urlscan.io logo urlscan.io
SecurityTrails logo

1685fea9.613293428.xyz Open in urlscan Pro
104.21.31.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://1685fea9.613293428.xyz/
Submission: On December 25 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 2 countries across 19 domains to perform 177 HTTP transactions. The main IP is 104.21.31.3, located in and belongs to CLOUDFLARENET, US. The main domain is 1685fea9.613293428.xyz.
TLS certificate: Issued by WE1 on December 25th 2024. Valid for: 3 months.
This is the only time 1685fea9.613293428.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
120 104.21.31.3 13335 (CLOUDFLAR...)
2 173.194.207.97 15169 (GOOGLE)
2 173.194.66.101 15169 (GOOGLE)
11 172.217.197.155 15169 (GOOGLE)
3 216.239.36.181 15169 (GOOGLE)
1 172.67.202.93 13335 (CLOUDFLAR...)
1 18.160.41.49 16509 (AMAZON-02)
2 192.184.68.166 14618 (AMAZON-AES)
1 3 3.167.37.16 16509 (AMAZON-02)
1 209.85.144.132 15169 (GOOGLE)
1 52.92.212.168 16509 (AMAZON-02)
3 151.101.65.91 54113 (FASTLY)
2 7 173.194.66.132 15169 (GOOGLE)
7 142.251.167.154 15169 (GOOGLE)
1 172.253.122.95 15169 (GOOGLE)
1 173.194.207.155 15169 (GOOGLE)
1 173.194.204.155 15169 (GOOGLE)
1 3.167.56.49 16509 (AMAZON-02)
1 52.85.151.12 16509 (AMAZON-02)
1 108.138.85.43 16509 (AMAZON-02)
1 44.235.193.153 16509 (AMAZON-02)
1 52.85.132.35 16509 (AMAZON-02)
1 44.220.97.187 14618 (AMAZON-AES)
1 172.253.122.155 15169 (GOOGLE)
2 173.194.175.132 15169 (GOOGLE)
1 23.21.229.6 14618 (AMAZON-AES)
1 173.194.66.106 15169 (GOOGLE)
177 28
120    104.21.31.3 (None, )

ASN13335 (CLOUDFLARENET, US)
1685fea9.613293428.xyz
2    173.194.207.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f97.1e100.net
www.googletagmanager.com
2    173.194.66.101 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f101.1e100.net
www.google-analytics.com
11    172.217.197.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f155.1e100.net
securepubads.g.doubleclick.net
3    216.239.36.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    172.67.202.93 (United States)

ASN13335 (CLOUDFLARENET, US)
websitevisitorleads.com
1    18.160.41.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-49.iad55.r.cloudfront.net
static.hotjar.com
2    192.184.68.166 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
3    3.167.37.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-37-16.iad61.r.cloudfront.net
sb.scorecardresearch.com
1    209.85.144.132 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f132.1e100.net
c310d0e41dcfcc48387420bb9e39936c.safeframe.googlesyndication.com
1    52.92.212.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
3    151.101.65.91 (San Francisco, United States)

