checkout.theepochtimes.com Open in urlscan Pro
35.227.229.25 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_t...
Submission: On April 20 via manual (April 20th 2024, 4:33:06 pm UTC) from IN — Scanned from DE

Summary HTTP 97 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 21 domains to perform 97 HTTP transactions. The main IP is 35.227.229.25, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is checkout.theepochtimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 18th 2023. Valid for: a year.

This is the only time checkout.theepochtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	35.227.229.25 35.227.229.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	35.244.243.66 35.244.243.66	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
16	104.21.234.69 104.21.234.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.86.20 104.16.86.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c02::9b	15169 (GOOGLE) (GOOGLE)
2	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
3	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
2	34.102.198.207 34.102.198.207	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	4.7.168.74 4.7.168.74	3356 (LEVEL3) (LEVEL3)
2	76.223.13.31 76.223.13.31	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	2a01:b740:a30... 2a01:b740:a30:f000::199	6185 (APPLE-AUSTIN) (APPLE-AUSTIN)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:9d16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.222.236.121 52.222.236.121	16509 (AMAZON-02) (AMAZON-02)
2	216.58.206.46 216.58.206.46	15169 (GOOGLE) (GOOGLE)
1	2600:9000:264... 2600:9000:2644:9400:f:1b37:e600:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a04:4e42:200... 2a04:4e42:200::645	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	52.222.236.29 52.222.236.29	16509 (AMAZON-02) (AMAZON-02)
1	18.245.31.121 18.245.31.121	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.202 172.217.16.202	15169 (GOOGLE) (GOOGLE)
1	3.234.25.89 3.234.25.89	14618 (AMAZON-AES) (AMAZON-AES)
5	34.192.191.43 34.192.191.43	14618 (AMAZON-AES) (AMAZON-AES)
6	3.64.16.20 3.64.16.20	16509 (AMAZON-02) (AMAZON-02)
4	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
2	2606:4700:440... 2606:4700:4400::6812:25a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:225... 2600:9000:2251:3000:10:f40e:dd80:21	16509 (AMAZON-02) (AMAZON-02)
2	13.225.78.129 13.225.78.129	16509 (AMAZON-02) (AMAZON-02)
97	34

8 35.227.229.25 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.229.227.35.bc.googleusercontent.com

checkout.theepochtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.243.66 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 66.243.244.35.bc.googleusercontent.com

subs.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.21.234.69 (None, )

ASN13335 (CLOUDFLARENET, US)

services.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
subsapi.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mixproxy.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.198.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.198.102.34.bc.googleusercontent.com

subs.theepochtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 4.7.168.74 (Hazleton, United States)

ASN3356 (LEVEL3, US)

ea.epochbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.13.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae1d37305401c759d.awsglobalaccelerator.com

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:b740:a30:f000::199 (Frankfurt am Main, Germany)

ASN6185 (APPLE-AUSTIN, US)

applepay.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:9d16 (United States)

ASN13335 (CLOUDFLARENET, US)

subscribe.theepochtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.236.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-121.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:9400:f:1b37:e600:93a1 (United States)

ASN16509 (AMAZON-02, US)

59c6119c9c08.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)

mp.theepochtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.236.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-29.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-121.fra56.r.cloudfront.net

challenges.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.234.25.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-25-89.compute-1.amazonaws.com

c95026d4b92648e1a9c25d8022249bd8-59c6119c9c08.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.192.191.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-191-43.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.64.16.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-16-20.eu-central-1.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

assets.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:25a1 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.iad-05.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:3000:10:f40e:dd80:21 (United States)

ASN16509 (AMAZON-02, US)

df45ay5pw60dy.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-129.fra2.r.cloudfront.net

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	epoch.cloud services.epoch.cloud — Cisco Umbrella Rank: 75454 cdn.epoch.cloud — Cisco Umbrella Rank: 90300 subsapi.epoch.cloud — Cisco Umbrella Rank: 79779 mixproxy.epoch.cloud — Cisco Umbrella Rank: 71785	348 KB
14	theepochtimes.com checkout.theepochtimes.com subs.theepochtimes.com — Cisco Umbrella Rank: 77537 subscribe.theepochtimes.com mp.theepochtimes.com — Cisco Umbrella Rank: 80995	605 KB
11	braintreegateway.com js.braintreegateway.com — Cisco Umbrella Rank: 8440 client-analytics.braintreegateway.com — Cisco Umbrella Rank: 9378 assets.braintreegateway.com — Cisco Umbrella Rank: 18444	7 KB
10	forter.com 59c6119c9c08.cdn4.forter.com challenges.forter.com — Cisco Umbrella Rank: 19968 c95026d4b92648e1a9c25d8022249bd8-59c6119c9c08.cdn.forter.com cdn0.forter.com — Cisco Umbrella Rank: 4641 cdn3.forter.com — Cisco Umbrella Rank: 4088	183 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1162	184 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2941 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 362	189 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
3	cloudfront.net df45ay5pw60dy.cloudfront.net	838 B
3	epochbase.com ea.epochbase.com — Cisco Umbrella Rank: 69424	470 B
3	youmaker.com subs.youmaker.com — Cisco Umbrella Rank: 114817	2 KB
2	braze.com sdk.iad-05.braze.com — Cisco Umbrella Rank: 3156	494 B
2	braintree-api.com payments.braintree-api.com — Cisco Umbrella Rank: 9956	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 7278	126 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	403 B
1	gstatic.com www.gstatic.com	201 KB
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2623	3 KB
1	cdn-apple.com applepay.cdn-apple.com — Cisco Umbrella Rank: 14241	49 KB
1	paypal.com www.paypal.com — Cisco Umbrella Rank: 2924	83 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	101 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 320	17 KB
97	21

	Domain	Requested by
8	checkout.theepochtimes.com	checkout.theepochtimes.com
7	js.stripe.com	checkout.theepochtimes.com js.stripe.com
7	cdn.epoch.cloud	checkout.theepochtimes.com
6	client-analytics.braintreegateway.com	checkout.theepochtimes.com
5	cdn0.forter.com
4	assets.braintreegateway.com	checkout.theepochtimes.com
4	maps.googleapis.com	checkout.theepochtimes.com maps.googleapis.com
4	www.google-analytics.com	checkout.theepochtimes.com www.google-analytics.com
3	df45ay5pw60dy.cloudfront.net
3	mixproxy.epoch.cloud	services.epoch.cloud mixproxy.epoch.cloud
3	mp.theepochtimes.com	services.epoch.cloud mp.theepochtimes.com
3	ea.epochbase.com	subs.theepochtimes.com
3	www.google.com	checkout.theepochtimes.com www.gstatic.com
3	region1.analytics.google.com	www.googletagmanager.com
3	subsapi.epoch.cloud	checkout.theepochtimes.com subs.theepochtimes.com
3	services.epoch.cloud	checkout.theepochtimes.com
3	subs.youmaker.com	checkout.theepochtimes.com
2	cdn3.forter.com
2	sdk.iad-05.braze.com	mp.theepochtimes.com
2	payments.braintree-api.com	checkout.theepochtimes.com
2	subs.theepochtimes.com	checkout.theepochtimes.com subs.theepochtimes.com
2	www.google.de	checkout.theepochtimes.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
1	c95026d4b92648e1a9c25d8022249bd8-59c6119c9c08.cdn.forter.com
1	challenges.forter.com
1	www.gstatic.com	www.google.com
1	59c6119c9c08.cdn4.forter.com	checkout.theepochtimes.com
1	www.paypalobjects.com
1	subscribe.theepochtimes.com
1	applepay.cdn-apple.com	checkout.theepochtimes.com
1	js.braintreegateway.com	checkout.theepochtimes.com
1	www.paypal.com	checkout.theepochtimes.com
1	www.googletagmanager.com	checkout.theepochtimes.com
1	cdn.jsdelivr.net	checkout.theepochtimes.com
97	34

This site contains links to these domains. Also see Links.

Domain
offers.theepochtimes.com
subscribe.theepochtimes.com
help.theepochtimes.com
profile.theepochtimes.com

Subject Issuer	Validity	Valid
*.theepochtimes.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-18` - `2024-07-17`	a year	crt.sh
*.youmaker.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-18` - `2024-07-17`	a year	crt.sh
epoch.cloud GTS CA 1P5	`2024-02-25` - `2024-05-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.epochbase.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-15` - `2025-02-14`	a year	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2023-08-23` - `2024-09-22`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
applepay.cdn-apple.com Apple Public Server ECC CA 12 - G1	`2024-03-27` - `2024-06-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-03-27` - `2024-06-27`	3 months	crt.sh
*.cdn4.forter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-28` - `2024-12-15`	a year	crt.sh
mp.theepochtimes.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-10-24` - `2024-11-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
challenges.forter.com Amazon RSA 2048 M02	`2024-01-24` - `2025-02-21`	a year	crt.sh
*.cdn.forter.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-11-23` - `2024-07-22`	8 months	crt.sh
cdn0.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-22`	a year	crt.sh
client-analytics.braintreegateway.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-24` - `2025-01-23`	a year	crt.sh
sdk.iad-05.braze.com E1	`2024-04-19` - `2024-07-18`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
cdn3.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-03`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button
Frame ID: F31C00E71F267E4BC8C26139B9340E6D
Requests: 81 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: FF61CD5D13331F8BFD907ABEC66ABA5F
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-f5282affe3c1d903364a837590431600.html
Frame ID: 83BB5B3B123F9459643847F901A66AAB
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-4822aa166789f5226b5ff79d09d289c0.html
Frame ID: 76B3DC82539BB3B06E99653BDDA06D48
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-24a4a44788cff98bfa4d49699e2e4e1d.html
Frame ID: A734930FF29210A2E15DB3FA2DD88115
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcmJLkZAAAAAMziOnaFrJkOV4ClF_H8OvcqvlyE&co=aHR0cHM6Ly9jaGVja291dC50aGVlcG9jaHRpbWVzLmNvbTo0NDM.&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=8322hx5x4b90
Frame ID: 3ED39D8F4398219C74034BCE1CE84FBA
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.95.0/html/hosted-fields-frame.min.html
Frame ID: 7924562BF41522A23279E820A7CDBC4E
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.95.0/html/hosted-fields-frame.min.html
Frame ID: F844A15EA05AE0A6DF304A1B862E5B81
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.95.0/html/hosted-fields-frame.min.html
Frame ID: CF87B83B078623C422C8A6882108E9D9
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.95.0/html/hosted-fields-frame.min.html
Frame ID: 8B43FC20040C33057588E9B7945D5AC2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Epoch Times

