uu4NvhJ7LV69URYj4fdDkfsH0fnwiuh_D9V1wH Show response
fundingchoicesmessages.google.com/el/ 0
1 KB 686ms
115ms XHR
text/html 64.233.170.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXZOo3hagmB2pURxtbBPoyOLuwr1uvSD0INE1lofaYR_JQnaDbbw93BGOzY3SHc_g07XEEwIDqbU_ZFzaHtbEiP7jgUJhArn4uu4NvhJ7LV69URYj4fdDkfsH0fnwiuh_D9V1wH

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.7gYXXyZmrvs.es5.O/am=CAM/d=1/rs=AJlcJMwjc8c__M7wuIqaG4To7rgGapYVAA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-flSj6L3b_znDkPOBa2rtBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 25 Oct 2023 13:04:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-flSj6L3b_znDkPOBa2rtBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.visiontimes.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
279 B 1194ms
379ms Fetch
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

9557e3460c790bceec122e7d1b9d89fbc08c40a7dc1be2515db39883ca5db33c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin: https://www.visiontimes.com
date: Wed, 25 Oct 2023 13:04:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 Adstream Show response
fundingchoicesmessages.google.com/f/AGSKWxXbnT1fT16biP78ZaluZKOwDBnLeqZi1VN4r2O5lY6Vg5S8m0Jc8pzFS2_SkRnhSOpe814AhxejomMwWJ11W3UsfxwcMFfyjsPXwoB1ETlLNQIJIhv_RAexJQRjXQmCgjEZCNxs1dmC-zAkGR4mT3weQV9cF... 54 B
299 B 103ms
102ms Script
application/javascript 64.233.170.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXbnT1fT16biP78ZaluZKOwDBnLeqZi1VN4r2O5lY6Vg5S8m0Jc8pzFS2_SkRnhSOpe814AhxejomMwWJ11W3UsfxwcMFfyjsPXwoB1ETlLNQIJIhv_RAexJQRjXQmCgjEZCNxs1dmC-zAkGR4mT3weQV9cFJVgtsx3NHP_nbtg-4KpmWPIxziA8G8=/_/adhelper._adcom./Adstream?/friendfinder_/adslug-

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f138.1e100.net

Software

ESF /

Resource Hash

51aa46b46c0f3615694e9a8cfdf4c5a31a567444c8b9d19f9ac056f45a74066a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-bUwxFUxHr1_N-N4NESMQPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-bUwxFUxHr1_N-N4NESMQPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 30 KB
12 KB 740ms
177ms Script
text/javascript 74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

cafe /

Resource Hash

6f2baedcd158862b8b005f419813280e093b9fb2e0ba4f4074c9af30db27c928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:01:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11366
x-xss-protection: 0
server: cafe
etag: 3715999647879306108
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 14:01:30 GMT

POST
H2 204 AGSKWxXZOo3hagmB2pURxtbBPoyOLuwr1uvSD0INE1lofaYR_JQnaDbbw93BGOzY3SHc_g07XEEwIDqbU_ZFzaHtbEiP7jgUJhArn4uu4NvhJ7LV69URYj4fdDkfsH0fnwiuh_D9V1wH Show response
fundingchoicesmessages.google.com/el/ 0
200 B 101ms
101ms XHR
text/html 64.233.170.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXZOo3hagmB2pURxtbBPoyOLuwr1uvSD0INE1lofaYR_JQnaDbbw93BGOzY3SHc_g07XEEwIDqbU_ZFzaHtbEiP7jgUJhArn4uu4NvhJ7LV69URYj4fdDkfsH0fnwiuh_D9V1wH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tUy4yv27AHtfbblmwip4Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 25 Oct 2023 13:04:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tUy4yv27AHtfbblmwip4Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.visiontimes.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxXZOo3hagmB2pURxtbBPoyOLuwr1uvSD0INE1lofaYR_JQnaDbbw93BGOzY3SHc_g07XEEwIDqbU_ZFzaHtbEiP7jgUJhArn4uu4NvhJ7LV69URYj4fdDkfsH0fnwiuh_D9V1wH Show response
fundingchoicesmessages.google.com/el/ 0
199 B 100ms
99ms XHR
text/html 64.233.170.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXZOo3hagmB2pURxtbBPoyOLuwr1uvSD0INE1lofaYR_JQnaDbbw93BGOzY3SHc_g07XEEwIDqbU_ZFzaHtbEiP7jgUJhArn4uu4NvhJ7LV69URYj4fdDkfsH0fnwiuh_D9V1wH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2ljuXULPCQHnic2W8sPxhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 25 Oct 2023 13:04:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-2ljuXULPCQHnic2W8sPxhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.visiontimes.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXZOo3hagmB2pURxtbBPoyOLuwr1uvSD0INE1lofaYR_JQnaDbbw93BGOzY3SHc_g07XEEwIDqbU_ZFzaHtbEiP7jgUJhArn4uu4NvhJ7LV69URYj4fdDkfsH0fnwiuh_D9V1wH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5MdDH6immBamQGf7uqm7Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 25 Oct 2023 13:04:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-5MdDH6immBamQGf7uqm7Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.visiontimes.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxXZOo3hagmB2pURxtbBPoyOLuwr1uvSD0INE1lofaYR_JQnaDbbw93BGOzY3SHc_g07XEEwIDqbU_ZFzaHtbEiP7jgUJhArn4uu4NvhJ7LV69URYj4fdDkfsH0fnwiuh_D9V1wH Show response
fundingchoicesmessages.google.com/el/ 0
200 B 112ms
112ms XHR
text/html 64.233.170.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXZOo3hagmB2pURxtbBPoyOLuwr1uvSD0INE1lofaYR_JQnaDbbw93BGOzY3SHc_g07XEEwIDqbU_ZFzaHtbEiP7jgUJhArn4uu4NvhJ7LV69URYj4fdDkfsH0fnwiuh_D9V1wH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NvkZwNpBNA-K3VJ_mH1tlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 25 Oct 2023 13:04:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-NvkZwNpBNA-K3VJ_mH1tlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.visiontimes.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxX827O_ODY3ebv880k6EZtn5UMayawd3XsJY-PrzJr3IJBMuwIASOxyKdNIyG0FZiureUsPU_COCqmyTX7xELjd8n54waOUebRXSMnlzD8D-rqmHWmcGlpye0RSCq9QXh-jxF9d Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 143ms
143ms Script
application/javascript 64.233.170.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX827O_ODY3ebv880k6EZtn5UMayawd3XsJY-PrzJr3IJBMuwIASOxyKdNIyG0FZiureUsPU_COCqmyTX7xELjd8n54waOUebRXSMnlzD8D-rqmHWmcGlpye0RSCq9QXh-jxF9d?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4MjM5MDc1LDM5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cudmlzaW9udGltZXMuY29tLzIwMjIvMDUvMTgvY2hpbmVzZS1yZWdpbWUtaGFydmVzdHMtb3Zlci0xNTAwMDAtb3JnYW5zLWZyb20tamFpbGVkLXByaXNvbmVycy1lYWNoLXllYXItZXhwZXJ0Lmh0bWwiLG51bGwsW1s4LCI3Z1lYWHlabXJ2cyJdLFs5LCJ6aC1DTiJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f138.1e100.net