ASN54113 (FASTLY, US)
data.processwebsitedata.com
fe.sitedataprocessing.com
7    173.194.66.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f132.1e100.net
tpc.googlesyndication.com
7    142.251.167.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f154.1e100.net
pagead2.googlesyndication.com
1    172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net
ajax.googleapis.com
1    173.194.207.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f155.1e100.net
stats.g.doubleclick.net
1    173.194.204.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f155.1e100.net
td.doubleclick.net
1    3.167.56.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-56-49.iad61.r.cloudfront.net
script.hotjar.com
1    52.85.151.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-12.iad89.r.cloudfront.net
rules.quantcount.com
1    108.138.85.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-43.iad12.r.cloudfront.net
b-code.liadm.com
1    44.235.193.153 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-193-153.us-west-2.compute.amazonaws.com
a.usbrowserspeed.com
1    52.85.132.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-35.iad50.r.cloudfront.net
d-code.liadm.com
1    44.220.97.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-220-97-187.compute-1.amazonaws.com
idx.liadm.com
1    172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net
ep1.adtrafficquality.google
2    173.194.175.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f132.1e100.net
ep2.adtrafficquality.google
1    23.21.229.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-229-6.compute-1.amazonaws.com
rp.liadm.com
1    173.194.66.106 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f106.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
120 613293428.xyz
1685fea9.613293428.xyz
6 MB
15 googlesyndication.com
c310d0e41dcfcc48387420bb9e39936c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 173
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
425 KB
13 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
219 KB
4 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3229
d-code.liadm.com — Cisco Umbrella Rank: 3414
idx.liadm.com — Cisco Umbrella Rank: 1368
rp.liadm.com — Cisco Umbrella Rank: 966
93 KB
4 google.com
analytics.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 3
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 186
6 KB
2 sitedataprocessing.com
fe.sitedataprocessing.com — Cisco Umbrella Rank: 34107
1 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1536
pixel.quantserve.com — Cisco Umbrella Rank: 1059
10 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
61 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
205 KB
1 usbrowserspeed.com
a.usbrowserspeed.com — Cisco Umbrella Rank: 3656
148 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1552
447 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
94 KB
1 processwebsitedata.com
data.processwebsitedata.com — Cisco Umbrella Rank: 54583
12 KB
1 amazonaws.com
s3-us-west-2.amazonaws.com
95 KB
1 websitevisitorleads.com
websitevisitorleads.com — Cisco Umbrella Rank: 111580
2 KB
0 socoms.net Failed
dmp-c.socoms.net Failed
177 19
Domain Requested by
120 1685fea9.613293428.xyz 1685fea9.613293428.xyz
11 securepubads.g.doubleclick.net 1685fea9.613293428.xyz
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
7 tpc.googlesyndication.com 2 redirects securepubads.g.doubleclick.net
1685fea9.613293428.xyz
3 sb.scorecardresearch.com 1 redirects 1685fea9.613293428.xyz
3 analytics.google.com 1685fea9.613293428.xyz
www.googletagmanager.com
2 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
2 fe.sitedataprocessing.com data.processwebsitedata.com
fe.sitedataprocessing.com
2 www.google-analytics.com 1685fea9.613293428.xyz
www.google-analytics.com
2 www.googletagmanager.com 1685fea9.613293428.xyz
www.google-analytics.com
1 www.google.com ep2.adtrafficquality.google
1 rp.liadm.com d-code.liadm.com
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
1 idx.liadm.com d-code.liadm.com
1 pixel.quantserve.com 1685fea9.613293428.xyz
1 d-code.liadm.com fe.sitedataprocessing.com
1 a.usbrowserspeed.com fe.sitedataprocessing.com
1 b-code.liadm.com s3-us-west-2.amazonaws.com
1 rules.quantcount.com secure.quantserve.com
1 script.hotjar.com static.hotjar.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 ajax.googleapis.com securepubads.g.doubleclick.net
1 data.processwebsitedata.com websitevisitorleads.com
1 s3-us-west-2.amazonaws.com websitevisitorleads.com
1 c310d0e41dcfcc48387420bb9e39936c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 secure.quantserve.com 1685fea9.613293428.xyz
1 static.hotjar.com www.googletagmanager.com
1 websitevisitorleads.com www.googletagmanager.com
0 dmp-c.socoms.net Failed 1685fea9.613293428.xyz
177 30

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
sf.epochtimes.com
Subject Issuer Validity Valid
613293428.xyz
WE1		 2024-12-25 -
2025-03-25		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
websitevisitorleads.com
WE1		 2024-12-03 -
2025-03-03		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
quantserve.com
R11		 2024-12-21 -
2025-03-21		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2024-11-14 -
2025-11-11		 a year crt.sh
data.processwebsitedata.com
Certainly Intermediate R1		 2024-12-05 -
2025-01-04		 a month crt.sh
tpc.googlesyndication.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2024-10-31 -
2025-11-28		 a year crt.sh
a.usbrowserspeed.com
Amazon RSA 2048 M02		 2024-12-01 -
2025-12-31		 a year crt.sh
adtrafficquality.google
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://1685fea9.613293428.xyz/
Frame ID: 6B489A5115AB1300FEBC9FC6B61DBDD5
Requests: 156 HTTP requests in this frame

Frame: https://1685fea9.613293428.xyz/td.doubleclick.net/td/ga/rul?tid=G-64JWG501SB&gacid=764885032.1735159379&gtm=45je4cc1v9115041777za204&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=475577556
Frame ID: 8B4F0ED75A7B375C60CE90D9CA6AD909
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 8BAA7D3343A0A0E12F4C53579E0C7B22
Requests: 1 HTTP requests in this frame