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Braintree (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.braintreegateway\.com

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

97
Requests

98 %
HTTPS

36 %
IPv6

21
Domains

34
Subdomains

34
IPs

4
Countries

1997 kB
Transfer

5979 kB
Size

15
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://offers.theepochtimes.com/candigital?utm_source=uscheckout
Title: Canadian

Search URL Search Domain Scan URL

URL: https://subscribe.theepochtimes.com/p/?page=au-digitalsub&utm_medium=uscheckout&utm_source=uscheckout&utm_campaign=uscheckout
Title: Australian

Search URL Search Domain Scan URL

URL: https://help.theepochtimes.com/hc/en-us/articles/360052271792-Term-of-Service-Digital-Subscription
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://profile.theepochtimes.com/
Title: click here

Search URL Search Domain Scan URL

URL: https://help.theepochtimes.com/
Title: click here

Search URL Search Domain Scan URL

URL: https://subscribe.theepochtimes.com/p/?page=upgrade-access
Title: Upgrade

Search URL Search Domain Scan URL

URL: http://help.theepochtimes.com/
Title: Help Center

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

97 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
checkout.theepochtimes.com/p/ 46 KB
46 KB 236ms
145ms Document
text/html 35.227.229.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.229.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.229.227.35.bc.googleusercontent.com
Software: nginx/1.23.3 / PHP/7.2.24
Resource Hash: 644d744f94ebd5e8a6f3be1ef82469ad0f7efcc954d3c68904ed36c77e78f65e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=3600
content-type: text/html; charset=UTF-8
date: Sat, 20 Apr 2024 16:32:54 GMT
expires: Sat, 20 Apr 2024 17:32:54 GMT
pragma: cache
server: nginx/1.23.3
vary: Accept-Encoding
via: 1.1 google
x-powered-by: PHP/7.2.24

GET
H2 200 bootstrap.min.css
checkout.theepochtimes.com/p/static/cp-eet/src/ 156 KB
21 KB 153ms
150ms Stylesheet
text/css 35.227.229.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.theepochtimes.com/p/static/cp-eet/src/bootstrap.min.css
Requested by: Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.229.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.229.227.35.bc.googleusercontent.com
Software: nginx/1.23.3 /
Resource Hash: 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:54 GMT
via: 1.1 google
content-encoding: br
last-modified: Fri, 30 Sep 2022 23:34:19 GMT
server: nginx/1.23.3
age: 0
etag: W/"63377cfb-26f1b"
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
cache-control: public,max-age=3600
accept-ranges: none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21875

GET
H2 200 template.css
subs.youmaker.com/lib/ 4 KB
1 KB 166ms
42ms Stylesheet
text/css 35.244.243.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/lib/template.css
Requested by: Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: ea660872abe29e5e806c4e1e55aaa1d46af42c50dace4c5d777a49336e95ad8c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:54 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 11 Apr 2024 21:45:11 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=3600, public, no-transform
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1243
expires: Sat, 20 Apr 2024 17:32:54 GMT

GET
H2 200 styles-custom.css
checkout.theepochtimes.com/p/static/cp-eet_5/src/ 34 KB
8 KB 147ms
145ms Stylesheet
text/css 35.227.229.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.theepochtimes.com/p/static/cp-eet_5/src/styles-custom.css?v=41624
Requested by: Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.229.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.229.227.35.bc.googleusercontent.com
Software: nginx/1.23.3 /
Resource Hash: bdb1cfec11213df76f7838943cf15cab73b198d05637df23e4fae1dbd088c76d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:54 GMT
via: 1.1 google
content-encoding: br
last-modified: Tue, 16 Apr 2024 18:46:15 GMT
server: nginx/1.23.3
age: 0
etag: W/"661ec777-873e"
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
cache-control: public,max-age=3600
accept-ranges: none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7964

GET
H3 200 epoch_mixpanel.min.js Show response
services.epoch.cloud/public-labs/epoch-ai/ 12 KB
5 KB 117ms
56ms Script
application/javascript 104.21.234.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.epoch.cloud/public-labs/epoch-ai/epoch_mixpanel.min.js
Requested by: Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c40af27e0f6d493bce1be8e3d782717f2ee4936fbb40841d81b26adc5c98c9c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 16 Mar 2024 12:53:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2382
etag: W/"65f59642-3087"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yjuApmDOyp%2B8iodY5zb1Z8WleOrAzsBHnDS9Kdicbx94pT3RJEqkDi0aJj%2F%2Fcgtw2Bvw3vw5kmFZ%2FM%2F14fB4OwIEuDRu9DPZUOuAhpcyk%2BJs8HAmD0GufPcjgCvYpP3lggBgc44uEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 877688731e67672a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 rw-lock-icon3.png
cdn.epoch.cloud/assets/static_assets/ 753 B
1 KB 114ms
54ms Image
image/png 104.21.234.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.epoch.cloud/assets/static_assets/rw-lock-icon3.png
Requested by: Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f892d41faf9a44be63b0749043b9c845207446a881a4612d7832ddf59f31d493

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 425
alt-svc: h3=":443"; ma=86400
content-length: 753
last-modified: Mon, 08 Aug 2022 21:47:41 GMT
server: cloudflare
etag: "62f1847d-2f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HoIcZqU6RbjPxa0yjsJCqIxqEmjoAYYMRl3%2B9aTt5VOsnte4Fk7pkQrfHyJaW7UhMc9eq7RpYQEgHIQTRsiPJsWBk523GIKGRzW0Zeis9i%2FVaN%2B3lOKgIKIo9wDfGzCePdk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, no-transform
accept-ranges: bytes
cf-ray: 877688730e63672a-AMS
expires: Sat, 20 Apr 2024 16:35:49 GMT

GET
H2 200 jquery.min.js Show response
checkout.theepochtimes.com/p/shared/ 86 KB
31 KB 151ms
151ms Script
application/javascript 35.227.229.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.theepochtimes.com/p/shared/jquery.min.js
Requested by: Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.229.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.229.227.35.bc.googleusercontent.com
Software: nginx/1.23.3 /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:54 GMT
via: 1.1 google
content-encoding: br
last-modified: Fri, 30 Sep 2022 23:34:19 GMT
server: nginx/1.23.3
age: 0
etag: W/"63377cfb-15851"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=3600
accept-ranges: none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31351

GET
H3 200 marketing-offers.js Show response
checkout.theepochtimes.com/cached/ 10 KB
3 KB 168ms
168ms Script
application/javascript 35.227.229.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.theepochtimes.com/cached/marketing-offers.js?v=20240203
Requested by: Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.229.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.229.227.35.bc.googleusercontent.com
Software: nginx/1.23.3 /
Resource Hash: 7bd503f44047334fb77b1c1b43c7dd45db1193b9e30b8a9639633c2226fc5cdd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:54 GMT
via: 1.1 google
content-encoding: br
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2848
last-modified: Mon, 12 Feb 2024 20:14:20 GMT
server: nginx/1.23.3
etag: W/"65ca7c1c-27a3"
vary: Accept-Encoding,Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public,max-age=3600
accept-ranges: none
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 et_utils.js Show response
services.epoch.cloud/public-labs/epoch-ai/ 160 KB
30 KB 70ms
67ms Script
application/javascript 104.21.234.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.epoch.cloud/public-labs/epoch-ai/et_utils.js
Requested by: Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 800d62fe0628223dc3d7f258a4444e92a8ea18c64416f0dcc073ec4188bed81b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Apr 2024 20:01:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7023
etag: W/"660db5b3-27e66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EEZfnE5F%2Fwm7NfC6ZO%2BkUaFTOk753cJPceBSfdp1CJVvyq%2FW0aE4z4WFPl9VkyWMkQyYM5oJQv18sItrg2%2B2DBT2kNfcta1vFTPYwlWQDnaUDg9981kCTSRBQ%2BgcOlmQ5n5BFwIDDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 87768873ef4e672a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/ 59 KB
17 KB 148ms
65ms Script
application/javascript 104.16.86.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/bootstrap.min.js

Requested by

Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Origin: https://checkout.theepochtimes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14133926
x-jsd-version: 4.4.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"ea6a-s8EWxl5vBTqqtF5WGaeOwAJxpQ8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=565BrZ6qjMl1TlcHxhxnq9TWAl574GMpm3%2FuoyWdBlA6s9ABqhxaTgbFmnMk4AkNEIV8WmO2%2FOcBwdU7GpHmA8wFSrXzZ7afyI1Ky3gMR3Pub9DF6acIQNQNxjfjELdmdf0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 877688747b0dc01e-WAW

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
101 KB 175ms
69ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6492c163dc87960f99da99d37137994f7978c10eefc5b6307c3913d2c977ead1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102529
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 20 Apr 2024 16:32:54 GMT

GET
H3 200 ActaDeck-Medium.otf
cdn.epoch.cloud/assets/fonts/ 51 KB
51 KB 120ms
61ms Font
application/octet-stream 104.21.234.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.epoch.cloud/assets/fonts/ActaDeck-Medium.otf
Requested by: Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/static/cp-eet_5/src/styles-custom.css?v=41624
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48c675529d813e074e45b83d5d12dde2bf726bb6b31ee8227dbfcf946e05af5c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Origin: https://checkout.theepochtimes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2459
alt-svc: h3=":443"; ma=86400
content-length: 51776
last-modified: Wed, 19 Feb 2020 18:57:39 GMT
server: cloudflare
etag: "5e4d8523-ca40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vob705ovHhSiDAWz8wZt5p%2BanC7EGzeW9y0b0OMFM6Y%2BFfuxiguoj3z3kR59YAGSaeLz%2BWilG0p3nkyjDnj%2BlYdENhCfFPBfZIOzZb4BRJKQlOal%2BaQ4bywXLw%2BYLrCFS4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87768874de57d2c1-CDG

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 131ms
38ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 20 Apr 2024 15:39:22 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3212
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 20 Apr 2024 17:39:22 GMT