Software

ESF /

Resource Hash

a07647e099008e090109de7e7ad8f541eacfa78d12c81cbe8627a252946f2dac

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uj99Ol6GPIxaeO-a3VQO4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uj99Ol6GPIxaeO-a3VQO4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 667ms
97ms Preflight
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.visiontimes.com%2F&domain=www.visiontimes.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.visiontimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.visiontimes.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 25 Oct 2023 13:04:35 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 415273
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 AGSKWxU6v-vvbHiErAqWdxSD6qrN0dXTL2NTYx7dgn0RtubO9x3Zq0Je5yQfMPWWXDGT0QWnkl9Ak62el_LCN7IU_6-QEdOxYPGtX9s641L7qo_c_2Uaith7ybidrSmGTss5O-C1hi6u Show response
fundingchoicesmessages.google.com/el/ 0
200 B 101ms
100ms XHR
text/html 64.233.170.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU6v-vvbHiErAqWdxSD6qrN0dXTL2NTYx7dgn0RtubO9x3Zq0Je5yQfMPWWXDGT0QWnkl9Ak62el_LCN7IU_6-QEdOxYPGtX9s641L7qo_c_2Uaith7ybidrSmGTss5O-C1hi6u

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CvOzW-Gy1wOeKK57e7BFng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 25 Oct 2023 13:04:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-CvOzW-Gy1wOeKK57e7BFng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.visiontimes.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ 351 B
665 B 659ms
97ms XHR
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.visiontimes.com%2F&domain=www.visiontimes.com&cw=1&pbt=1&lsw=1

Requested by

Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

008dfebde1a5f1f5f13295c2d1312bf68d941fe3852536f46a9e20aed15e0584

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 13:04:36 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.visiontimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1251445
expires: 0

POST prebid
id5-sync.com/api/config/ 0
0

POST
H2 204 AGSKWxXZOo3hagmB2pURxtbBPoyOLuwr1uvSD0INE1lofaYR_JQnaDbbw93BGOzY3SHc_g07XEEwIDqbU_ZFzaHtbEiP7jgUJhArn4uu4NvhJ7LV69URYj4fdDkfsH0fnwiuh_D9V1wH Show response
fundingchoicesmessages.google.com/el/ 0
200 B 96ms
96ms XHR
text/html 64.233.170.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXZOo3hagmB2pURxtbBPoyOLuwr1uvSD0INE1lofaYR_JQnaDbbw93BGOzY3SHc_g07XEEwIDqbU_ZFzaHtbEiP7jgUJhArn4uu4NvhJ7LV69URYj4fdDkfsH0fnwiuh_D9V1wH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m-pLPD6bPkDctGSNruBTLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 25 Oct 2023 13:04:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-m-pLPD6bPkDctGSNruBTLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.visiontimes.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2 Show response
id5-sync.com/gm/ 635 B
1 KB 1357ms
590ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v2

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

d0e290f350cecc615cf4a6a466ad6fab80393ffc41457bba8baba5c814ec2fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.visiontimes.com
date: Wed, 25 Oct 2023 13:04:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 204 1644420 Show response
bs.yandex.ru/prebid/ 0
168 B 1372ms
367ms XHR
application/json 87.250.250.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/1644420?imp-id=1&target-ref=www.visiontimes.com&ssp-id=10500
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: bs.yandex.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 13:04:36 GMT
last-modified: Wed, 25 Oct 2023 13:04:36 GMT
x-yandex-req-id: 1698239076855357-823769262893409537900187-production-app-host-vla-pcode-283
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.visiontimes.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Wed, 25 Oct 2023 13:04:36 GMT

POST
H2 204 1644420 Show response
bs.yandex.ru/prebid/ 0
164 B 1532ms
527ms XHR
application/json 87.250.250.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/1644420?imp-id=1&target-ref=www.visiontimes.com&ssp-id=10500
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: bs.yandex.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 13:04:36 GMT
last-modified: Wed, 25 Oct 2023 13:04:36 GMT
x-yandex-req-id: 1698239076854482-671167229548251386600387-production-app-host-vla-pcode-453
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.visiontimes.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: Direct
expires: Wed, 25 Oct 2023 13:04:36 GMT

POST
H2 204 1644420 Show response
bs.yandex.ru/prebid/ 0
167 B 1403ms
399ms XHR
application/json 87.250.250.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/1644420?imp-id=1&target-ref=www.visiontimes.com&ssp-id=10500
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: bs.yandex.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 13:04:36 GMT
last-modified: Wed, 25 Oct 2023 13:04:36 GMT
x-yandex-req-id: 1698239076853227-1593050418831031559100510-production-app-host-vla-pcode-240
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.visiontimes.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Wed, 25 Oct 2023 13:04:36 GMT

POST
H2 204 1644420 Show response
bs.yandex.ru/prebid/ 0
168 B 1392ms
388ms XHR
application/json 87.250.250.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/1644420?imp-id=1&target-ref=www.visiontimes.com&ssp-id=10500
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: bs.yandex.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 13:04:36 GMT
last-modified: Wed, 25 Oct 2023 13:04:36 GMT
x-yandex-req-id: 1698239076855486-1730229912304079942200348-production-app-host-vla-pcode-374
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.visiontimes.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Wed, 25 Oct 2023 13:04:36 GMT

POST
H2 204 1644420 Show response
bs.yandex.ru/prebid/ 0
167 B 1403ms
400ms XHR
application/json 87.250.250.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/1644420?imp-id=1&target-ref=www.visiontimes.com&ssp-id=10500
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: bs.yandex.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 13:04:36 GMT
last-modified: Wed, 25 Oct 2023 13:04:36 GMT
x-yandex-req-id: 1698239076847817-982492834987255451000243-production-app-host-sas-pcode-241
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.visiontimes.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Wed, 25 Oct 2023 13:04:36 GMT

POST
H2 204 1644420 Show response
bs.yandex.ru/prebid/ 0
443 B 1369ms
366ms XHR
application/json 87.250.250.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/1644420?imp-id=1&target-ref=www.visiontimes.com&ssp-id=10500
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: bs.yandex.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 13:04:36 GMT
last-modified: Wed, 25 Oct 2023 13:04:36 GMT
x-yandex-req-id: 1698239076852982-261998185278961993300190-production-app-host-sas-pcode-323
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.visiontimes.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Wed, 25 Oct 2023 13:04:36 GMT

POST
H2 204 1644420 Show response
bs.yandex.ru/prebid/ 0
167 B 1377ms
374ms XHR
application/json 87.250.250.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/1644420?imp-id=1&target-ref=www.visiontimes.com&ssp-id=10500
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: bs.yandex.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 13:04:36 GMT
last-modified: Wed, 25 Oct 2023 13:04:36 GMT
x-yandex-req-id: 1698239076844494-1381719426663936276400250-production-app-host-sas-pcode-437
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.visiontimes.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Wed, 25 Oct 2023 13:04:36 GMT

POST
H2 204 1644420 Show response
bs.yandex.ru/prebid/ 0
166 B 1398ms
396ms XHR
application/json 87.250.250.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/1644420?imp-id=1&target-ref=www.visiontimes.com&ssp-id=10500
Requested by: Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: bs.yandex.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 13:04:36 GMT
last-modified: Wed, 25 Oct 2023 13:04:36 GMT
x-yandex-req-id: 1698239076851453-944768740682717580800180-production-app-host-sas-pcode-429
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.visiontimes.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Wed, 25 Oct 2023 13:04:36 GMT