Frame: https://c310d0e41dcfcc48387420bb9e39936c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FFDC906C45F3C6659B94015070870596
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssx9Dd2fiGw5K3ZZ7bRJaBPKETqgbrGbNr-D4IyVKg0IbLIs7Kx8KHKzQ1MmNB66StL6VQTpXnKT7gDAuY6pRVhtzqli4fZ7gVLkZZxaV-hPvrqoOuN98Kn6cXW4S0btTWRf3KcvMF6K6L6THRFPXIxUAO-xX21p4hdcF-A4eKUhiDLgWLKbtwWeQ7VUHNFYxrWW0y8ks0K7mpqqUPHMeba9Yy8hIJ83sJ2T5ASz7jVhqEbyqjC5n8EPY8ofRFvrhddKMR1S1wiQp_-NNjuNDI9uJDKssfxw74Mjpanf6sq2PXYbiur9-74TSN5rU7N_6A8VCtapybpBC_bb0oYBAnzokpkEWa6xYLPErjuM0D8XmllAxp_EF3JUQ1BGh2B3R_1klJDxtl0DxXbVMUl5PyuaLMNyqHHHmGZWEnAz5-eCe3rEjwo2v07eg5z&sai=AMfl-YRNwOEkcMwOwOgfIYTIa22oYMl0FSDkgvrOa1z2z6SuogTkF23ozqUKPJfxM2nMDX3Mg6aoFeEQuU1RGRBb_x56ngEciayloxKQE2pzF_mS_Swupx581EKrpsvrJ1jc-Bx3oRLH92OOzE17Db2Pmw&sig=Cg0ArKJSzM1pm0fqvlObEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 31F37174DFE61D432CD6BBE24A2BEE4B
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstApbhnOk1U83bj9zd3Hga3UVNOJJRkm3O0kAOdehQXi6YFHLqisNi3tUVbeSYPNnlpv-Vi8B6CQIXwsLWSlzDaUbeCfGm7HS8ZNZq0JCoE4nF3z3ymPCzFtukRwPT_gmL69m4V4Uf-ZSZ5XbA0JdAbqIF13QT_dhgEzM_VP8dMmsZzjfu7rSlMs9MGBdzAvCq6pftlak_AUdawAtvDr1a1CAQkkCrdG8NnaHRvLPiJHZlJBZ3Bw9GAYpKz1xhjFD7hIU2dtKZEKBqU7O55ZJ5sX6hk_9cJ2o-8ST-XBPaZltI4gyU2YgLfYFpVqCloTRcvo2s_Zh6WhUBMZx__PVQ15Rn_12NmbRIjv4DuVsb0DoWWwvh874YJHLtzHvJTDGlV9OJ0CF5a8JJx3fH82kIATcMqHq0_OmuKwYDNA4_Arlw&sai=AMfl-YR1Y1tsJTmw51XgWHUIl9V2UtvXJQz2iwKr-irsDFHSBNgJcvie2pXLS8Q3rbKxxgCbxt2rg3Fyxfl7bZU1awiEOEMuF3YsLjT3DuQhKBvA-FGhvPMZGtuSg2o8I-iMVv2v3a5-CakAq74Fe0XTOQ&sig=Cg0ArKJSzEPz_oeHcoUFEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: BF8E335D12545B58D5A83558D499D71C
Requests: 7 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-QZQNK0Z14Z&gacid=764885032.1735159379&gtm=45je4cc1v9164394854za200&dma=0&gcs=G111&gcd=13t3t3t3t6l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1013639071
Frame ID: 55A4DB108882C2472C8A035CE4EED812
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: D909B7C2389815ACD4CDF7C32B502A6D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ACCB412178855CD860CA575745211E8C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

大紀元 | 大紀元新聞網

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

177
Requests

97 %
HTTPS

0 %
IPv6

19
Domains

30
Subdomains

28
IPs

2
Countries

7276 kB
Transfer

10253 kB
Size

24
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 151
  • https://sb.scorecardresearch.com/b?c1=2&c2=24003086&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1735159380132&ns_c=UTF-8&cs_cfg=1001110&cs_ucc=1&cs_cmp_id=28&cs_cmp_rt=0&cs_cmp_av=1.1&gpp_sid=8&c7=https%3A%2F%2F1685fea9.613293428.xyz%2F&c8=%E5%A4%A7%E7%B4%80%E5%85%83%20%7C%20%E5%A4%A7%E7%B4%80%E5%85%83%E6%96%B0%E8%81%9E%E7%B6%B2&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1735159380132&ns_c=UTF-8&cs_cfg=1001110&cs_ucc=1&cs_cmp_id=28&cs_cmp_rt=0&cs_cmp_av=1.1&gpp_sid=8&c7=https%3A%2F%2F1685fea9.613293428.xyz%2F&c8=%E5%A4%A7%E7%B4%80%E5%85%83%20%7C%20%E5%A4%A7%E7%B4%80%E5%85%83%E6%96%B0%E8%81%9E%E7%B6%B2&c9=
Request Chain 162
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODXwMaYfRDGAxiEBygBMggjbRKM-KeIdw HTTP 301
  • https://tpc.googlesyndication.com/pimgad/1877878210361568303
Request Chain 163
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODXwIa1XRDHAxiEBygBMgiCN8kSc9SH9g HTTP 301
  • https://tpc.googlesyndication.com/pimgad/15228727800630933301