GET
H3 200 get_offer_details Show response
subsapi.epoch.cloud/chargebee/ 4 KB
2 KB 147ms
146ms XHR
application/json 104.21.234.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subsapi.epoch.cloud/chargebee/get_offer_details?offer_id=fs-0_25p1w-4p1w-tr
Requested by: Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/shared/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6406e106628a74a03504a7686b5621b1ae03df7d3b10408749d7522b21831e3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://checkout.theepochtimes.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BiV9n89g9WwRmxQpjTSxdMqCspu7zZhlsMezr2HP2x%2Bu%2FBrx8wO2h47yDJxE4W24U2aJTph2wVR3Z1z8PpIKaVdo9NHJ0tdqBw3sE1acLnbWOvgpRRYm54lQGp635psGVCYBALl1"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
cf-ray: 877688774aef66bb-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 get_offer_details
subsapi.epoch.cloud/chargebee/ Frame 0
0 331ms
244ms Preflight 104.21.234.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subsapi.epoch.cloud/chargebee/get_offer_details?offer_id=fs-0_25p1w-4p1w-tr
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://checkout.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
allow: GET, POST, PUT, DELETE
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87768875c8cf66bb-AMS
content-length: 0
date: Sat, 20 Apr 2024 16:32:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BFUgpWxUNLj%2FsVcO8TXGOrIW1k9NPSgtmsf8VPxPGbNayPOpIla9lzDd4rdVs8zDWHgfjE6PVG7REKpXVPMsR7tJErX6c8W%2BoVoU5pxdh%2BC7ElWcG7fCI%2F9cUkYmUe8MLISawvXS"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H2 204 collect
region1.analytics.google.com/g/ 0
261 B 140ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RD0QM5H02Q&gtm=45je44h0v884763001za200&_p=1713630774570&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1046178831.1713630775&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=Eg&_s=1&sid=1713630774&sct=1&seg=0&dl=https%3A%2F%2Fcheckout.theepochtimes.com%2Fp%2F%3Fpage%3Dcp-eet_5%26o%3Dfs-0_25p1w-4p1w-tr%26utm_medium%3Demail%26utm_source%3Depoch101%26utm_campaign%3DD1%26utm_term%3D2023CEOLetter%26utm_content%3Dbutton&dt=The%20Epoch%20Times&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1&tfd=755
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 20 Apr 2024 16:32:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://checkout.theepochtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 153ms
49ms Ping
text/plain 2a00:1450:400c:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RD0QM5H02Q&cid=1046178831.1713630775&gtm=45je44h0v884763001za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 20 Apr 2024 16:32:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://checkout.theepochtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 136ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RD0QM5H02Q&gtm=45je44h0v884763001za200&_p=1713630774570&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1046178831.1713630775&ul=de-de&sr=1600x1200&ir=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&_eu=AAg&_s=2&sid=1713630774&sct=1&seg=0&dl=https%3A%2F%2Fcheckout.theepochtimes.com%2Fp%2F%3Fpage%3Dcp-eet_5%26o%3Dfs-0_25p1w-4p1w-tr%26utm_medium%3Demail%26utm_source%3Depoch101%26utm_campaign%3DD1%26utm_term%3D2023CEOLetter%26utm_content%3Dbutton&dt=The%20Epoch%20Times&en=O02_fn2_checkout&_c=1&_et=4&tfd=760
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 20 Apr 2024 16:32:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://checkout.theepochtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 122ms
73ms Image
image/gif 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RD0QM5H02Q&cid=1046178831.1713630775&gtm=45je44h0v884763001za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1597834607

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 20 Apr 2024 16:32:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 130ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RD0QM5H02Q&gtm=45je44h0v884763001za200&_p=1713630774570&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1046178831.1713630775&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EEA&_s=3&sid=1713630774&sct=1&seg=0&dl=https%3A%2F%2Fcheckout.theepochtimes.com%2Fp%2F%3Fpage%3Dcp-eet_5%26o%3Dfs-0_25p1w-4p1w-tr%26utm_medium%3Demail%26utm_source%3Depoch101%26utm_campaign%3DD1%26utm_term%3D2023CEOLetter%26utm_content%3Dbutton&dt=The%20Epoch%20Times&en=scroll&_c=1&epn.percent_scrolled=90&_et=3&tfd=766
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RD0QM5H02Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 20 Apr 2024 16:32:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://checkout.theepochtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
216 B 46ms
45ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1741460557&t=pageview&_s=1&dl=%2Fp%2F%3Fpage%3Dcp-eet_5&dp=%2Fp%2F%3Fpage%3Dcp-eet_5&ul=de-de&de=UTF-8&dt=The%20Epoch%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACgAI~&jid=2065157125&gjid=544961657&cid=1046178831.1713630775&tid=UA-10465455-30&_gid=503984370.1713630775&_r=1&_slc=1&z=2098078234

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Apr 2024 16:32:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://checkout.theepochtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
356 B 54ms
48ms XHR
text/plain 2a00:1450:400c:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-10465455-30&cid=1046178831.1713630775&jid=2065157125&gjid=544961657&_gid=503984370.1713630775&_u=YADAAEAAAAAAACgAI~&z=744309742

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 20 Apr 2024 16:32:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://checkout.theepochtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 etfavicon.ico
checkout.theepochtimes.com/p/static/cp-eet_5/src/assets/img/ 1 KB
874 B 150ms
150ms Other
image/x-icon 35.227.229.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.theepochtimes.com/p/static/cp-eet_5/src/assets/img/etfavicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.229.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.229.227.35.bc.googleusercontent.com
Software: nginx/1.23.3 /
Resource Hash: c9dbc7808caf5977be20f7d14581ca4b1cad9ba7849eba5c2880de632475e84e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:54 GMT
via: 1.1 google
content-encoding: br
last-modified: Wed, 04 Jan 2023 22:11:33 GMT
server: nginx/1.23.3
age: 0
etag: W/"63b5f995-57e"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public,max-age=3600
accept-ranges: none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 853

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 167ms
84ms Image
image/gif 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-10465455-30&cid=1046178831.1713630775&jid=2065157125&_u=YADAAEAAAAAAACgAI~&z=664284759

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 20 Apr 2024 16:32:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 129ms
128ms Image
image/gif 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-10465455-30&cid=1046178831.1713630775&jid=2065157125&_u=YADAAEAAAAAAACgAI~&z=664284759

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 20 Apr 2024 16:32:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_eet.svg
cdn.epoch.cloud/assets/static_assets/ 16 KB
16 KB 250ms
250ms Image
image/svg+xml 104.21.234.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.epoch.cloud/assets/static_assets/logo_eet.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 867f5a29853ddd710b7c6485ff7c0f294d6dde33817c68e84535fb68572ffe8b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:55 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 10 Jan 2023 15:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63bd85bb-3f5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QNCE%2BRav4dgNm8cORZfbJhK3zMEp34HycUjNg5OLl3NR54iOBJWoki7XF4EvFinMAxjhlOj7HdKnG01kwMxL9eJ55Nu6ftWXfDO%2B%2FQ8edsv0%2FFqdjVXxt8j5b0PdLCoAJEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400, no-transform
accept-ranges: bytes
cf-ray: 877688783f20672a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 16220
expires: Sat, 20 Apr 2024 16:42:55 GMT

GET
H2 200 api.bundle.js Show response
subs.theepochtimes.com/lib/ 379 KB
111 KB 140ms
43ms Script
text/javascript 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Requested by: Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/shared/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: e94f6188b5b551097eb0d79366c0582bc6501c38dbbe3f7e41d921447b0654df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:55 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 11 Apr 2024 21:45:11 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600, public, no-transform
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 20 Apr 2024 17:32:55 GMT

GET
H3 200 geo Show response
subs.theepochtimes.com/rules/ 113 B
131 B 86ms
43ms XHR
application/json 34.102.198.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.theepochtimes.com/rules/geo
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.198.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.198.102.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2f64e0e2cdb11a60def0a9886889cd8ca97c0eef1c648eefe893050614330132

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:55 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://checkout.theepochtimes.com
access-control-allow-credentials: true
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113

OPTIONS
H2 200 c
ea.epochbase.com/api/pw/ Frame 0
0 364ms
112ms Preflight 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://checkout.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Content-Type
access-control-allow-methods: GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin: *
allow: GET, POST, OPTIONS, PUT, DELETE
content-length: 0
date: Sat, 20 Apr 2024 16:32:55 GMT
server: nginx/1.20.1

GET
H3 200 checkout-eet-digital-inline.html Show response
checkout.theepochtimes.com/cached/ 1015 KB
254 KB 149ms
148ms XHR
text/html 35.227.229.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.theepochtimes.com/cached/checkout-eet-digital-inline.html?v=20231115
Requested by: Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/shared/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.229.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.229.227.35.bc.googleusercontent.com
Software: nginx/1.23.3 /
Resource Hash: 4f39f6c8ea61843262aa9174c06c978f48c2a8b0308a9aa8303f51080d7f5709

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: */*
Referer: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:55 GMT
via: 1.1 google
content-encoding: br
last-modified: Fri, 22 Mar 2024 20:38:12 GMT
server: nginx/1.23.3
etag: W/"65fdec34-fdb59"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: none
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 c Show response
ea.epochbase.com/api/pw/ 0
235 B 502ms
501ms XHR
text/plain 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://checkout.theepochtimes.com/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://checkout.theepochtimes.com
date: Sat, 20 Apr 2024 16:32:56 GMT
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE

OPTIONS
H2 200 graphql
payments.braintree-api.com/ Frame 0
0 146ms
53ms Preflight 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,braintree-version,content-type
Access-Control-Request-Method: POST
Origin: https://checkout.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,braintree-version,content-type
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://checkout.theepochtimes.com
access-control-max-age: 1800
date: Sat, 20 Apr 2024 16:32:56 GMT
paypal-debug-id: b3f32d44f3664
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY

OPTIONS
H3 200 geo
subs.youmaker.com/rules/ Frame 0
0 83ms
40ms Preflight 35.244.243.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/rules/geo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://checkout.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://checkout.theepochtimes.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 20 Apr 2024 16:32:56 GMT
server: nginx/1.20.1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google
x-robots-tag: noindex

GET
H2 200 js Show response
www.paypal.com/sdk/ 303 KB
83 KB 138ms
43ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AWtf7Xi5TNTK7h_WCskCc4wz9gFE6nP3jVyzQ_d3597uGaGCprXW0otwYxcJ3LkCBrZ7jLmFaBSZ_ymb

Requested by

Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/shared/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