GET

5.gif
id5-sync.com/c/1009/19/4/
Redirect Chain

https://id5-sync.com/i/1009/8.gif?id5id=ID5*dFo9DQ7gY0T9BezlBaSFycQum9a8znKJf4sgvTsKXYNpz2YjWcgF3uIL-6h5JOvJadBTBk3_MPS21AHSWNjq3w&o=api&gdpr_consent=undefined&gdpr=false
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=3bcc543b-5650-4377-9a60-4fed3384e04a&ttl=%%TTL%%
https://ib.adnxs.com/getuid?https://id5-sync.com/c/1009/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F1009%2F2%2F6%2F3.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/1009/2/6/3.gif?puid=3037169158889736907&gdpr=0&gdpr_consent=
https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F1009%2F821%2F5%2F4.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/1009/821/5/4.gif?puid=e8e65369-184f-4fce-a2ae-802319e9077d&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/1009/19/4/5.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/1009/19/4/5.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
https://id5-sync.com/c/1009/19/4/5.gif?puid=5198f556c72263663eac864902fe067b&gdpr=0&gdpr_consent=

0
0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 65 KB
25 KB 350ms
349ms Fetch
text/plain 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2118999449036481&correlator=1628182520651356&eid=31078934%2C31078659&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&gdpr=0&iu_parts=22652677200%2Cvisiontimes_en%2Cdesktop_sidebar_02&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698239077228&lmt=1698210277&adxs=1069&adys=1730&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.visiontimes.com%2F2022%2F05%2F18%2Fchinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html&vis=1&psz=313x310&msz=313x250&fws=4&ohw=1600&ga_vid=2041818263.1698239072&ga_sid=1698239077&ga_hid=225935892&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYq5m_t7YxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPWSv7e2MUgAUgIIZBJzCgxpZDUtc3luYy5jb20SWklENSpkRm85RFE3Z1kwVDlCZXpsQmFTRnljUXVtOWE4em5LSmY0c2d2VHNLWFlOcHoyWWpXY2dGM3VJTC02aDVKT3ZKYWRCVEJrM19NUFMyMUFIU1dOanEzdxj4tL-3tjFIAA..&dlt=1698239070390&idt=1152&adks=2760202181&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

704bd8bedcecb6494b3b5bfdde51fd941d87de7ab9ff6a91293c44e8f570ff38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25109
x-xss-protection: 0
google-lineitem-id: 6362506240
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138442806237
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.visiontimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 687ms
114ms XHR
application/json 74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310190101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

cafe /

Resource Hash

33dabc0b1700dd456e7de7f51f809e1bf7ead5fe9e862c490edd31d5d55a6b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12166
x-xss-protection: 0

GET
H2 200 container.html Show response
02a14cbc2a5808a18f6a1abb9cc6ea50.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 245C 6 KB
3 KB 703ms
110ms Document
text/html 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://02a14cbc2a5808a18f6a1abb9cc6ea50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visiontimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 13:04:37 GMT
expires: Thu, 24 Oct 2024 13:04:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
21 KB 348ms
348ms Fetch
text/plain 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2118999449036481&correlator=1628182520651356&eid=31078934%2C31078659&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&gdpr=0&iu_parts=22652677200%2Cvisiontimes_en%2Cdesktop_catfish&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698239077243&lmt=1698210277&adxs=436&adys=1109&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.visiontimes.com%2F2022%2F05%2F18%2Fchinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html&vis=1&psz=1600x-1&msz=1598x-1&fws=512&ohw=0&ga_vid=2041818263.1698239072&ga_sid=1698239077&ga_hid=225935892&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYq5m_t7YxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPWSv7e2MUgAUgIIZBJzCgxpZDUtc3luYy5jb20SWklENSpkRm85RFE3Z1kwVDlCZXpsQmFTRnljUXVtOWE4em5LSmY0c2d2VHNLWFlOcHoyWWpXY2dGM3VJTC02aDVKT3ZKYWRCVEJrM19NUFMyMUFIU1dOanEzdxj4tL-3tjFIAA..&dlt=1698239070390&idt=1152&adks=3176531151&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

5a039addc7310296c2b5c767203d48de6aa90f9760149af0a5f6e050dd06189f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21524
x-xss-protection: 0
google-lineitem-id: 6248293137
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138426273959
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.visiontimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 65 KB
25 KB 519ms
519ms Fetch
text/plain 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2118999449036481&correlator=1628182520651356&eid=31078934%2C31078659&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&gdpr=0&iu_parts=22652677200%2Cvisiontimes_en%2Cdesktop_top&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698239077248&lmt=1698210277&adxs=436&adys=30&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.visiontimes.com%2F2022%2F05%2F18%2Fchinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html&vis=1&psz=1600x150&msz=1600x90&fws=4&ohw=1600&ga_vid=2041818263.1698239072&ga_sid=1698239077&ga_hid=225935892&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYq5m_t7YxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPWSv7e2MUgAUgIIZBJzCgxpZDUtc3luYy5jb20SWklENSpkRm85RFE3Z1kwVDlCZXpsQmFTRnljUXVtOWE4em5LSmY0c2d2VHNLWFlOcHoyWWpXY2dGM3VJTC02aDVKT3ZKYWRCVEJrM19NUFMyMUFIU1dOanEzdxj4tL-3tjFIAA..&dlt=1698239070390&idt=1152&adks=2296131749&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

645934215dd80ebfdb1dad1d6e4dd52206628535590fda63a327b41ab1800229

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24932
x-xss-protection: 0
google-lineitem-id: 6362506240
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138443525227
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.visiontimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
21 KB 509ms
509ms Fetch
text/plain 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2118999449036481&correlator=1628182520651356&eid=31078934%2C31078659&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&gdpr=0&iu_parts=22652677200%2Cvisiontimes_en%2Cdesktop_sidebar_01&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698239077251&lmt=1698210277&adxs=1069&adys=834&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.visiontimes.com%2F2022%2F05%2F18%2Fchinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html&vis=1&psz=313x310&msz=313x250&fws=4&ohw=1600&ga_vid=2041818263.1698239072&ga_sid=1698239077&ga_hid=225935892&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYq5m_t7YxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPWSv7e2MUgAUgIIZBJzCgxpZDUtc3luYy5jb20SWklENSpkRm85RFE3Z1kwVDlCZXpsQmFTRnljUXVtOWE4em5LSmY0c2d2VHNLWFlOcHoyWWpXY2dGM3VJTC02aDVKT3ZKYWRCVEJrM19NUFMyMUFIU1dOanEzdxj4tL-3tjFIAA..&dlt=1698239070390&idt=1152&adks=3438327699&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

07e66a36790c390d4ddfdb68356f58b3a5fc4cebd8320d2b61cc10660bfaaf13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21536
x-xss-protection: 0
google-lineitem-id: 6122896206
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138443532364
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.visiontimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/ Frame 0AE5 119 KB
39 KB 109ms
108ms Script
text/javascript 13.227.254.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-80.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74bc44085ff5b51bde6a2a8f757695484b82a6b9221507b61e31f3ee5a455251

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:30:02 GMT
x-amz-version-id: oDnxT_CEjyrPh31GSTplnhet4paADMHU
content-encoding: br
last-modified: Wed, 25 Oct 2023 12:02:48 GMT
server: AmazonS3
via: 1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
etag: W/"edec3876e932afb5beec906d171ade5c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 2076
x-amz-cf-id: Xq_2Pj55XT6w6NoeAppjeYCtGLLqCgDusCplZPwQtT6eG4phaby5Jw==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/ Frame A93C 119 KB
39 KB 103ms
103ms Script
text/javascript 13.227.254.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-80.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74bc44085ff5b51bde6a2a8f757695484b82a6b9221507b61e31f3ee5a455251

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:30:02 GMT
x-amz-version-id: oDnxT_CEjyrPh31GSTplnhet4paADMHU
content-encoding: br
last-modified: Wed, 25 Oct 2023 12:02:48 GMT
server: AmazonS3
via: 1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
etag: W/"edec3876e932afb5beec906d171ade5c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 2076
x-amz-cf-id: SP3pTNwRHSdfJ-KsbNa7BUM6IyHF2GayKdWbAxGAoTGjv6G0dUQkTQ==