177 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1685fea9.613293428.xyz/ 		164 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ddf7777825129b7c6585d348d0716947dc44f2dda25ed519ece964c82439996
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=120
cf-cache-status
DYNAMIC
cf-ray
8f7ba91e8aab7d71-LAX
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 25 Dec 2024 20:42:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n18%2FrQDBFqRBEDUHTr3vQXwdOceYMjr0a8GLDa3sg33njABG9WDURacUk4bg8sFPNPJ5g%2FezUt4IYOVQ%2BO8gwhnPsQOQz7njiTONXymRMvQkeqdAZinGjCvQs9FUD5NlsWdfPE8mIEoo"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=62190&min_rtt=61466&rtt_var=10683&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4246&recv_bytes=4541&delivery_rate=322&cwnd=12000&unsent_bytes=0&cid=aec745da2a26ef0f&ts=372&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=63072000
vary
Accept-Encoding, User-Agent
via
1.1 google
x-content-type-options
nosniff
x-device
desktop
x-xss-protection
1; mode=block
otSDKStub.js
1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a993b974684900ec3d702a39f4e08d637c92e54fd9b58075f3669ee313ef0b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-md5
UzmBk0Ra4K9he+CwjGKb/g==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DD1DE4B7A34202
age
66744
x-ms-lease-status
unlocked
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LqWH1IY9WO%2BscRawhF2bc7ekTkemzOp3rZ7laS6kUXOk%2Bf%2BUS0n1zBLpWdBi5PlgRbXsvuuTB2ISKZhiPrcRzd2rmUB1Gddg0577Uvd8ttFH7YiY9ELLr5D8WGjVVLvBJFH%2FXR3z05hz"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-ms-version
2009-09-19
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=65281&min_rtt=61466&rtt_var=5184&sent=47&recv=20&lost=0&retrans=0&sent_bytes=40246&recv_bytes=6139&delivery_rate=178425&cwnd=24000&unsent_bytes=0&cid=aec745da2a26ef0f&ts=481&x=1", cfExtPri, cfHdrFlush;dur=21
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 15:17:12 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
x-ms-request-id
1138e44e-a01e-0067-6135-50202d000000
cf-ray
8f7ba9209c667d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
style.css
1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/style.css?ver=20240326
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
056aa84e33f2aba45a5359338c45374a933886ac3cbc5162d8d75e196f29085d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"66157dc9-77c"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gm5fsf5TdDUG%2BVjJkW5kpEoolqxSw0DhnY4cy9fZYC9Xn0C8iE3voBh0O6pajesqtVAPqqyi7eweCbas%2BHtA4LcS0AwvW92gihC27x%2B6Qop1C9QitqkanD%2BlNH2dMWDKqkh1xDzZn1ZD"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=65281&min_rtt=61466&rtt_var=5184&sent=47&recv=20&lost=0&retrans=0&sent_bytes=40246&recv_bytes=6139&delivery_rate=178425&cwnd=24000&unsent_bytes=0&cid=aec745da2a26ef0f&ts=477&x=1", cfExtPri, cfHdrFlush;dur=25
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
text/css
last-modified
Tue, 09 Apr 2024 17:41:29 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=63072000
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba9209c687d71-LAX
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
jquery.bxslider.css
1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/jquery.bxslider/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/jquery.bxslider/jquery.bxslider.css?ver=20150811
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c68ebff511fd2319deda1559b95a8924136ab27d8aa22f545c401b4b4e757c9c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"66157dc9-e3c"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=meED4Oab1C5AW8mCorhcfeCrUesSDmFzVSm0d8FNLvPcNHu89EDFVycrNpM%2FmSgekMSC1XVXnlDWbEr1wOSco57cGfktMT0pYp19KwMvCwZuXnrLJReihjAGhU50Zjzte16w6WeVtWe3"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=65281&min_rtt=61466&rtt_var=5184&sent=46&recv=20&lost=0&retrans=0&sent_bytes=39569&recv_bytes=6139&delivery_rate=178425&cwnd=24000&unsent_bytes=0&cid=aec745da2a26ef0f&ts=476&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
text/css
last-modified
Tue, 09 Apr 2024 17:41:29 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=63072000
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba9209c697d71-LAX
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
front-page.css
1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/css/ 		48 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/css/front-page.css?ver=20241115
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23004dfc20b7b8cbaa345f8abdd33368bcd60599493ab42a324730503f41a97d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"673b9ca4-bc37"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=24siVHrsF9p8PUe20jJIu1fyL81TunBSOyTP45rogTYjJL7Si7S1axI8IT6XdOwGGEe5X6TsFyhWY8k1%2FrOCjNlc7xgnaJ19RRckxewxwL9r0D9jNvirutVo3HGvirlIayt7H%2B4%2FH524"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=65281&min_rtt=61466&rtt_var=5184&sent=47&recv=20&lost=0&retrans=0&sent_bytes=40246&recv_bytes=6139&delivery_rate=178425&cwnd=24000&unsent_bytes=0&cid=aec745da2a26ef0f&ts=483&x=1", cfExtPri, cfHdrFlush;dur=19
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
text/css
last-modified
Mon, 18 Nov 2024 19:59:32 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=63072000
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba9209c6a7d71-LAX
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
js
1685fea9.613293428.xyz/www.googletagmanager.com/gtag/ 		409 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/www.googletagmanager.com/gtag/js?id=G-64JWG501SB