684a4d12399a33fda0ae46edcf8c2852b7cc88a59a167448218a7c4720b45ebb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-WbDTeHarJjyjgJLCsM3rBbn6fFG3i3hKz3svdm8dzauetAVW' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-WbDTeHarJjyjgJLCsM3rBbn6fFG3i3hKz3svdm8dzauetAVW' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-WbDTeHarJjyjgJLCsM3rBbn6fFG3i3hKz3svdm8dzauetAVW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-WbDTeHarJjyjgJLCsM3rBbn6fFG3i3hKz3svdm8dzauetAVW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Sat, 20 Apr 2024 16:32:56 GMT
age: 829
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f94980709273b
server-timing: "traceparent;desc="00-0000000000000000000f94980709273b-a91a7cca6ab55eee-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 82795
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220117-FRA, cache-fra-etou8220117-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f94980709273b-dc7a3d6cf3152213-01
x-timer: S1713630776.007768,VS0,VE4
etag: W/"1436b-iEc6GtVfXiE5nlvcoxa725qhH3g"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 apple-pay.min.js Show response
js.braintreegateway.com/web/3.92.2/js/ 19 KB
6 KB 176ms
38ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.92.2/js/apple-pay.min.js

Requested by

Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/shared/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD3) /

Resource Hash

54f0fb98a67d4b58ade95625cb0e556024eede601f8ade2212efdeceab07c25c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 3a974f72f2775
dc: ccg11-origin-www-1.paypal.com
content-length: 6083
last-modified: Mon, 24 Apr 2023 20:07:58 GMT
server: ECAcc (frc/4CD3)
traceparent: 00-00000000000000000003a974f72f2775-e659a9a7d6e8c08d-01
etag: W/"6446e19e-4ca2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com

GET
H/1.1 200
OK apple-pay-sdk.js Show response
applepay.cdn-apple.com/jsapi/v1/ 162 KB
49 KB 253ms
38ms Script
application/javascript 2a01:b740:a30:f000::199
APPLE-AUSTIN

General

Check archive.org

Show headers Download Go to

Full URL

https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js

Requested by

Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/shared/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a01:b740:a30:f000::199 Frankfurt am Main, Germany, ASN6185 (APPLE-AUSTIN, US),

Reverse DNS

Software

Apple /

Resource Hash

afd584eb5736dd0208473226960ee2d03ca960465d28b21bf9e3a610c70899e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 20 Apr 2024 00:49:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
content-encoding: gzip
Age: 56635
Via: http/1.1 defra1-edge-lx-003.ts.apple.com (acdn/146.14424), http/1.1 defra1-edge-bx-011.ts.apple.com (acdn/146.14424)
X-Cache: hit-fresh, hit-fresh
CDNUUID: e85777ed-8e97-40b4-a453-2af36aff9e1c-31384556770
edge-control: cache-maxage=7d
x-envoy-upstream-service-time: 6
Connection: keep-alive
Content-Length: 48790
x-xss-protection: 1; mode=block
apple-tk: false
Server: Apple
apple-seq: 0
x-conversation-id: 0e87251c-5713-b98f-12eb-8926a3b74e5c
etag: "836f40c1160e2cc053e0fd945a62cca3--gzip"
apple-originating-system: wp-content-server-prod1-use1
vary: Accept-Encoding
Content-Type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401, stale-while-revalidate=86400
access-control-allow-credentials: false

POST
H2 200 graphql Show response
payments.braintree-api.com/ 2 KB
1 KB 487ms
486ms XHR
application/json 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e375f6a53e0d9487f7d46732326e157ce7a37caeb76c48b9dab1e247bd2f334e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Bearer production_x6svx8k6_wnd8phj8q9zfhjvz
Braintree-Version: 2018-05-10
Content-Type: application/json
Referer: https://checkout.theepochtimes.com/
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 20 Apr 2024 16:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: nginx
vary: Braintree-Version, Accept-Encoding
braintree-version: 2016-10-07
content-type: application/json
access-control-allow-origin: https://checkout.theepochtimes.com
paypal-debug-id: a3731fec17924
cache-control: no-cache, no-store
x-frame-options: DENY
content-length: 813

GET
H3 200 epoch_mparticle.min.js Show response
services.epoch.cloud/public-labs/epoch-ai/mparticle/built/ 48 KB
12 KB 55ms
54ms Script
application/javascript 104.21.234.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.epoch.cloud/public-labs/epoch-ai/mparticle/built/epoch_mparticle.min.js
Requested by: Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0aacaee6a2feffc220f98eb6b4c6486fc27ad3fb18be0cb8feceef58094851a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Apr 2024 18:26:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 104
etag: W/"6622b76d-c0db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FN7OgKv8RkR5Il0kDtEXYZTj7WKQDYGsVlw7O%2B6eyxEtW8FhcHB8kX69LkDB49zWe8dk8U2Dj5RcAw2GLGPyLxhoZgW3v9LZhZnrYY99ShkB8IONdBppc3RbU7V1EPa%2Fc4GE%2B4RLkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 8776887e1830672a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 geo Show response
subs.youmaker.com/rules/ 113 B
131 B 42ms
40ms XHR
application/json 35.244.243.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/rules/geo
Requested by: Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/shared/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2f64e0e2cdb11a60def0a9886889cd8ca97c0eef1c648eefe893050614330132

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://checkout.theepochtimes.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:56 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://checkout.theepochtimes.com
access-control-allow-credentials: true
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113

POST
H3 200 senddata
subsapi.epoch.cloud/db/ 0
0 306ms
255ms Ping
text/plain 104.21.234.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subsapi.epoch.cloud/db/senddata
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 235 KB
77 KB 414ms
70ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBZcsIEp_xP-b8h1ggH2TLQ8F0UYmbBhPQ&libraries=places&callback=initMap

Requested by

Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/shared/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

a652bf0e6a6e6fd0968b42153d00071dbea8021763b3bf14018a85f31577c376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78322
x-xss-protection: 0

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
883 B 51ms
51ms Script
text/javascript 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcmJLkZAAAAAMziOnaFrJkOV4ClF_H8OvcqvlyE

Requested by

Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/shared/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

f909aa40478688b587f8792a98d91e8db4eef2dd52146a2b011cb1e127a33c31

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 20 Apr 2024 16:32:56 GMT

GET
H3 200 checkout-action.js Show response
checkout.theepochtimes.com/cached/ 1 KB
618 B 149ms
148ms XHR
application/javascript 35.227.229.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.theepochtimes.com/cached/checkout-action.js
Requested by: Host: checkout.theepochtimes.com
URL: https://checkout.theepochtimes.com/p/shared/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.229.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.229.227.35.bc.googleusercontent.com
Software: nginx/1.23.3 /
Resource Hash: 34376bb62eb3d210890bb6f8fd586681fe9ee22ccf48eee863c01213c0aa68be

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:56 GMT
via: 1.1 google
content-encoding: br
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 593
last-modified: Mon, 22 Jan 2024 21:04:26 GMT
server: nginx/1.23.3
etag: W/"65aed85a-57f"
vary: Accept-Encoding,Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public,max-age=3600
accept-ranges: none
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 cb-hp-sprite.png
subscribe.theepochtimes.com/p/static/checkout-v5-03-inline/src/ 22 KB
22 KB 468ms
368ms Image
image/png 2606:4700::6811:9d16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscribe.theepochtimes.com/p/static/checkout-v5-03-inline/src/cb-hp-sprite.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9d16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06359dd48d12a150a9f0061a308ce505fe2ab9e1169328bf3107fdc2fb0bebe8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:56 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 09 Oct 2020 18:55:32 GMT
server: cloudflare
etag: "5f80b224-580c"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 8776887eca795c74-FRA
content-length: 22540

GET
H3 200 RingsideNarrow-Book.otf
cdn.epoch.cloud/assets/fonts/ 124 KB
124 KB 59ms
59ms Font
application/octet-stream 104.21.234.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.epoch.cloud/assets/fonts/RingsideNarrow-Book.otf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1a4a7aa00e62b62538f84f4f380c16796c88078656d204c4f5ceebb59d84fe8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Origin: https://checkout.theepochtimes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2458
alt-svc: h3=":443"; ma=86400
content-length: 126860
last-modified: Wed, 19 Feb 2020 18:57:39 GMT
server: cloudflare
etag: "5e4d8523-1ef8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dgXOn7Kp6S9mVN4eYHtN1b%2BCZ6NDVnGrhB7tN1pO8Kmuc9Hur%2B2kBo1wfpa22hzONif%2Fpqhf0j%2B95xQacZ7aqlyQNadOTmNaEAMT%2FtdgA%2F1ZxlpdBTTKeqNLCdrNf3cGSF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8776887e4a14d2c1-CDG

GET
H2 200 PP_logo_h_100x26.png
www.paypalobjects.com/webstatic/en_US/i/buttons/ 3 KB
3 KB 168ms
40ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/en_US/i/buttons/PP_logo_h_100x26.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE5) /

Resource Hash

02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: c3754cefc6c74
dc: ccg11-origin-www-1.paypal.com
content-length: 2778
last-modified: Wed, 23 Jul 2014 23:32:46 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
server: ECAcc (frc/4CE5)
traceparent: 00-0000000000000000000c3754cefc6c74-36ec584050db7b17-01
etag: "53d0461e-ada"
content-type: image/png
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 20 Apr 2024 17:32:56 GMT

GET
H3 200 apple-pay.svg
cdn.epoch.cloud/assets/static_assets/ 6 KB
7 KB 78ms
78ms Image
image/svg+xml 104.21.234.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.epoch.cloud/assets/static_assets/apple-pay.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66baf110b86c1f1ae01a0e28985970d3827465e6aba6be54d5142a6d1eaa803c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 423
alt-svc: h3=":443"; ma=86400
content-length: 6352
last-modified: Mon, 26 Sep 2022 20:23:41 GMT
server: cloudflare
etag: "63320a4d-18d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZvjboajOblf3mYk7HcC5ic79I%2BNJWOnqUq9SXKEFxAl5aploIjOaje1GbIL%2Fw21Jhk58opHbccd6oNnrh%2BiC5ZMKinikZbdfYryKA9wVqbVqnV8FMRlOnudPa64I96BEkc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400, no-transform
accept-ranges: bytes
cf-ray: 8776887e386d672a-AMS
expires: Sat, 20 Apr 2024 16:35:53 GMT