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0AE5 0
0 152ms
152ms Fetch
image/gif 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMZjlUvEdXpe5mBQYjJUVN3IQUgU73XQqb3bnc3L1Br5EPRsvQVpZmT6qnnQDSl_g5EiBu7uaCHS4PII0euo5KMn-iV8mQ-jdqfsoUbJ4GzlEWjYe_ngW1ktRY013DSIQydSz_WmN9u6ybDETGNqiWHIjaQGplfCyxu9F5ctnuIGM2tgPLs2O----hjdnRSbgobhUV9ujbwroPq_DeER_QBQl8Z0V_sO8cbjL46Wyj-uv_W-kH4pA4H5HlFeCm1vIQlOjYZPQWlnn5N5kdYnGRUGBR3cE3HVbNF6gf5rjitRskfIZeRYzhcbCVvqBUSZKWkKpg4vxxOZnRIjJExEvUy3QQ4E-W4-Thc6DE1zhioj3QyUcV6aryGKN5LLPtlBpdTjWLxn8&sai=AMfl-YQH8Icxu3puN326yPUn-coB_V-HO5BhL_gOTleSgClqf3ylsfcWP9oIcLze1sUoeuy3573DmWuKtPYrktDEeOD4uzlge2brGS3rcTkGVdoih_EfkP3pldemNOto_oM&sig=Cg0ArKJSzGB3js2vcNnvEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame 0AE5 23 KB
9 KB 822ms
257ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 03:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 03:41:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 0AE5 3 KB
1 KB 764ms
199ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 03:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 03:52:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0AE5 187 KB
59 KB 679ms
106ms Script
text/javascript 64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f156.1e100.net

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 13:04:38 GMT

GET
H2 200 14331664254885818930
tpc.googlesyndication.com/simgad/ Frame 0AE5 202 KB
202 KB 822ms
259ms Image
image/jpeg 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14331664254885818930

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

91cb30566b07d91015e9dcc61a4b1ae3351dee6b9af553c9166c26e4d7767fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:38 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207067
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 19:12:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Oct 2024 13:04:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0AE5 0
0 149ms
148ms Image
text/html 142.250.4.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQxi-8YeS84rd85VI1484vEwzfyuNsBTqOZxtoVlO4NVtBD1rf-yicP8RMWK5bEkzXfYJIfb8jR_qp1REV3Ryki1jG4w
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.4.105 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f105.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 0AE5 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0be52c59e2ea3424c7d0b7824f1f5b6b148915858d40a874a6268826b9e5fe99

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/ Frame 1C8B 119 KB
39 KB 112ms
112ms Script
text/javascript 13.227.254.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-80.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74bc44085ff5b51bde6a2a8f757695484b82a6b9221507b61e31f3ee5a455251

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:30:02 GMT
x-amz-version-id: oDnxT_CEjyrPh31GSTplnhet4paADMHU
content-encoding: br
last-modified: Wed, 25 Oct 2023 12:02:48 GMT
server: AmazonS3
via: 1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
etag: W/"edec3876e932afb5beec906d171ade5c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 2076
x-amz-cf-id: Az6phNgRhmZUIqxitNnlUBkqzIRvnWX7KxZRmcoziTlAXJMfURElrw==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/ Frame 2F77 119 KB
39 KB 111ms
111ms Script
text/javascript 13.227.254.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Requested by: Host: www.visiontimes.com
URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-80.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74bc44085ff5b51bde6a2a8f757695484b82a6b9221507b61e31f3ee5a455251

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:30:02 GMT
x-amz-version-id: oDnxT_CEjyrPh31GSTplnhet4paADMHU
content-encoding: br
last-modified: Wed, 25 Oct 2023 12:02:48 GMT
server: AmazonS3
via: 1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
etag: W/"edec3876e932afb5beec906d171ade5c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 2076
x-amz-cf-id: Q2yaziU9o-lBQ5et1yyLUClszciEnvdoN_1cBGJlrrLVqZGoKcRb2Q==

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A93C 0
0 153ms
149ms Fetch
image/gif 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuv-0iBVvUtZ6vVd-SQoN6uhkdwJfjNtHs2hIrIekBxVwzUwric1rUzSLKC696C302IjlRSCN6lHJyERzY-HEGbWVwOQ-mjZdWyhL8FascJndH2wG41gaHJL-ZEaf17x3JDXLf-ev9c_GL6nUo3Cl9PBe9mJQLntlF3Z6x1pQQwMwYrtPyiaTADXVOC_3IgKs_fEaJJ9y9Ei59xHAGeV14ldQ26YcFKfbNHg1xv4x5nbPsbs0GKweAOBLzv0U8TbM1fcr9-uaYxJHYAgn7l3Pu1uJLdgGFYh7Qa8qwIdLruMicnxa_aG3DxGckIFcosiOweQ6KYtfdBSmhxjJN61h11NsEAyCJfH0RwGctBzA&sai=AMfl-YRG00j7blX9yIRucgM10TA18YrafydQ-1v4UNH4DJiGADY32EyBqrElNU65iJU_2qbGjHqThpjP1V1Xuff5ipJRztFPT8wpUrwdCJHRC3xfKKIJb1z8tizHckPCcxI&sig=Cg0ArKJSzPFqhaj-94TZEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame A93C 23 KB
9 KB 707ms
200ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 03:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 03:41:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame A93C 3 KB
1 KB 764ms
258ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 03:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 03:52:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A93C 187 KB
59 KB 747ms
232ms Script
text/javascript 64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f156.1e100.net

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 13:04:38 GMT

GET
H2 200 5356390243999610093
tpc.googlesyndication.com/simgad/ Frame A93C 95 KB
96 KB 615ms
110ms Image
image/png 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5356390243999610093

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

0669ed123dc3ae2053bc81f1c9e2eaa7097b2a5586b5e011aa2ca78d3e8e4fdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:03:02 GMT
x-content-type-options: nosniff
age: 96
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97471
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 20:38:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Oct 2024 13:03:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A93C 0
0 140ms
139ms Image
text/html 142.250.4.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRl67KPgox5kgA_ma6Z3svWxtgIHU3DHj07s9inh4uoS3RHxOXzXgqW0rovE1H0z9MlZUCcyt1kTL-QRBiyu-tCET6q-g
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.4.105 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f105.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame A93C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2e7a7741ce1712404e509a797a1a1cf5d0f5d81055d0be8383e79070e868d58

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1C8B 0
0 149ms
148ms Fetch
image/gif 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvY0aeaIGnE5GKbl0D2N5M2v_idI_k6GtxZ87XK8ZAYG2-HGEmAQPrRQTlCZCSI0KaJwXl1qvDddgWmB0UWNVQ6dzMyJABkZg4UDPPaXBxb7Tbpd5PvLmZAHxqpCqTDOwz5EIu9jrYLy0C3_sioNuqjB71NdCKe6GrNaq4VPVetePK_MRFMJWLDhkTA8ot4mBC6wfGV2Pf3YndfRnTZHR40k1Xi-krxN2JO5aZ5gxRm4wvwkMcGiyx5C8r6oLNtPXyc1_lNlbhC5jS7NLafNYKQIg2V4qPa8ax76upA41lc4wqoS6xzUGKEZbbiQ8lkJ02boZWilIB3YrWGnXd6Gr3KmxRLDQ3lji0fQIIfTo6HEIXWlibYUVBF-0RhFnvzhw&sai=AMfl-YRjjYZQQStSqOWIblvMz4O6QlnUomGHDivDeGinZNh1LyQ1wgVmtamTDYCvPHHA4EifC94LONQYPIWdwtBjDViiUnebK2qBuk_TxvG-bpiBjcXFmxZZPT-rfGmsDA&sig=Cg0ArKJSzGvJMw7GB6OzEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame 1C8B 23 KB
9 KB 114ms
113ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 03:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 03:41:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 1C8B 3 KB
1 KB 115ms
114ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 03:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 03:52:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C8B 187 KB
59 KB 588ms
175ms Script
text/javascript 64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f156.1e100.net