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a72130b49efb429a2eab56c589b0d6bb50ddffa58c7bef45c91716389fc98b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 25 Dec 2024 20:42:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67107&min_rtt=61399&rtt_var=4174&sent=227&recv=69&lost=0&retrans=0&sent_bytes=230947&recv_bytes=12209&delivery_rate=294502&cwnd=94800&unsent_bytes=0&cid=aec745da2a26ef0f&ts=809&x=1", cfExtPri, cfHdrFlush;dur=3
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cf-ray
8f7ba921fdad7d71-LAX
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
x-xss-protection
0
server
cloudflare
goto_EET.png
1685fea9.613293428.xyz/assets/themes/djy/images/front-page/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/assets/themes/djy/images/front-page/goto_EET.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2991b9f00d1f1c62882436a630a60046647620e0d100acfb1980f81304e88678
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cf-cache-status
HIT
etag
"66157dca-1237"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=owrtRmBXCRWu46pADu7l7wsJBOSA9HAlNL3m74aJqKRuZWAX02YmNU%2FqaWnEol5vqvUy7DYu9yWRfrFiUbn1deEezG2IpsvaxEZ%2Fa0%2FcsP%2BvIN%2FfDyCTbcHnuPDZS8%2FtOEO9a%2B4GdTWJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=64798&min_rtt=61399&rtt_var=1112&sent=74&recv=45&lost=0&retrans=0&sent_bytes=63479&recv_bytes=9317&delivery_rate=390425&cwnd=43200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=589&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Tue, 09 Apr 2024 17:41:30 GMT
vary
Accept-Encoding
priority
u=2,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba9215d1f7d71-LAX
accept-ranges
bytes
content-length
4663
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
DJY-Web-Logo-new.png
1685fea9.613293428.xyz/assets/themes/djy/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/assets/themes/djy/images/DJY-Web-Logo-new.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ec709a9c70d7ee9e0a06cebe1288aa688cd52476344c49145a343ac34a952b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cf-cache-status
HIT
etag
"66157dca-1f09"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YyX6rbMZ2dZ1%2FSoAWSwFZ1MNIZm%2BUfH5YRgMvhDkYO3QAUxGo7h4X6%2BqvEs2LNlpYW0YqVhfyOPgYAm6oSTqQiEybKlT5YYX%2Fmbyp6DBx5cSrGoWSv1UB3lZpLzn3ybZzbLvpQgvBG9g"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=64798&min_rtt=61399&rtt_var=1112&sent=79&recv=45&lost=0&retrans=0&sent_bytes=68997&recv_bytes=9317&delivery_rate=390425&cwnd=43200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=600&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Tue, 09 Apr 2024 17:41:30 GMT
vary
Accept-Encoding
priority
u=2,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba9215d227d71-LAX
accept-ranges
bytes
content-length
7945
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
id14397905-GettyImages-2190252765-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14397905-GettyImages-2190252765-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe9fed0eb977ae992215ecece5c3f9efda2c6f1712fd64709c5e6fc998b81a01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
MISS
etag
"676c5855-194b9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lIHtusNmeQpbQa2ZWOPHvr4xvuuv1IB07LFjA3rrcerMtNgK4OkkzYieBOAcEAhdNVesy0Ci1J6TaBs7%2Fiq7urlNNyCR47%2BPwC2ShSw8mSvdWmjlgblEKGrf8vVCdRCqy6PMZMAetSl8"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 20:42:26 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67629&min_rtt=61399&rtt_var=2796&sent=248&recv=74&lost=0&retrans=0&sent_bytes=255058&recv_bytes=13526&delivery_rate=904806&cwnd=134400&unsent_bytes=0&cid=aec745da2a26ef0f&ts=814&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Wed, 25 Dec 2024 19:09:09 GMT
vary
Accept-Encoding
priority
u=2,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31535968
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba9216d2f7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
103609
server
cloudflare
akamai-mon-iucid-del
1281139
id14397904-241225104117100863-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14397904-241225104117100863-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a738cc9e0a13dc51620b22c68836174d457944bc8b16ae18e3d32050314fdd58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
MISS
etag
"676c5834-a0ee"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zd%2BzwbPcJjbWIVFaaAU4t%2FZX9oDbNG%2B7dDekPGc9%2FS%2FcSmJmxyWyOJHVttD4uRpTDpVjO6QqpZkJ884CRXB9Cj%2BpKnajuNkfWxu2a%2F1gXevAjSOcmKUQOMyVcFoYuBnrIJYQaXadNliG"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 20:12:43 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67107&min_rtt=61399&rtt_var=4174&sent=227&recv=69&lost=0&retrans=0&sent_bytes=230947&recv_bytes=12209&delivery_rate=294502&cwnd=94800&unsent_bytes=0&cid=aec745da2a26ef0f&ts=810&x=1", cfExtPri, cfHdrFlush;dur=1
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Wed, 25 Dec 2024 19:08:36 GMT
vary
Accept-Encoding
priority
u=2,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31534185
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba9216d317d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
41198
server
cloudflare
akamai-mon-iucid-del
1281139
id14396123-GettyImages-2190498583-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14396123-GettyImages-2190498583-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbf1287bfcdb3d033b6748cacde563badc30784d0a307e025789749ebabc6f1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"67690d89-7e73"
age
189596