GET
H3 200 google-pay.png
cdn.epoch.cloud/assets/static_assets/ 66 KB
66 KB 79ms
78ms Image
image/png 104.21.234.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.epoch.cloud/assets/static_assets/google-pay.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 829e4ad5e6d61ed3ba9654fbf7ce29864d39bc7f401a983c19c42d776f4c40c6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 423
alt-svc: h3=":443"; ma=86400
content-length: 67318
last-modified: Mon, 19 Jun 2023 19:07:37 GMT
server: cloudflare
etag: "6490a779-106f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vqf98pO%2FTFWSpO9FiggfD7M1rfkOaWUyt%2BcmPtJJd0FIJtE108hSur0rFSknbTmXwIl7%2FMNMqRkVCarU1FZ1jZrZi9DAVmC%2FC0LN2KoU1TH6PcA6d2%2BVLWDvBsi6LlcsV3k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, no-transform
accept-ranges: bytes
cf-ray: 8776887e386f672a-AMS
expires: Sat, 20 Apr 2024 16:35:53 GMT

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2f572cf304e348bd3eb8d733ca5bb6f91a057d852d8630d1f15eecc6ae3af3b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 close-icon2.png
cdn.epoch.cloud/assets/static_assets/ 13 KB
13 KB 55ms
55ms Image
image/png 104.21.234.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.epoch.cloud/assets/static_assets/close-icon2.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0e0876b10175aa8dd5cc18eb300edad0e68d09467038f12526bf7f7f6756a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87
alt-svc: h3=":443"; ma=86400
content-length: 13244
last-modified: Thu, 21 May 2020 20:53:19 GMT
server: cloudflare
etag: "5ec6ea3f-33bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2FsEkbXVBqn4b51RuIIiuOgtMkZH4ab%2BXjA%2Br0MAmx8pSPG8RTVo6PBOx6PvXTNktQCiEZkteXfK%2F30gVJVByW5o%2F9TwX3PaFnkwIc3psqCsOg%2BWF7V%2BIw95hMKaMnQ8Vn4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, no-transform
accept-ranges: bytes
cf-ray: 8776887e3870672a-AMS
expires: Sat, 20 Apr 2024 16:41:29 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3551a75936077de738fa814761a357e4616685f20b8b4c7b80ca565eb6c7b3a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 969120fcfbd39914a5e73208e24420bedd03238c32c53b0ed80a0558658133d4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 v3 Show response
js.stripe.com/ 604 KB
148 KB 154ms
49ms Script
text/javascript 52.222.236.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-121.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a0b5e6ff7d5850a9ca96b8f86298b8b75e194e6904b289517208f1701d1ab2af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:56 GMT
content-encoding: br
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 16
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
last-modified: Fri, 19 Apr 2024 21:31:25 GMT
server: Cloudfront
etag: W/"9da8ff7a51979cbce3c7c2acae197be9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: U_sdJywO2NIcMNPJqr4j0n2oi2WIYeoiCBDYPYN3vrFNfylUz6qNcQ==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1741460557&t=event&_s=2&dl=%2Fp%2F%3Fpage%3Dcp-eet_5&ul=de-de&de=UTF-8&dt=The%20Epoch%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Digital%20Checkout%20Page%20-%20CP-EET_5_09-12-23-anon&ea=Initialized%20card%20fields&el=braintree&_u=aDDAAEABAAAAACgAI~&jid=&gjid=&cid=1046178831.1713630775&tid=UA-10465455-30&_gid=503984370.1713630775&z=568402468

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 20 Apr 2024 00:30:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57746
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 script.js Show response
59c6119c9c08.cdn4.forter.com/sn/59c6119c9c08/ 398 KB
180 KB 145ms
46ms Script
application/javascript 2600:9000:2644:9400:f:1b37:e600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://59c6119c9c08.cdn4.forter.com/sn/59c6119c9c08/script.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2644:9400:f:1b37:e600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9e2b1f89385c0525b1a3c4763cbab74e318b8cc7e4377ba9f23b6c58282c8df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:56 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
via: 1.1 a84e87b6b82308dbc0e331c3e28c23c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Apr 2024 15:10:51 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/59c6119c9c08/99000191541
etag: W/"569e30cb00001e61e8c10962b3976b95"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, immutable, max-age=600
timing-allow-origin: *
x-amz-cf-id: pWtpvy4XTqZWCXcuE5LUL5WFX97R-Br3CzuRkuP5p4Qrgm1ExVYdnw==

GET
H2 200 mparticle.js Show response
mp.theepochtimes.com/tags/JS/v2/us2-c639a6aabfcf124097c91276dd5884fb/ 405 KB
108 KB 132ms
38ms Script
application/javascript 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.theepochtimes.com/tags/JS/v2/us2-c639a6aabfcf124097c91276dd5884fb/mparticle.js?env=0&plan_id=eet_data_plan
Requested by: Host: services.epoch.cloud
URL: https://services.epoch.cloud/public-labs/epoch-ai/mparticle/built/epoch_mparticle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: ead5bc7d1ea0bec864e88d20635f9929349c87012bb81c9857afb8c4675e6630

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000087-IAD, cache-cph2320052-CPH, cache-cph2320039-CPH
date: Sat, 20 Apr 2024 16:32:56 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
server: Kestrel
age: 123
x-timer: S1713630776.164009,VS0,VE1
x-origin-name: fastlyshield--shield_ssl_cache_iad_kiad7000087_IAD
x-cache: HIT, MISS, HIT
content-type: application/javascript
vary: Accept, Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 109821
x-cache-hits: 43, 0, 1

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 501 KB
201 KB 133ms
40ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcmJLkZAAAAAMziOnaFrJkOV4ClF_H8OvcqvlyE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Origin: https://checkout.theepochtimes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 11:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205471
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Apr 2025 11:29:10 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame FF61 0
0 119ms
43ms Document
text/html 52.222.236.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-29.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://checkout.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2812
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 20 Apr 2024 15:46:29 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Tue, 16 Apr 2024 20:09:20 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-cf-id: XhGYcHKQrJo1rMyTuUldT1Iht2yKnener6P3_zc6nn7qhSrXguINXw==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 controller-with-preconnect-f5282affe3c1d903364a837590431600.html
js.stripe.com/v3/ Frame 83BB 0
0 118ms
45ms Document
text/html 52.222.236.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-f5282affe3c1d903364a837590431600.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-29.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://checkout.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 48
cache-control: max-age=60, stale-while-revalidate=900
content-length: 391
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 20 Apr 2024 16:32:56 GMT
etag: "f5282affe3c1d903364a837590431600"
last-modified: Fri, 19 Apr 2024 20:52:18 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-cf-id: hQmAp4LXsYRRgq7XEAdj-yl5u044KBbb4O19cnnrhlqggwMR7ZoK0w==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-4822aa166789f5226b5ff79d09d289c0.html
js.stripe.com/v3/ Frame 76B3 0
0 110ms
44ms Document
text/html 52.222.236.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-4822aa166789f5226b5ff79d09d289c0.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-29.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://checkout.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1959
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 20 Apr 2024 16:00:28 GMT
etag: "4822aa166789f5226b5ff79d09d289c0"
last-modified: Fri, 19 Apr 2024 20:52:32 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-cf-id: CepnLgeKsvRhbNYiXIRp_fRgkkVNc7kcbjjW__bl6x0LsDWazV0HCA==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-24a4a44788cff98bfa4d49699e2e4e1d.html
js.stripe.com/v3/ Frame A734 0
0 106ms
44ms Document
text/html 52.222.236.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-24a4a44788cff98bfa4d49699e2e4e1d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-29.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://checkout.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 64
cache-control: max-age=60, stale-while-revalidate=900
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 20 Apr 2024 16:32:08 GMT
etag: "24a4a44788cff98bfa4d49699e2e4e1d"
last-modified: Fri, 19 Apr 2024 20:52:32 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-cf-id: Um2-jdeH6Ij0EEaCvqs5FSqA0MNbc9J3vJy7jjNbw319NKvYdJfYQg==
x-amz-cf-pop: FRA56-P4
x-cache: RefreshHit from cloudfront
x-content-type-options: nosniff

OPTIONS
H2 204 identify
mp.theepochtimes.com/identity/v1/ Frame 0
0 120ms
41ms Preflight 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mp.theepochtimes.com/identity/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-mp-key
Access-Control-Request-Method: POST
Origin: https://checkout.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-mp-key
access-control-allow-methods: POST
access-control-allow-origin: *
age: 1833
date: Sat, 20 Apr 2024 16:32:56 GMT
server: Kestrel
strict-transport-security: max-age=900
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 181, 0
x-fastly-trace-id: 2954629363
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-cph2320052-CPH, cache-cph2320052-CPH
x-timer: S1713630776.443257,VS0,VE3

POST
H2 200 identify Show response
mp.theepochtimes.com/identity/v1/ 176 B
375 B 436ms
435ms XHR
application/json 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mp.theepochtimes.com/identity/v1/identify

Requested by

Host: mp.theepochtimes.com
URL: https://mp.theepochtimes.com/tags/JS/v2/us2-c639a6aabfcf124097c91276dd5884fb/mparticle.js?env=0&plan_id=eet_data_plan

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1140ed667be3508d831a68fff9de1f4554eb43652da2eeb23fc6467f07d748f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
x-mp-key: us2-c639a6aabfcf124097c91276dd5884fb
Referer: https://checkout.theepochtimes.com/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=900
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-mp-max-age: 86400
date: Sat, 20 Apr 2024 16:32:56 GMT
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us2_origin
x-cache: MISS, MISS
x-served-by: cache-cph2320052-CPH, cache-cph2320052-CPH
server: Kestrel
x-timer: S1713630776.486613,VS0,VE396
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-MP-Max-Age
x-fastly-trace-id: 2954629652
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 3ED3 0
0 143ms
64ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcmJLkZAAAAAMziOnaFrJkOV4ClF_H8OvcqvlyE&co=aHR0cHM6Ly9jaGVja291dC50aGVlcG9jaHRpbWVzLmNvbTo0NDM.&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=8322hx5x4b90

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9mAulHwP6SFbG_NN3TuPYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://checkout.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-9mAulHwP6SFbG_NN3TuPYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 Apr 2024 16:32:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
BLOB 200
OK 69111fff-2c8e-4ada-8f5f-078dc7df1222
https://checkout.theepochtimes.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://checkout.theepochtimes.com/69111fff-2c8e-4ada-8f5f-078dc7df1222
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0625a3653ce7ffb4505c8e3a86121e58cf1edfd7632ffcb25540e64c9faf9a64