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 13:04:38 GMT

GET
H2 200 12222979607111918385
tpc.googlesyndication.com/simgad/ Frame 1C8B 105 KB
105 KB 688ms
289ms Image
image/jpeg 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12222979607111918385

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

f02b23bf0d9785412779acb7dfc37a4e5b46b775d853a3833e3f4d1049666559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:38 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107462
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 19:11:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Oct 2024 13:04:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1C8B 0
0 137ms
136ms Image
text/html 142.250.4.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbG1Mh5LZVy1dziz9AXbJPguRjbsrH3ks6CNHC-4HPXuGW7id_KN3et9PWqSk1y-TH5oMA2hnxeuiXWGrnbxqGRZBz5A
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.4.105 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f105.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 117ms
116ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 13:04:38 GMT

GET
DATA 200
OK truncated
/ Frame 1C8B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e4d5d58b54e8ef5381edd55941c4dbf4cef3d0dc3437faa693a22a2b25b9d19

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2F77 0
0 140ms
139ms Fetch
image/gif 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnj4EygRiYn_CiSzZFJZqjtGKEBMJhgH2CZR-uspjUbtGEdYi5iVy83hlrIeeAVhuHW5nACYSUhfdB3ZQH4_bY1PRD3JDkgeE54wjosCpFHDP6-_40keogW34f0ZAZEhHVLKD7MHllu276CLZAtrzJmQeycTrrNXM7pDxODHDsbZWJPJIoTelQ1rFXBXtyCkBLQTgLYGjoa-8mHOPFZ3yuUBcGSgPCgHUYjx7wDZ0pGixPZT3GVz7L5PmAuLgY5wwocssIdWH-mQmd6VW0qwql7YnUK-i8ILCKMdlw1-XOR_Bex4vidB4OmI_Yem9uwO60N06i-_7bGM54iy183spwNpA8je-0AYITab5K5DzKgw&sai=AMfl-YRnHy-dlr82tvj-gUNpYKEv5yMsNhSBxxDLGOfAwE5zrNVUzgtlkJ9moFmu96Sg8xgv0tHdrtWyIOp89Rn6xjR1Qn25rtPcwlJfFeKiwrVG3JU4BoEiR2uVacJmDA&sig=Cg0ArKJSzFrAE_3nG27CEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame 2F77 23 KB
9 KB 116ms
115ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 03:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 03:41:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 2F77 3 KB
1 KB 116ms
114ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 03:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 03:52:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F77 187 KB
59 KB 600ms
209ms Script
text/javascript 64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f156.1e100.net

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 13:04:38 GMT

GET
H2 200 6068439262226002320
tpc.googlesyndication.com/simgad/ Frame 2F77 170 KB
170 KB 584ms
205ms Image
image/jpeg 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6068439262226002320

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

376b767bf183b8afbcf86ba3ee5b08be9aac7bdad56662cd8966eb6d0bafb66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:14 GMT
x-content-type-options: nosniff
age: 24
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173783
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 20:03:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Oct 2024 13:04:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2F77 0
0 137ms
137ms Image
text/html 142.250.4.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxS4H5W6BizlEYDvTsnpxKoLl2tImlPw5S1f9Ou0id5ei4c5jzG0nFAIiU39Bwjpz0FA42LkGgDndR3GAeg5svTByBRw
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.4.105 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f105.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 2F77 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e86588e0be64d69da582c9059539c3edd102e21238f1759a10e64ee78d96e55e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 init Show response
gw.geoedge.be/api/ 0
217 B 997ms
340ms XHR
text/plain 13.225.4.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.4.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-4-200.sin52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 25 Oct 2023 13:04:39 GMT
via: 1.1 db8d6eb1919ade2943f4a573a505ba66.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
content-length: 0
x-amz-cf-id: 6mltqs11-Nm4lcMvFsSmV3SlojH_tsXF6KhUw-mdXjYJQSJEkC7wfQ==
x-cache: Miss from cloudfront

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2F77 0
0 702ms
141ms Fetch
image/gif 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBePkBd7rlkGZRklYK9Xwt1V8RDsIBGY4U6F-9IVPhkupyL2FHMMZGFpY_QjiYGTcf2fy5ksVMyYrbk0jEzqb7Ai8_neRN_3LVgP06c6M96xwUyVZzHx_GWrw_z_DDMraDcSrvGyrqoPdfVkDf9zmAqIug4k5saeAu1dBpRSudkYxrc5HVVv_oV76Ix7DZxYsWNnIiBcHgUuRNm6_KocsD4ICTfbipAJg-UQzO75zIJYksWjTtqEH4f7evZnH-na6tOeXhzx5rOSSiJHXdgRqLcuvjm0lNXupG4rMsVXx3fibBOfZbB0uoFsGq-k1pdF31EYlZnd7oiSr8teruSuaVNYjK02fSaXjduqFbnEp65Ujr&sai=AMfl-YQBP7v_lM9eqBeO_IjUGJhmAOU6RfAm1M4fpKfFGaXZHae38yQA7LlrAYs33m8lgsp50NmUqUEJ056b679wvrntu0TG6vQ1QewZp4TJxbpaJQ1SYHq4KDyDSDBF2A&sig=Cg0ArKJSzJk5EN0SrVxnEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 25 Oct 2023 13:04:39 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0AE5 0
0 676ms
140ms Fetch
image/gif 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYJY2DW919EP7cWwGNWXmaC8YinicdkdtpbtTj6lhxRkVty6L8EYWUztoEZ6huwJA7vBdA29f0-CCFTI_HbWwN2c1u9jrdLJbdGEeu43GLNJymKZZ9goWkJvDZrrYnmx15NVqeOhY1A7vnW6WBxqM9GCJGgC4Xcl7P8EZAkk2LS9bdgOeZmGLnNzqI47Y3afjauW76g4Sk_uj7ZYhV6zxFwfwj_1qXyuHBOovwNpOwrYAvuFeBTWtDFY0ePxLW5Rczz8JOSQ3adkQBK3j3nG9IiR731C3voacD8ivgSqxZjYMn-XPYGhgYqvkit7QEI8lLPhfMTHCMDQja2VaEsrt4b93NlqqgRz51zCetsC7eKyjwOtKXDeBzhWSjf1WiE4Y0dSeo1WI7XQ&sai=AMfl-YQ0-kZyI6a6SV2l1Pq9LPpk6NO8Fgy2Lg1SWj1IRoMSQaHc70EDMXzP2XzC-Ltw1AtYtl27Z6Ol3fY3ggo4LuTw1NJ-AHxSV3zBK0N9xOwhzPJCAQGrIqROFJaJaaM&sig=Cg0ArKJSzIRWQsOoznQLEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 25 Oct 2023 13:04:39 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1C8B 0
0 669ms
141ms Fetch
image/gif 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnSIWBAoae6zYwuhTt3r1oLizAaxtVFaUmMoGL14DzCcIt2Huge6zA3FqEvdVhQt_es1DP4T7mBxOPzo_6AR3A8ws1V_DHL6IIlxfieVt6l_U3szG1CFGN3SEv53XWZfgsYiCF4hAHgWCplh1ykRW91Aq4W_wW5hKOrcxCkjqCvrSLhEGBXmOQfVQV5pgWg6BveMcsetv5T1xzyMwfr3qdk93NGXlaVZbbZ-r8MHb0QmHT8omE2A4Wyx7cs5XrNDPKn18G2dGQF7QKz41d9eVOnvYcpyOoTK5YbUHQ_t0qUKpXWhPZPEGRQK0uThhJlKUB8aQWzNRacKwvSAgV5GtCltFXqyzfKz6jI4Qrdw7MAWraOF_pzMulb11ktJeBsE_z&sai=AMfl-YTSrpXZx-XzyJcCZExstnsGkwnHttgHRUR6ouA-w4Q3phQnkQhigA1eT8ftY7ueMOqqXn0RT0U3s7yjQkHyjjqMMYhti_zWaYvU99U93O1qxKY7VQcqPRNl3EX1zg&sig=Cg0ArKJSzIZj6Ncn8dZ3EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 25 Oct 2023 13:04:39 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ 0
215 B 913ms
345ms XHR
text/plain 13.225.4.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.4.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-4-200.sin52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 25 Oct 2023 13:04:39 GMT
via: 1.1 db8d6eb1919ade2943f4a573a505ba66.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
content-length: 0
x-amz-cf-id: L5lspt_cDJFGrLvF3vO_cLbDZ53bE2x0Pbogiy4V9tUZ5DYo1S1Qyg==
x-cache: Miss from cloudfront