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fz%2FBD1wJ4raqFMwIhbOyznV5RzHbZ%2F4dLS7vR73yRkOazoJPpYFLBix4w1KyYnlO0rL2iLrhvW51fxlGv93jdGf6iDP5y%2BDkabLi%2F6VYlO6%2FVf62Y1LYDBwL1mJpnkGbaFE9GYcXmA%2BP"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Tue, 23 Dec 2025 14:26:14 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=65691&min_rtt=61399&rtt_var=636&sent=150&recv=66&lost=0&retrans=0&sent_bytes=142233&recv_bytes=11717&delivery_rate=550226&cwnd=78000&unsent_bytes=0&cid=aec745da2a26ef0f&ts=748&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Mon, 23 Dec 2024 07:13:13 GMT
vary
Accept-Encoding
priority
u=2,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31530192
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba9216d327d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
32371
server
cloudflare
akamai-mon-iucid-del
1281139
id14397855-2412251129021973-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14397855-2412251129021973-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8f72c991402f5dc20c18041fe76b6b1086542dc754a1288dca4d9ce2cdf7801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"676c3488-1ab06"
age
10807
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q9sj%2BjYmom8svISkWuCiWY%2BPN7CIQEYYB4FrFI3dt%2BtnMOD8mAQjUGWXn20YNiY18G9t1oYOWi3o1cs4sp%2BIVNYhzsmfqTMKw6fJA%2FnimVTdqdqLncOuygKNOS02FSGCxLHCdqIPbvSW"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 16:41:21 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=65678&min_rtt=61399&rtt_var=504&sent=180&recv=67&lost=0&retrans=0&sent_bytes=176234&recv_bytes=12120&delivery_rate=597348&cwnd=78000&unsent_bytes=0&cid=aec745da2a26ef0f&ts=768&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Wed, 25 Dec 2024 16:36:24 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31532310
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba9227e1d7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
109318
server
cloudflare
akamai-mon-iucid-del
1281139
id14397252-WhatsApp-Image-2024-12-23-at-15.55.43-320x200.jpeg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14397252-WhatsApp-Image-2024-12-23-at-15.55.43-320x200.jpeg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66cee9c7daf5d2b54f3cd6efd7e33b6f853a2adcd4a909d425e870a1316b7a5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"676b3d03-e3e3"
age
45674
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LcawYJbaequMZ4v8vZLvPctsDP8B0C2WUR5C5cdFdKZ38SRh2ouX0STyHyGxgHCox%2FOjHr52Ur7N4FzSDRYYQ9qDy%2F9KdbsIAgjp%2BnuXy%2FOytS0MEgebXcWuFhWD8Ws9N63XemYkw%2Fm8"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 07:19:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=66934&min_rtt=61399&rtt_var=3488&sent=316&recv=76&lost=0&retrans=0&sent_bytes=334061&recv_bytes=13966&delivery_rate=835396&cwnd=146400&unsent_bytes=0&cid=aec745da2a26ef0f&ts=831&x=1", cfExtPri, cfHdrFlush;dur=2
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Tue, 24 Dec 2024 23:00:19 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31533443
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba922de5d7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
58339
server
cloudflare
akamai-mon-iucid-del
1281139
id14392229-shutterstock_2487158743-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14392229-shutterstock_2487158743-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
663052518a7106d48f63e7876ba032560ead8162d707faaf6e4be05f2c53d59b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"67609e5c-eec0"
age
21913
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nMdCxtQEy5df0qWQOGWrAG%2FCOtRWwJox4OsT%2BkBA5JqdN7O%2Bl%2BZI69udWkMfCSeHuIdKIi9Vmln60gBhg%2Bxs4hbR4NyG7hxs7YHDeF3LOBLxIDpXUv57MIU2xzK%2Fkhc27VaCA4HS4Ci3"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Sat, 20 Dec 2025 19:25:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=66934&min_rtt=61399&rtt_var=3488&sent=316&recv=76&lost=0&retrans=0&sent_bytes=334061&recv_bytes=13966&delivery_rate=835396&cwnd=146400&unsent_bytes=0&cid=aec745da2a26ef0f&ts=831&x=1", cfExtPri, cfHdrFlush;dur=2
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Mon, 16 Dec 2024 21:40:44 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31121274
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba922de5f7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
61120
server
cloudflare
akamai-mon-iucid-del
1281139
id14397656-GettyImages-2190749999-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14397656-GettyImages-2190749999-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed8ae4a9766489e971f354d9547899bccb0541b9f0c6fa0a2f09e25348dc16a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"676bed24-1126b"
age
19504
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FgqVzhKTpnbt%2FNn8C3pDsoNhOyRv8JRyb8GLw4V6N1upTQxxpVk3T1Mrf78C4AAdtJ738uunS3B4dpL9gLicaowRfpXhoCHM%2FQVhYPqzQ1i%2F72pIfEFT5qmB5Un2V42ZMBC52havMGCa"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 12:17:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=66934&min_rtt=61399&rtt_var=3488&sent=306&recv=76&lost=0&retrans=0&sent_bytes=322659&recv_bytes=13966&delivery_rate=835396&cwnd=146400&unsent_bytes=0&cid=aec745da2a26ef0f&ts=831&x=1", cfExtPri, cfHdrFlush;dur=2
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Wed, 25 Dec 2024 11:31:48 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31525161
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba922de617d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
70251
server
cloudflare
akamai-mon-iucid-del
1281139
id14397464-2412242100071973-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14397464-2412242100071973-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5c7bb4d9dfac774ef5aa24a8d9610107c5c8a4db0dee5837cff891212cd9994