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 5318
Content-Type: application/javascript

GET
H2 401 djqVop6GxshYncNBScBMl8KSuAV2gsuN
challenges.forter.com/patChallenge/v1/59c6119c9c08/c95026d4b92648e1a9c25d8022249bd8/ 0
0 217ms
130ms Fetch
text/plain 18.245.31.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.forter.com/patChallenge/v1/59c6119c9c08/c95026d4b92648e1a9c25d8022249bd8/djqVop6GxshYncNBScBMl8KSuAV2gsuN

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.31.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-121.fra56.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=86400; includeSubDomains
date: Sat, 20 Apr 2024 16:32:56 GMT
www-authenticate: PrivateToken challenge=AAIAEGNkbjE0LmZvcnRlci5jb20gNzU4NTA5NzY0MWYwYjY3NTcyZTJlMzgwOTYwYzY4MTcAAA==, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtwHWLY7ry7VPVlMIWxMqlFShllUM_KzSaNt4iwDUeI1aaK3eYmsESsCbuHmIHb1I7oBEK7vRNrQFOqxf6jp6u6T12O7ecH0uMKTbW-HQPg4LdFbzAFvitHr0in2lo5gteu1a_MlVmDIVcWuoKtMZ-rZkPx1MFRORZ4WT3sUCZHt_8dk8lR76OIfIHQHyX0qTqDRoeRakPD14sWnUQUSOBO_tonSSHFUpWN9qOJatZtA_UP0mgia3FZRl_6KBnhucp_mbiuYMkG0aivcEn3QdWDQhP7c5O026eBQPGGxQ8bacfvU5OCru-0QXeVIGGpTNQUZk4WrEC3rq47nmrP7YvwIDAQAB
via: 1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P8
x-cache: Error from cloudfront
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: false
x-amz-cf-id: itGgL0i5svAUhHiwOoaKvnKHQnX0ObAnnopTKyPgkq1o6FD_qfPUCg==

GET
BLOB 200
OK 65b71bb3-d920-4093-9f9a-1760acbdab90
https://checkout.theepochtimes.com/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://checkout.theepochtimes.com/65b71bb3-d920-4093-9f9a-1760acbdab90
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bb3d2a0b50fc6d9e8413ec1382f9036574339bb19b0bbd98b763d18bea867f4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 17361
Content-Type: application/javascript

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 177ms
98ms XHR
application/json 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBZcsIEp_xP-b8h1ggH2TLQ8F0UYmbBhPQ&libraries=places&callback=initMap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://checkout.theepochtimes.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

POST
H/1.1 200
OK prop.json
c95026d4b92648e1a9c25d8022249bd8-59c6119c9c08.cdn.forter.com/ 2 B
634 B 383ms
115ms Ping
application/json 3.234.25.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c95026d4b92648e1a9c25d8022249bd8-59c6119c9c08.cdn.forter.com/prop.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.234.25.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-25-89.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 20 Apr 2024 16:32:56 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Sat, 20 Apr 2024 11:06:57 GMT
Server: Apache
ETag: "2-6168533e0358e"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://checkout.theepochtimes.com
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/59c6119c9c08/c95026d4b92648e1a9c25d8022249bd8/ 20 B
370 B 489ms
235ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/59c6119c9c08/c95026d4b92648e1a9c25d8022249bd8/prop.json?_=1713630776570
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sat, 20 Apr 2024 16:32:56 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://checkout.theepochtimes.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

POST
H/1.1 200
OK wnd8phj8q9zfhjvz Show response
client-analytics.braintreegateway.com/ 0
361 B 42ms
41ms XHR
text/plain 3.64.16.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/wnd8phj8q9zfhjvz

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.64.16.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-16-20.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 20 Apr 2024 16:32:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://checkout.theepochtimes.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK wnd8phj8q9zfhjvz Show response
client-analytics.braintreegateway.com/ 0
361 B 42ms
42ms XHR
text/plain 3.64.16.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/wnd8phj8q9zfhjvz

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.64.16.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-16-20.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 20 Apr 2024 16:32:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://checkout.theepochtimes.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK wnd8phj8q9zfhjvz
client-analytics.braintreegateway.com/ Frame 0
0 186ms
40ms Preflight 3.64.16.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/wnd8phj8q9zfhjvz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.64.16.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-16-20.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://checkout.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://checkout.theepochtimes.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Sat, 20 Apr 2024 16:32:56 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK wnd8phj8q9zfhjvz
client-analytics.braintreegateway.com/ Frame 0
0 184ms
41ms Preflight 3.64.16.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/wnd8phj8q9zfhjvz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.64.16.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-16-20.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://checkout.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://checkout.theepochtimes.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Sat, 20 Apr 2024 16:32:56 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
37ms Image
image/gif 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1741460557&t=event&_s=3&dl=%2Fp%2F%3Fpage%3Dcp-eet_5&ul=de-de&de=UTF-8&dt=The%20Epoch%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Digital%20Checkout%20Page%20-%20CP-EET_5_09-12-23-anon&ea=Braintree%20loading%20success&el=&_u=aDDAAEABAAAAACgAI~&jid=&gjid=&cid=1046178831.1713630775&tid=UA-10465455-30&_gid=503984370.1713630775&z=47923290

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 20 Apr 2024 00:30:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57746
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK wnd8phj8q9zfhjvz Show response
client-analytics.braintreegateway.com/ 0
361 B 42ms
42ms XHR
text/plain 3.64.16.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/wnd8phj8q9zfhjvz

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.64.16.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-16-20.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 20 Apr 2024 16:32:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://checkout.theepochtimes.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK wnd8phj8q9zfhjvz
client-analytics.braintreegateway.com/ Frame 0
0 160ms
41ms Preflight 3.64.16.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/wnd8phj8q9zfhjvz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.64.16.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-16-20.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://checkout.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://checkout.theepochtimes.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Sat, 20 Apr 2024 16:32:56 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.95.0/html/ Frame 7924 0
0 157ms
39ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.95.0/html/hosted-fields-frame.min.html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://checkout.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 31472
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Sat, 20 Apr 2024 16:32:56 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"649b4d0c-1e883"
last-modified: Tue, 27 Jun 2023 20:56:44 GMT
paypal-debug-id: 998ecb6eb4c50
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000998ecb6eb4c50-3c592243ba54c7de-01
vary: Accept-Encoding, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 4836, 1
x-content-type-options: nosniff
x-served-by: cache-sjc1000145-SJC, cache-fra-etou8220059-FRA
x-timer: S1713630777.793418,VS0,VE2

GET
H2 200 hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.95.0/html/ Frame F844 0
0 155ms
155ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.95.0/html/hosted-fields-frame.min.html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://checkout.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 31472
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Sat, 20 Apr 2024 16:32:56 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"649b4d0c-1e883"
last-modified: Tue, 27 Jun 2023 20:56:44 GMT
paypal-debug-id: 998ecb6eb4c50
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000998ecb6eb4c50-3c592243ba54c7de-01
vary: Accept-Encoding, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 4836, 1
x-content-type-options: nosniff
x-served-by: cache-sjc1000145-SJC, cache-fra-etou8220059-FRA
x-timer: S1713630777.793418,VS0,VE2

GET
H2 200 hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.95.0/html/ Frame CF87 0
0 153ms
153ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.95.0/html/hosted-fields-frame.min.html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://checkout.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 31472
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Sat, 20 Apr 2024 16:32:56 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"649b4d0c-1e883"
last-modified: Tue, 27 Jun 2023 20:56:44 GMT
paypal-debug-id: 998ecb6eb4c50
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000998ecb6eb4c50-3c592243ba54c7de-01
vary: Accept-Encoding, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 4836, 1
x-content-type-options: nosniff
x-served-by: cache-sjc1000145-SJC, cache-fra-etou8220059-FRA
x-timer: S1713630777.793418,VS0,VE2

GET
H2 200 hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.95.0/html/ Frame 8B43 0
0 152ms
152ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.95.0/html/hosted-fields-frame.min.html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://checkout.theepochtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 31472
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Sat, 20 Apr 2024 16:32:56 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"649b4d0c-1e883"
last-modified: Tue, 27 Jun 2023 20:56:44 GMT
paypal-debug-id: 998ecb6eb4c50
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000998ecb6eb4c50-3c592243ba54c7de-01
vary: Accept-Encoding, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 4836, 1
x-content-type-options: nosniff
x-served-by: cache-sjc1000145-SJC, cache-fra-etou8220059-FRA
x-timer: S1713630777.793418,VS0,VE2

OPTIONS
H2 200 /
sdk.iad-05.braze.com/api/v3/data/ Frame 0
0 334ms
230ms Preflight 2606:4700:4400::6812:25a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://checkout.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-triggersrequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 8776888489e018ed-FRA
content-encoding: gzip
date: Sat, 20 Apr 2024 16:32:57 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

POST
H2 201 / Show response
sdk.iad-05.braze.com/api/v3/data/ 261 B
494 B 370ms
369ms XHR
application/json 2606:4700:4400::6812:25a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Requested by

Host: mp.theepochtimes.com
URL: https://mp.theepochtimes.com/tags/JS/v2/us2-c639a6aabfcf124097c91276dd5884fb/mparticle.js?env=0&plan_id=eet_data_plan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d4adb9b15e46edd58560621e87c797be9d0055474b51992cf7b74df2ab026f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key: 63facf2c-fb11-4a1e-bdfc-4439a2cb1142
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/json
X-Braze-Last-Req-Ms-Ago: 7200000
Referer: https://checkout.theepochtimes.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: dafe853b-ec98-47e3-969a-146ffe1a5692
x-runtime: 0.129077
server: cloudflare
etag: W/"5d4adb9b15e46edd58560621e87c797b"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
x-ratelimit-reset: 1713630780
access-control-max-age: 7200
x-ratelimit-limit: 500.0
cf-ray: 87768885fb2d18ed-FRA
x-ratelimit-remaining: 489.0