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A93C 0
0 639ms
140ms Fetch
image/gif 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvt1WqntuAg4SRB-5hdze6p3npK7sZeqKpcvHztdJi2I2Hg46mr97RSk3yEDddvTLGl5F9Skh2RekZzAp5tCNoTWF53Tqr4g2_P0NeNoW4z0Bpo1LWoQzsKkONsvzqxL9sUP9sPtURRoytXTUQLj5iDHAZx0ed363slcM395T1qFTZ-CIuxt4IX2SG1sI71a-VYXCKmDKJdwJC3H6lw_o9Bvm6JsJaSTHcpu7vLn33f7MoHUE7jbUfKgMDk54sxbivCtY7m7ISj-Ahw4htDRvvmjN2t2VTXxB1srM22SP1464lgX4vItU5T3MqrIJJP5hpULJCz6SUMTdDQbooWmTCpK93a5exoWS5uEoNplD9E&sai=AMfl-YTYxxxCFCESxhWgmNgjmw81nWM2jPBrix7bTZpPFTNe12j-P75Sb_TGovzIRAGFbgrdiOZGZS6Ga2Jn98nphdFsklov7e98uBhYDOdzcSo7Y6hbspz0hDx-DVx4ZBk&sig=Cg0ArKJSzN9fpLuxSpi8EAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 25 Oct 2023 13:04:39 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ 0
217 B 880ms
341ms XHR
text/plain 13.225.4.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.4.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-4-200.sin52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 25 Oct 2023 13:04:39 GMT
via: 1.1 db8d6eb1919ade2943f4a573a505ba66.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
content-length: 0
x-amz-cf-id: 75sn23jQfPcwK5JA1V3BCR99l66_JqDx9kVGmyZCZ-zZXrkqsBU_TQ==
x-cache: Miss from cloudfront

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2CA6 13 KB
5 KB 92ms
91ms Document
text/html 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visiontimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 33119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 03:52:39 GMT
expires: Thu, 24 Oct 2024 03:52:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 14DB 829 B
980 B 96ms
95ms Document
text/html 142.250.4.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.105 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f105.1e100.net

Software

GSE /

Resource Hash

2763d0df39ae6be6cb6ea8b9018904d9bcea3cab15b16305e1af5a9385849e1a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-h6yzIbq7vEjmsiwOT1tSeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.visiontimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-h6yzIbq7vEjmsiwOT1tSeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 13:04:38 GMT
expires: Wed, 25 Oct 2023 13:04:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 init Show response
gw.geoedge.be/api/ 0
216 B 859ms
346ms XHR
text/plain 13.225.4.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.4.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-4-200.sin52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.visiontimes.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 25 Oct 2023 13:04:39 GMT
via: 1.1 db8d6eb1919ade2943f4a573a505ba66.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
content-length: 0
x-amz-cf-id: -TBtrBq8Ffg7Mae33XsO3VH99NUse9DEDsjVRK4Z1bXQQnloLyMW9Q==
x-cache: Miss from cloudfront

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 14DB 0
0 141ms
139ms Image
text/html 74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310190101&jk=2118999449036481&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sb-in-f157.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 200 nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js Show response
pagead2.googlesyndication.com/bg/ Frame 2CA6 39 KB
15 KB 92ms
92ms Script
text/javascript 74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

sffe /

Resource Hash

9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:00:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 479041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15187
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 00:00:37 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 2CA6 0
40 B 90ms
89ms Image
text/plain 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ljdzIA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:04:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 133ms
133ms Image
text/html 74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310190101&jk=2118999449036481&bg=!9vWl9brNAAaMkNwkrJA7ADQBe5WfOCmVzbqDASM9msQmwRDjtvVNZ14DzI0PtTDHW4DHQIgDLSiLij6EbCTNfVGeDKDBAgAAAFpSAAAABGgBB5kCuSaHjYqCYaqRrWux9GTlEPFrkDgYkjQ0DfpN0nmZwvqDqQX4F3UAPaEXAOYCYZXAsGr2pKWnypVjGrkMmBL-HGZXNRLFO2I4Qa6YHRbYXEaU1WpV4SDBkx-CM7d7ovni5kDj_bFWv981eIkRf7suDd0MaytJuMMWs88rtjPbhsJ2XR85w_6ojWCRnYRfhrfpjP8qAzbb_KsLbGhX-gPxepUwWojiRLaatxMBENwgotHzOuGrFGYPwdNlIMkVvX1uxQYLv5CywfDY36V66aqXgmaATKJrikGsjNJgsOq-kbRQkLpcGppl7mFp9qV3TxFKGnydn9QOZW9Sqv0UrAGYhnJjc4VCrNt1OzPfXdO691UoovrzoNyubpeMtOv7tvD1Weu0XttSpxv8tDBKRQM0lhtojcLH-qG7cY3nXi18uGzsxcejIFjgv2BBDtud2Tk61xlO-EyhkYqNAFfGrW-oVdjGIE7wVJtPTjzIRgyfpObp6j-H96jFZi-BMbYQd5Bn1SmHNd_YM0IuqClqNpfs4pWzmvx3qsLWnIb8CNN-mTbbU4mgMz1iZdkhzCdU_XmPJ09LHTUHPA_3hYAVT56t_MwOvRPqi4aCz9tquB4IzAhMEYCxXOKzs3uosNofNMBuPmgte9w7JxyyZnFmOuehdcUKugiuRyAV1ZNbppOj-oqaX3OedXFfHuC9Xv3X7Jetge-21nLgQIKpH8dPNFWMeEsRX7SZTWlMXM3p06b_-jSRcgAJXclfdy4vqDG_PGF35ZO22zAgCDNESk40XTzSsGOreqHfZ04wUooND8vMSUGb-FAcMJoE7NUX_GQ2-hQprMjmMJnll7DLKRxZWoxz3XlPWvLXCTM0vXqy81Bdz5jiOBwF0OVp7DN9_BOrJ-ilGfOcsWiQ6h-hVK5Bk2YtSBfLEY4UHFaMmiA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sb-in-f157.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2F77 42 B
174 B 148ms
148ms Fetch
image/gif 74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvv5Yqau8X5HLDOAcqzksg9a0DH4Iy0JLdmdb0UGXoPvDJGho3Sq_0KKP9tnEQODdy_IGmMOU7c-HoXlXxWKEqcEH5IzF_WZ_DDS6Qp1dmbXJPAf7jSNc0WFXR48E8o&sig=Cg0ArKJSzA2QEVk9LtBzEAE&id=lidar2&mcvt=1001&p=833,1069,1433,1369&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=0.61&vu=1&app=0&itpl=3&adk=3438327699&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698239077803&rpt=828&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 13:04:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A93C 42 B
108 B 154ms
154ms Fetch
image/gif 74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsse-sQ2sJQ_lYfutFvS5XF1G7AfV8RdsRVgrlEUNrs5epmioLb1jQJrDdqpTJsBHru6eUs5ZGS9g51uRyAu8vblPcFsvjIdn2DRLbxyueAmvI9ATDvlIYKbYja2kexw&sig=Cg0ArKJSzGJYh0rCT4f_EAE&id=lidar2&mcvt=1000&p=1109,436,1199,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3176531151&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698239077649&rpt=1045&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 13:04:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1C8B 42 B
108 B 153ms
152ms Fetch
image/gif 74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCeHnbm92Uc6QgvqzfQm1oAoeTepG4gAzmJQUzEQSVS50QyxZgFKhuHiq5U_mQYxLpVzTyJTx-hjcbQS7MLdKm-vQUm6zrNajRLYM5b0wwd5xavD89bDJK12mza-Dk&sig=Cg0ArKJSzDfIm9oMguzxEAE&id=lidar2&mcvt=1002&p=30,436,120,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2296131749&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698239077792&rpt=869&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.visiontimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 13:04:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sdk.truepush.com
URL: https://sdk.truepush.com/api/v1/updateOriginalUrl