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"676b95fa-2141d"
age
21913
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2rVN3nGl1Bykz%2BOvhOCP8%2FK3gELl4%2FIxGc4jxGsr85rmn3RoLZyI3ewmK7WtfQQKg%2FjXcn28kmptG%2BSLknidnAyfegvWnyJsiGy9OnpMbQQzyT2JE9%2Bj%2FBLZwmKO%2BiE1rI4kq%2BJt4%2Fmp"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 14:31:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=66328&min_rtt=61399&rtt_var=3828&sent=326&recv=89&lost=0&retrans=0&sent_bytes=346061&recv_bytes=19372&delivery_rate=961387&cwnd=156000&unsent_bytes=0&cid=aec745da2a26ef0f&ts=842&x=1", cfExtPri, cfHdrFlush;dur=2
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Wed, 25 Dec 2024 05:19:54 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31535639
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba922de637d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
136221
server
cloudflare
akamai-mon-iucid-del
1281139
id13890963-shutterstock_537611854-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2022/12/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2022/12/id13890963-shutterstock_537611854-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8530a557cdd060b6d85516e0d52f6eea5b719173655e4600e5bed7528c98a4a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"63a68f05-8b40"
age
57696
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j3%2FG0Y1YSwvXQEIOeoMdJ9%2BqbYd%2FGhAytdMn666%2FlJIoSjXig6EZKm%2BiA13p0O61jtb8gNY0P6tWvLrCSkfhsneSjyAC9T7UH%2BncBIIW%2FOGsxWdbDKSaxrRpMRoJKqb%2FouCAoB5ewKpC"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 04:37:30 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67494&min_rtt=61399&rtt_var=5202&sent=350&recv=94&lost=0&retrans=0&sent_bytes=372781&recv_bytes=21345&delivery_rate=911533&cwnd=165600&unsent_bytes=0&cid=aec745da2a26ef0f&ts=866&x=1", cfExtPri, cfHdrFlush;dur=9
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Sat, 24 Dec 2022 05:32:53 GMT
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31535768
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba922fe8c7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
35648
server
cloudflare
akamai-mon-iucid-del
1281139
id14397288-20171220-SIJING-11-600x400-1-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14397288-20171220-SIJING-11-600x400-1-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3af7dffe50033f9ba05f957886df82644353d4c4ad639acf972c3a90a81e7b2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"676b5bd8-85da"
age
60218
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1g7WqJ9pGM4YkDM3w51EJYEuE%2FqSBFi%2BXSX6SAM1DScl%2FFFvmjEFzKfmNjYQi4ru%2FIzdLbQd9Sq5%2FCqrkOFM3wkm7gJvYR1r50eQFBEUIhg3fyawfBDFRcYY9gLXj%2Fby8LbxbZ9eetGg"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 03:19:51 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67494&min_rtt=61399&rtt_var=5202&sent=350&recv=94&lost=0&retrans=0&sent_bytes=372781&recv_bytes=21345&delivery_rate=911533&cwnd=165600&unsent_bytes=0&cid=aec745da2a26ef0f&ts=865&x=1", cfExtPri, cfHdrFlush;dur=39
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Wed, 25 Dec 2024 01:11:52 GMT
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31533631
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba9230e9e7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
34266
server
cloudflare
akamai-mon-iucid-del
1281139
id14048182-000_32927LV-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2023/08/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2023/08/id14048182-000_32927LV-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83f178ad3919c5e6ce51544f75c785828d95d5b9faf49421d37f8ad0a3e50ab9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"64cd2009-50c0"
age
62076