GET
H3 200 lib.min.js Show response
mixproxy.epoch.cloud/mixpanel/ 54 KB
19 KB 71ms
61ms Script
text/javascript 104.21.234.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mixproxy.epoch.cloud/mixpanel/lib.min.js
Requested by: Host: services.epoch.cloud
URL: https://services.epoch.cloud/public-labs/epoch-ai/epoch_mixpanel.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 455
x-guploader-uploadid: ABPtcPozFB0X8u3G9nYr0uT9or24A6GaARGbC6vAFjPglgehpuLbEqs30tfZjYhVzPneaVmjRWg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 06 Feb 2024 00:09:36 GMT
server: cloudflare
etag: W/"eb0675a8749ea5d76345796217db928f"
vary: Accept-Encoding
x-goog-hash: crc32c=fWmQwA==, md5=6wZ1qHSepddjRXliF9uSjw==
x-goog-generation: 1707178176338436
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BEahaqSgQBnoP%2FbnKHw19wRy13poY6zoqlej8UCEnHJVIiTV6YS1uPqG5cg%2BH3vkzFK%2B%2BUoWMUjIk9v5M8T7QeyQWQQQEwEvwNxTJKCZKNZQ35y%2F6PxTLbv4Sx5sUltsThSIUsteWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 18490
cf-ray: 87768884c913672a-AMS
expires: Sat, 20 Apr 2024 16:35:22 GMT

GET
H2 200 phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js Show response
js.stripe.com/v3/fingerprinted/js/ 148 KB
35 KB 49ms
49ms Script
text/javascript 52.222.236.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-121.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:14:33 GMT
content-encoding: br
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1175
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
last-modified: Tue, 16 Apr 2024 20:09:19 GMT
server: Cloudfront
etag: W/"f7a3e754fa2fa9117506f69f618b5778"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: yvhs1FwhJScYIqY4XxpCdIG7RVgaJWq3UCyMnUKEUxq-7sf_ltupSA==

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/59c6119c9c08/c95026d4b92648e1a9c25d8022249bd8/ 20 B
370 B 118ms
118ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/59c6119c9c08/c95026d4b92648e1a9c25d8022249bd8/prop.json?_=1713630777074
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sat, 20 Apr 2024 16:32:57 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://checkout.theepochtimes.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

POST
H3 200 / Show response
mixproxy.epoch.cloud/mixpanel/track/ 1 B
574 B 232ms
231ms XHR
application/json 104.21.234.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mixproxy.epoch.cloud/mixpanel/track/?ip=1&_=1713630777149

Requested by

Host: mixproxy.epoch.cloud
URL: https://mixproxy.epoch.cloud/mixpanel/lib.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 20 Apr 2024 16:32:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 45
alt-svc: h3=":443"; ma=86400
content-length: 1
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://checkout.theepochtimes.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jtE0KkHR%2FKtWCTtjC1IbKw0AMdipm0cqx606JmksguvuB2eKBZ%2FfYsAC2jwE4glm2HHxDH98JO4vj2aBJf%2BXrIoL5W22Wo5JAW4%2FeiptiwanHNmdYu0css3vNwNcVc3XU8Qk15RZlA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 8776888559e5672a-AMS
access-control-allow-headers: X-Requested-With

POST
H3 200 / Show response
mixproxy.epoch.cloud/mixpanel/track/ 1 B
580 B 304ms
303ms XHR
application/json 104.21.234.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mixproxy.epoch.cloud/mixpanel/track/?ip=1&_=1713630777151

Requested by

Host: mixproxy.epoch.cloud
URL: https://mixproxy.epoch.cloud/mixpanel/lib.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 20 Apr 2024 16:32:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 24
alt-svc: h3=":443"; ma=86400
content-length: 1
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://checkout.theepochtimes.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2aZP7z7RT%2FUU35krJihhL%2FnP%2BLF1DcnVkoD1luD4WcM5MiNc%2B2oK7VQeVMUw33zPHsop91qwUil5274plGuL%2BMpL1oHpV46wVQGh2ANAGDCf8b9%2FUtHp%2BVvmq6Hknxg5WN8uPOaQsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 8776888559ec672a-AMS
access-control-allow-headers: X-Requested-With

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/59c6119c9c08/c95026d4b92648e1a9c25d8022249bd8/ 20 B
370 B 118ms
118ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/59c6119c9c08/c95026d4b92648e1a9c25d8022249bd8/prop.json?_=1713630777309
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sat, 20 Apr 2024 16:32:57 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://checkout.theepochtimes.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H2 200 logo_small.gif
df45ay5pw60dy.cloudfront.net/ 48 B
279 B 164ms
39ms Image
image/gif 2600:9000:2251:3000:10:f40e:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df45ay5pw60dy.cloudfront.net/logo_small.gif?dfpadname=&check=1713630777503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3000:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:57 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P3
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: 9at0OSx4B03LQGUWGD7DTY9parSbOIkp_8z0kRfRPbz750MK3zhiTA==

GET
H2 200 logo_medium.gif
df45ay5pw60dy.cloudfront.net/ 48 B
280 B 161ms
38ms Image
image/gif 2600:9000:2251:3000:10:f40e:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df45ay5pw60dy.cloudfront.net/logo_medium.gif?check=1713630777503&refererPageDetail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3000:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:57 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P3
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: jY8ZZhMf149Xy5GUmwFbKGDsewb3iWxkCHPuHP_pEJESrla20X1enw==

GET
H2 200 logo_large.gif
df45ay5pw60dy.cloudfront.net/ 48 B
279 B 163ms
41ms Image
image/gif 2600:9000:2251:3000:10:f40e:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df45ay5pw60dy.cloudfront.net/logo_large.gif?1713630777503&-linkd-32.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3000:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:32:57 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P3
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: tvdx_gw-m7BxesOj3hy_fxIHEX0pl4ZhlBQVFbcHXCoMsiQKAPR8Fg==

POST
H2 200 events
cdn3.forter.com/ 0
426 B 250ms
138ms Ping
text/plain 13.225.78.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-129.fra2.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain; charset=gzip+enc

Response headers

pragma: no-cache
date: Sat, 20 Apr 2024 16:32:57 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://checkout.theepochtimes.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: FruhZlAH2MTthkQyv2V90cfRUUHkvB9K0n60QGsLFFg35P5KATXy4A==
expires: -1

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/59c6119c9c08/c95026d4b92648e1a9c25d8022249bd8/ 20 B
451 B 118ms
118ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/59c6119c9c08/c95026d4b92648e1a9c25d8022249bd8/wpt.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 20 Apr 2024 16:32:57 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://checkout.theepochtimes.com
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=10
Content-Length: 20
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/59c6119c9c08/c95026d4b92648e1a9c25d8022249bd8/ Frame 0
0 119ms
118ms Preflight 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/59c6119c9c08/c95026d4b92648e1a9c25d8022249bd8/wpt.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://checkout.theepochtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Sat, 20 Apr 2024 16:32:57 GMT
Keep-Alive: timeout=10
Vary: Access-Control-Request-Headers

POST
H2 200 events
cdn3.forter.com/ 0
425 B 137ms
136ms Ping
text/plain 13.225.78.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-129.fra2.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain; charset=gzip+enc

Response headers

pragma: no-cache
date: Sat, 20 Apr 2024 16:32:58 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://checkout.theepochtimes.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: OD0rvdJd-oruA8Kef8ZYAyrCk_V8AYT0I5GZdCyVi947GGfIjjQPcg==
expires: -1

POST
H2 204 c Show response
ea.epochbase.com/api/pw/ 0
235 B 594ms
593ms XHR
text/plain 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Requested by: Host: subs.theepochtimes.com
URL: https://subs.theepochtimes.com/lib/api.bundle.js?execute=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://checkout.theepochtimes.com/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://checkout.theepochtimes.com
date: Sat, 20 Apr 2024 16:33:00 GMT
server: nginx/1.20.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/8/intl/de_ALL/ 256 KB
57 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/8/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBZcsIEp_xP-b8h1ggH2TLQ8F0UYmbBhPQ&libraries=places&callback=initMap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4dfb2cbff131a6dac49118f067bca4dc0675ec7cc9101005749544dbd34a2c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 17:30:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 255724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57481
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 17:51:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Apr 2025 17:30:57 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/8/intl/de_ALL/ 182 KB
56 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/8/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBZcsIEp_xP-b8h1ggH2TLQ8F0UYmbBhPQ&libraries=places&callback=initMap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a718ccd110e994cd2516fa3b17fef2aaac997ea2d95c11cdb11a4933d8ccaaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 17:30:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 255724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57086
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 17:51:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Apr 2025 17:30:57 GMT

GET
H2 200 trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Show response
js.stripe.com/v3/fingerprinted/js/ 176 B
680 B 41ms
41ms Script
text/javascript 52.222.236.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-121.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.theepochtimes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:09:26 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 1416
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
content-length: 176
last-modified: Fri, 19 Apr 2024 20:52:31 GMT
server: Cloudfront
etag: "96f5b26d366f47393b3ff36fe7471474"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: yY7f6mEj9OXXKBkZC-xD7J7SSPJiXA4GX8_jghwbosnC8DT6KEzGJg==