Domain: id5-sync.com
URL: https://id5-sync.com/api/config/prebid

Domain: id5-sync.com
URL: https://id5-sync.com/c/1009/19/4/5.gif?puid=5198f556c72263663eac864902fe067b&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.visiontimes.com/	1970-01-20 17:53:35	Name: _gcl_au Value: 1.1.1924962688.1698239072
.visiontimes.com/	1970-01-21 01:19:59	Name: _ga_7LEG9MJJ0Q Value: GS1.1.1698239072.1.0.1698239072.60.0.0
.visiontimes.com/	1970-01-21 01:19:59	Name: _ga Value: GA1.1.2041818263.1698239072
.visiontimes.com/	1970-01-20 17:53:35	Name: _fbp Value: fb.1.1698239072915.1368710449
.visiontimes.com/	1970-01-21 00:29:35	Name: FCNEC Value: %5B%5B%22AKsRol_6sUHlE_A26CQ0QBIBDwRoGjf8NKb6Q-PQIAytk3m53esoTEy-RfneUhH8E7bewHIFrklqCoF-4K5WIzy1PewEwGjC7nanTjM0snMRVx8qulMqiT4dYjQk1U8Ahmc99Zhp2dtISge4luPRQ_6cnCrCAhrI2A%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
www.visiontimes.com/	1970-01-20 16:27:11	Name: _pbjs_userid_consent_data Value: 3524755945110770
.visiontimes.com/	1970-01-21 00:29:35	Name: _sharedid Value: c025df8e-db0b-428e-b7ea-9b0b511a1e3f
.visiontimes.com/	1970-01-21 01:06:03	Name: cto_bundle Value: B9y9TF9HSEE3NHFRakRha1V4QkhCd3M1bnR1cjAyZTRjMndjZXJoTk9xWk9lSCUyQmp2d2lMV1N0ZlI0Nk5zTEdVdUhxTFNiOVE1MGElMkZ0UjRHU2htTndYdmUyTEFiRlFYTm9kWWtjanZpT2tXRGF1S1pxaU52bDIwajh6RFM5Y0c4ckNFSkY
.visiontimes.com/	1970-01-21 01:06:03	Name: cto_bidid Value: qvy7vl9EMVVhd250SnM4Y09nRDc4MnZoREUxaHF0OGs1dHd2TE9wdVpnM3A5QUJNb0dmaE9NVXgyekclMkZYQ0dxRk16MndNcUpObklXRkV1MDJyZEE2bURxbGx3JTNEJTNE
.yandex.ru/	1970-01-21 01:19:59	Name: yandexuid Value: 1977813931698239076
.doubleclick.net/	1970-01-21 01:19:59	Name: IDE Value: AHWqTUl3Jfjj1L5ssJ2lbTBO27CZbI993KmeEon_PNZVZgfYtcVdUSlcxFlQsgJxdjg
.visiontimes.com/	1970-01-21 01:05:35	Name: __gads Value: ID=51f5318df031ffd2:T=1698239077:RT=1698239077:S=ALNI_MZfYCS8RzY4c6GDxZj9ng1x-am8hg
.visiontimes.com/	1970-01-21 01:05:35	Name: __gpi Value: UID=00000c7370397165:T=1698239077:RT=1698239077:S=ALNI_Mbifb-LY37n4PRSwhP1RAH6AxmZ8w
.id5-sync.com/	1970-01-20 17:53:35	Name: id5 Value: 8c395ad1-bbcd-7ade-9e7c-a3be7864a77d#1698239076598#2
.adsrvr.org/	1970-01-21 00:31:01	Name: TDID Value: 3bcc543b-5650-4377-9a60-4fed3384e04a
.adsrvr.org/	1970-01-21 00:31:01	Name: TDCPM Value: CAEYBSABKAIyCwjA3NHWtdmqPBAFOAE.
.adnxs.com/	1970-01-20 17:53:35	Name: uuid2 Value: 3037169158889736907
.id5-sync.com/	1970-01-20 17:53:35	Name: 3pi Value: 2#1698239081196#1545103454#3037169158889736907\|264#1698239079613#1171164163#3bcc543b-5650-4377-9a60-4fed3384e04a

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.matomo.cloud/kreativreason.matomo.cloud/matomo.js Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://www.visiontimes.com/2022/05/18/chinese-regime-harvests-over-150000-organs-from-jailed-prisoners-each-year-expert.html Message: The resource https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02a14cbc2a5808a18f6a1abb9cc6ea50.safeframe.googlesyndication.com
analytics.google.com
bs.yandex.ru
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.matomo.cloud
connect.facebook.net
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gum.criteo.com
gw.geoedge.be
id5-sync.com
img.visiontimes.com
intothebid.com
lb.eu-1-id5-sync.com
pagead2.googlesyndication.com
rumcdn.geoedge.be
sdk.truepush.com
sdki.truepush.com
secure.gravatar.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.cloudflare.com
www.facebook.com
www.google.com
www.google.com.sg
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.visiontimes.com
id5-sync.com
sdk.truepush.com
103.146.40.154
104.16.123.96
104.22.52.86
104.26.2.228
13.225.4.200
13.227.254.80
13.33.88.117
142.250.4.105
151.101.1.229
157.240.235.1
157.240.235.35
162.19.138.117
162.19.138.120
172.217.194.132
172.67.72.219
182.161.73.129
182.161.73.136
192.0.73.2
216.239.36.181
52.84.251.64
64.233.170.132
64.233.170.138
64.233.170.156
64.233.170.94
74.125.130.157
74.125.200.155
74.125.200.95
74.125.200.97
74.125.68.156
87.250.250.90
008dfebde1a5f1f5f13295c2d1312bf68d941fe3852536f46a9e20aed15e0584
05e367972fb2b4ee73f4b5314983457174cda021634f7abbca83da485bc1e0b0
0669ed123dc3ae2053bc81f1c9e2eaa7097b2a5586b5e011aa2ca78d3e8e4fdd
07e66a36790c390d4ddfdb68356f58b3a5fc4cebd8320d2b61cc10660bfaaf13
08ca7520df21a77ad6adfc790f9c1b6d76d91b7133040edf4c2769e2815dda10
0ab1f01bfcec1006fd8ca557b761f7037bc4b71d8354e9de99e2faab01d227f3
0be52c59e2ea3424c7d0b7824f1f5b6b148915858d40a874a6268826b9e5fe99
0d788adb14202ffaf084341c3a408c4b1cd0ba7ae90e6a2818f20608bbf3e8a2
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
1d034eebaa59c0d499dcbe8cbe0fba6d96b0d9abf6b0ab07942496965db4392d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2763d0df39ae6be6cb6ea8b9018904d9bcea3cab15b16305e1af5a9385849e1a
2b92670afda59fa4ccc4a37cf5709f8452696eab3a58f2fc3e17a109e37c2d78
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e4d5d58b54e8ef5381edd55941c4dbf4cef3d0dc3437faa693a22a2b25b9d19
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f073d4d3fc0402739752b2e1cec04eba91d033a93f5563a39947ab9825d831
33dabc0b1700dd456e7de7f51f809e1bf7ead5fe9e862c490edd31d5d55a6b94
376b767bf183b8afbcf86ba3ee5b08be9aac7bdad56662cd8966eb6d0bafb66c
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
466798fae129eb3899a28dc6cd8aaab04bfbad6e4a9f51d598a225041ea64165
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0
4a00df51954f5df5bc54685cb1fb85b2ee0826edb562df145eb196c690733824
4a75c6f77d0be8906f6b1845fd5a8bd7611e3f25533c61ff054a35c4a1758e6d
4bcd846b1730fa4ea82cb12544b3b239de2f8148b1ea02f06a9a2259d9a4cf64
4ecf24b7db78a8e99bb3c0581cc859f5edc4ef62e682d91e963ff3e9f8763c62
4fa4b198cfb6d05ba423ca91dbcccf63b1661005d555d19a671cff5934b2916c
51aa46b46c0f3615694e9a8cfdf4c5a31a567444c8b9d19f9ac056f45a74066a
543c813be0525f2c048c1c3976f9a8291df8adec2b57e6d0e6891c2670909ea1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
583a34a1ddf917cf80500d1fd0cf9f6d34c39ba1f6392654e7b1bfef30a43fb3
597f807c8a4dfde7eb8ab1a393c2d946fb52fbd83d9f34135ee110d60796a768
5a039addc7310296c2b5c767203d48de6aa90f9760149af0a5f6e050dd06189f
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
5ed28e4bb6c0fa26885f2d3e9d27e18049defe9594cf54a62acfe730b5f67397
5f79437210e2b63cd872593aa10464208aff99604328eed9ea4355b3cec436ac
6056c1158aba2cc14ed73368b0580ca66a1605b2109b0ec682821786ab4c68df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645934215dd80ebfdb1dad1d6e4dd52206628535590fda63a327b41ab1800229
6dc50509c75d563ba18f32e35c8aa2ff630f46492df8dad7c66515fe6eaf34ef
6f2baedcd158862b8b005f419813280e093b9fb2e0ba4f4074c9af30db27c928
704bd8bedcecb6494b3b5bfdde51fd941d87de7ab9ff6a91293c44e8f570ff38
749800653c805756388ad8d27be9aec1bdc9752525767da57979e97234e2d55f
74bc44085ff5b51bde6a2a8f757695484b82a6b9221507b61e31f3ee5a455251
76b9fab52e90e596cfee777b12037337ab1a85dacc8c13b40d1be6c5f705a9f9
7a0c2492156c5455f879cfd55e664ec58ca5d9b62455e9449e18f64f9a3b6f96
7f6adea3811e429b1b6b2941e9635e983e62b0844b44c28d6fe0d2f12888bba3
857c25b7523733b88952a25344cd212bcc6fd526837e7e35b227ee661b8f6dac
8839c21250f05ecfa44db3c88b553c8ac6bf1f4690378b109eb65f3b063e19b8
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
8f52cf597bb33d0c695497d6b3beb0e1e52b2e82675ebc7f6ed59145106a91b6
91cb30566b07d91015e9dcc61a4b1ae3351dee6b9af553c9166c26e4d7767fc3
924b00ecb2d3b22c84dfd3e73f23d8ccabba0f1810b9bc1828a0b5aa4c9e0310
9338a851ce40548846c98e951ba26e4c3b3619e32dd4a0296eb0efae9cf06851
9557e3460c790bceec122e7d1b9d89fbc08c40a7dc1be2515db39883ca5db33c
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
a07647e099008e090109de7e7ad8f541eacfa78d12c81cbe8627a252946f2dac
a183be88772a486884e3c720c0996861e349e957e14f396708cc5d43e8d5a923
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a7460bd9faa16196fcd3cef31df52056d3f856c1c3d26645c70bc152d520ca0e
abefa59fd4da2a604317561896c55aaec82198cbbc69d6a218a5bd5451ef9c5d
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
bc72be1f398c3936fcee07760d5d76019228b5aeeaf74786e81aae8c899d915a
bd2d2ecb9a7bfb8503737d8e9e65cd3f7123ef8037cda64a9616d7ed43599add
c0fab35005a7ccf2c705c2c1b147012083d48cff048c5e66c0862d600380e574
c8f85f9719fb9a209a22f0266ad8cca6fa05e449da92e5fafd21f6eb0627f76e
ccf7b12ecc8e9e8ffdde253ba24560e0b8742463ad4868c7659fc90968ffcb3a
d096c122dca23f0882dbed2412e8fdee45c7e171600515170c9825b13431c445
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d0e290f350cecc615cf4a6a466ad6fab80393ffc41457bba8baba5c814ec2fa7
d2e7a7741ce1712404e509a797a1a1cf5d0f5d81055d0be8383e79070e868d58
d8229f8206a0b49a2dc74820a78380eaf807c3d0f2066a53562d2b650aa21139
dcfb32778237c4943934f45b8373ddc2dac1ff2bce0758f1206919d6b771935c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7521a82bfe702f747876c9aca6df4a9d7b79d13a4f276f32da53632bd9293fa
e86588e0be64d69da582c9059539c3edd102e21238f1759a10e64ee78d96e55e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02b23bf0d9785412779acb7dfc37a4e5b46b775d853a3833e3f4d1049666559
f14339d5f27bb4b1dfa21bcb66ee9b88cd8fae644c105c2d575f2e992e4877e2
fa6978820330032ed14523dbcc082cbb7c621e7061ed75192981cc22324292a2

www.visiontimes.com Open in urlscan Pro 104.26.2.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

140 Requests

97 %HTTPS

0 %IPv6

23 Domains

33 Subdomains

31 IPs

6 Countries

3323 kBTransfer

7347 kBSize

18 Cookies

28 Outgoing links

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.visiontimes.com Open in urlscan Pro
104.26.2.228 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

97 %
HTTPS

0 %
IPv6

23
Domains

33
Subdomains

31
IPs

6
Countries

3323 kB
Transfer

7347 kB
Size

18
Cookies

140 HTTP transactions
5 data transactions