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
checkout.theepochtimes.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: kufrm535bltpe76g9uhsteomft
.theepochtimes.com/	1970-01-21 05:36:30	Name: _ga_RD0QM5H02Q Value: GS1.1.1713630774.1.0.1713630774.60.0.0
.theepochtimes.com/	1970-01-21 05:36:30	Name: _ga Value: GA1.2.1046178831.1713630775
.theepochtimes.com/	1970-01-20 20:01:57	Name: _gid Value: GA1.2.503984370.1713630775
.theepochtimes.com/	1970-01-20 20:00:30	Name: _gat Value: 1
.theepochtimes.com/	1970-01-21 05:36:30	Name: ab.storage.userId.63facf2c-fb11-4a1e-bdfc-4439a2cb1142 Value: %7B%22g%22%3A%22-6590574407954921610%22%2C%22c%22%3A1713630776914%2C%22l%22%3A1713630776917%7D
.theepochtimes.com/	1970-01-21 05:36:30	Name: ab.storage.deviceId.63facf2c-fb11-4a1e-bdfc-4439a2cb1142 Value: %7B%22g%22%3A%22d128701c-0a76-38f0-dfd9-44092b69cffd%22%2C%22c%22%3A1713630776918%2C%22l%22%3A1713630776918%7D
.theepochtimes.com/	1970-01-21 05:36:30	Name: ab.storage.sessionId.63facf2c-fb11-4a1e-bdfc-4439a2cb1142 Value: %7B%22g%22%3A%225129d4a2-1658-dd65-7c71-5876a320e792%22%2C%22e%22%3A1713632576923%2C%22c%22%3A1713630776916%2C%22l%22%3A1713630776923%7D
.theepochtimes.com/	1970-01-21 04:46:06	Name: mprtcl-v4_83D216F4 Value: {'gs':{'ie':1\|'dt':'us2-c639a6aabfcf124097c91276dd5884fb'\|'cgid':'626e638d-d66d-4b58-d4b3-e6a28fc92356'\|'das':'4127a20b-cebf-4483-ce9c-5bbcb15fb771'\|'csm':'WyItNjU5MDU3NDQwNzk1NDkyMTYxMCJd'\|'sid':'322C1A3B-EDFA-4CCE-453C-709F004DE665'\|'les':1713630776934\|'ssd':1713630776344}\|'l':0\|'-6590574407954921610':{'fst':1713630776904\|'ua':'eyJpbml0aWFsX3V0bV9zb3VyY2UiOiJlcG9jaDEwMSJ9'}\|'cu':'-6590574407954921610'}
.theepochtimes.com/	1970-01-20 20:00:32	Name: mp_s Value: %7B%22utm_source%22%3A%22epoch101%22%2C%22utm_medium%22%3A%22email%22%2C%22utm_campaign%22%3A%22D1%22%2C%22utm_content%22%3A%22button%22%2C%22utm_term%22%3A%222023CEOLetter%22%2C%22entry_referrer%22%3A%22%22%2C%22entry_referrer_url%22%3A%22%22%2C%22entry_clean_url%22%3A%22%22%2C%22search_engine%22%3Anull%2C%22id%22%3A%22lv8bipy5yk750r1rb7r%22%2C%22total_pages%22%3A1%2C%22start%22%3A1713630777053%7D
.theepochtimes.com/	1970-01-21 04:46:06	Name: mp_lib Value: %7B%22distinct_id%22%3A%20%22%24device%3A18efc5a8f35c90-06d08f148f23d5-26001d51-1d4c00-18efc5a8f35c90%22%2C%22%24device_id%22%3A%20%2218efc5a8f35c90-06d08f148f23d5-26001d51-1d4c00-18efc5a8f35c90%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22initial_utm_source%22%3A%20%22epoch101%22%2C%22initial_utm_medium%22%3A%20%22email%22%2C%22initial_utm_campaign%22%3A%20%22D1%22%2C%22initial_utm_content%22%3A%20%22button%22%2C%22initial_utm_term%22%3A%20%222023CEOLetter%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22utm_source%22%3A%20%22epoch101%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22D1%22%2C%22utm_content%22%3A%20%22button%22%2C%22utm_term%22%3A%20%222023CEOLetter%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
m.stripe.com/	1970-01-21 05:36:30	Name: m Value: c94e5dce-0015-456b-ac35-5445451ffaffab654c
.checkout.theepochtimes.com/	1970-01-21 04:46:06	Name: __stripe_mid Value: d8c65709-7057-4c57-bc19-05062ce3a8dcd02fb8
.checkout.theepochtimes.com/	1970-01-20 20:00:32	Name: __stripe_sid Value: e914c54c-404e-46bb-942a-c7bdc0e102546177e7
.theepochtimes.com/	1970-01-21 05:36:30	Name: forterToken Value: c95026d4b92648e1a9c25d8022249bd8_1713630776000__UDF43-m4_15ck_

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: (program):2 Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network	error	URL: https://challenges.forter.com/patChallenge/v1/59c6119c9c08/c95026d4b92648e1a9c25d8022249bd8/djqVop6GxshYncNBScBMl8KSuAV2gsuN Message: Failed to load resource: the server responded with a status of 401 ()
other	warning	URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other	warning	URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other	warning	URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://checkout.theepochtimes.com/p/?page=cp-eet_5&o=fs-0_25p1w-4p1w-tr&utm_medium=email&utm_source=epoch101&utm_campaign=D1&utm_term=2023CEOLetter&utm_content=button Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

59c6119c9c08.cdn4.forter.com
applepay.cdn-apple.com
assets.braintreegateway.com
c95026d4b92648e1a9c25d8022249bd8-59c6119c9c08.cdn.forter.com
cdn.epoch.cloud
cdn.jsdelivr.net
cdn0.forter.com
cdn3.forter.com
challenges.forter.com
checkout.theepochtimes.com
client-analytics.braintreegateway.com
df45ay5pw60dy.cloudfront.net
ea.epochbase.com
js.braintreegateway.com
js.stripe.com
maps.googleapis.com
mixproxy.epoch.cloud
mp.theepochtimes.com
payments.braintree-api.com
region1.analytics.google.com
sdk.iad-05.braze.com
services.epoch.cloud
stats.g.doubleclick.net
subs.theepochtimes.com
subs.youmaker.com
subsapi.epoch.cloud
subscribe.theepochtimes.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
104.16.86.20
104.21.234.69
13.225.78.129
142.250.186.68
142.250.74.195
151.101.1.21
151.101.66.133
172.217.16.202
18.245.31.121
192.229.221.25
2001:4860:4802:34::36
216.58.206.46
2600:9000:2251:3000:10:f40e:dd80:21
2600:9000:2644:9400:f:1b37:e600:93a1
2606:4700:4400::6812:25a1
2606:4700::6811:9d16
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:82a::200a
2a00:1450:400c:c02::9b
2a01:b740:a30:f000::199
2a04:4e42:200::645
3.234.25.89
3.64.16.20
34.102.198.207
34.192.191.43
35.227.229.25
35.244.243.66
4.7.168.74
52.222.236.121
52.222.236.29
76.223.13.31
02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54
0625a3653ce7ffb4505c8e3a86121e58cf1edfd7632ffcb25540e64c9faf9a64
06359dd48d12a150a9f0061a308ce505fe2ab9e1169328bf3107fdc2fb0bebe8
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5
1140ed667be3508d831a68fff9de1f4554eb43652da2eeb23fc6467f07d748f3
2bb3d2a0b50fc6d9e8413ec1382f9036574339bb19b0bbd98b763d18bea867f4
2f64e0e2cdb11a60def0a9886889cd8ca97c0eef1c648eefe893050614330132
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
34376bb62eb3d210890bb6f8fd586681fe9ee22ccf48eee863c01213c0aa68be
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48c675529d813e074e45b83d5d12dde2bf726bb6b31ee8227dbfcf946e05af5c
4c40af27e0f6d493bce1be8e3d782717f2ee4936fbb40841d81b26adc5c98c9c
4f39f6c8ea61843262aa9174c06c978f48c2a8b0308a9aa8303f51080d7f5709
54f0fb98a67d4b58ade95625cb0e556024eede601f8ade2212efdeceab07c25c
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5d4adb9b15e46edd58560621e87c797be9d0055474b51992cf7b74df2ab026f0
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
644d744f94ebd5e8a6f3be1ef82469ad0f7efcc954d3c68904ed36c77e78f65e
6492c163dc87960f99da99d37137994f7978c10eefc5b6307c3913d2c977ead1
66baf110b86c1f1ae01a0e28985970d3827465e6aba6be54d5142a6d1eaa803c
684a4d12399a33fda0ae46edcf8c2852b7cc88a59a167448218a7c4720b45ebb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7a718ccd110e994cd2516fa3b17fef2aaac997ea2d95c11cdb11a4933d8ccaaf
7bd503f44047334fb77b1c1b43c7dd45db1193b9e30b8a9639633c2226fc5cdd
7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50
800d62fe0628223dc3d7f258a4444e92a8ea18c64416f0dcc073ec4188bed81b
829e4ad5e6d61ed3ba9654fbf7ce29864d39bc7f401a983c19c42d776f4c40c6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867f5a29853ddd710b7c6485ff7c0f294d6dde33817c68e84535fb68572ffe8b
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
969120fcfbd39914a5e73208e24420bedd03238c32c53b0ed80a0558658133d4
9e2b1f89385c0525b1a3c4763cbab74e318b8cc7e4377ba9f23b6c58282c8df5
a0b5e6ff7d5850a9ca96b8f86298b8b75e194e6904b289517208f1701d1ab2af
a652bf0e6a6e6fd0968b42153d00071dbea8021763b3bf14018a85f31577c376
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afd584eb5736dd0208473226960ee2d03ca960465d28b21bf9e3a610c70899e5
afe0e0876b10175aa8dd5cc18eb300edad0e68d09467038f12526bf7f7f6756a
b0aacaee6a2feffc220f98eb6b4c6486fc27ad3fb18be0cb8feceef58094851a
bdb1cfec11213df76f7838943cf15cab73b198d05637df23e4fae1dbd088c76d
c3551a75936077de738fa814761a357e4616685f20b8b4c7b80ca565eb6c7b3a
c9dbc7808caf5977be20f7d14581ca4b1cad9ba7849eba5c2880de632475e84e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d1a4a7aa00e62b62538f84f4f380c16796c88078656d204c4f5ceebb59d84fe8
d2f572cf304e348bd3eb8d733ca5bb6f91a057d852d8630d1f15eecc6ae3af3b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e375f6a53e0d9487f7d46732326e157ce7a37caeb76c48b9dab1e247bd2f334e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6406e106628a74a03504a7686b5621b1ae03df7d3b10408749d7522b21831e3
e94f6188b5b551097eb0d79366c0582bc6501c38dbbe3f7e41d921447b0654df
ea660872abe29e5e806c4e1e55aaa1d46af42c50dace4c5d777a49336e95ad8c
ead5bc7d1ea0bec864e88d20635f9929349c87012bb81c9857afb8c4675e6630
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4dfb2cbff131a6dac49118f067bca4dc0675ec7cc9101005749544dbd34a2c5
f892d41faf9a44be63b0749043b9c845207446a881a4612d7832ddf59f31d493
f909aa40478688b587f8792a98d91e8db4eef2dd52146a2b011cb1e127a33c31

checkout.theepochtimes.com Open in urlscan Pro 35.227.229.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

97 Requests

98 %HTTPS

36 %IPv6

21 Domains

34 Subdomains

34 IPs

4 Countries

1997 kBTransfer

5979 kBSize

15 Cookies

7 Outgoing links

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

checkout.theepochtimes.com Open in urlscan Pro
35.227.229.25 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

98 %
HTTPS

36 %
IPv6

21
Domains

34
Subdomains

34
IPs

4
Countries

1997 kB
Transfer

5979 kB
Size

15
Cookies

97 HTTP transactions
3 data transactions