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oa3aqIXVj%2F6lu3%2BeB0PN%2FHCyQXtNJHY95HgCHGjEimN4Ts3%2F8ccgFlxddOJDcmqCRRM4OmCc2Or4E0DoRvUCOt5KlI%2BZBWQdqjPnAQVE6DTgu0kChOntMOYrlKKjaYxBs937zLkqRINa"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 00:40:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67494&min_rtt=61399&rtt_var=5202&sent=350&recv=94&lost=0&retrans=0&sent_bytes=372781&recv_bytes=21345&delivery_rate=911533&cwnd=165600&unsent_bytes=0&cid=aec745da2a26ef0f&ts=865&x=1", cfExtPri, cfHdrFlush;dur=28
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Fri, 04 Aug 2023 15:58:01 GMT
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31525906
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba9230e9d7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
20672
server
cloudflare
akamai-mon-iucid-del
1281139
id14397513-db0857cb5ad90ecf0f1beb8df8d971ab-320x200.png
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14397513-db0857cb5ad90ecf0f1beb8df8d971ab-320x200.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3b9e2ce037cd0a28750bd8b37dddc638c0406e51314f17f8854704e86cfbeb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"676bacf9-1f270"
age
47016
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=62993Uu%2Fal4xVDzFmZnYh4zmUSlVbBNyTrWMdp7ldbehcBxVn7gXJmB2fsiCf8frM6pE1Pvt08YOTJxrycojpTK29c57F%2BwAGmqiX7cggFZfdFBkFpP0s9kp7kpPya761Gt9GcHBizqM"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 07:02:49 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67494&min_rtt=61399&rtt_var=5202&sent=350&recv=94&lost=0&retrans=0&sent_bytes=372781&recv_bytes=21345&delivery_rate=911533&cwnd=165600&unsent_bytes=0&cid=aec745da2a26ef0f&ts=862&x=1", cfExtPri, cfHdrFlush;dur=14
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Wed, 25 Dec 2024 06:58:01 GMT
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31533807
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba922fe947d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
127600
server
cloudflare
akamai-mon-iucid-del
1281139
shenyun_creation_sidebar.png
1685fea9.613293428.xyz/assets/themes/djy/images/front-page/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/assets/themes/djy/images/front-page/shenyun_creation_sidebar.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8cbf534350e2190f34aa56f17a26015db1e60660aba8a25bd9a9ed860d8393f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cf-cache-status
HIT
etag
"66157dca-42f7"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ixoy%2FRbiw1RdeLD%2Bhp8FVUcJ79NEh4962TAmeEqk%2BazztU4%2FrCX%2BgYM2BuyZ%2BdL8Rq%2Bjr1KoQYGOfxb7qDo4dIpuJHU5MJY0ifE47B%2BD6%2FnEHA5%2Fe9JmE8YBvsx%2FfgIOjA3afhG%2B1k45"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=66181&min_rtt=61399&rtt_var=5196&sent=391&recv=96&lost=0&retrans=0&sent_bytes=420597&recv_bytes=21435&delivery_rate=1488619&cwnd=189600&unsent_bytes=0&cid=aec745da2a26ef0f&ts=871&x=1", cfExtPri, cfHdrFlush;dur=22
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Tue, 09 Apr 2024 17:41:30 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba9230e9b7d71-LAX
accept-ranges
bytes
content-length
17143
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
id13693443-ttl7dayLlV_0403_Haolan_1200x800_CN-320x200.png
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2022/04/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2022/04/id13693443-ttl7dayLlV_0403_Haolan_1200x800_CN-320x200.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1a5cd28c91494767bc2af988767cf282458e1141d22839fff55abac20f3d44b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"624a2c4e-15455"
age
174647
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=teuCfEdORh7J5pbmvI87RfYOV%2Bv3SRaaWFQL%2BmryDa7fNhtWWyrE2ERzJp0pfMKpJRM5RaEJQXYYJLD2hh%2F145Qep367icEg8N8oU2BKFhqZEVbP6VgQ%2FhfFRke2oc0YmfG9tzgO0Erv"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Tue, 23 Dec 2025 17:12:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67494&min_rtt=61399&rtt_var=5202&sent=350&recv=94&lost=0&retrans=0&sent_bytes=372781&recv_bytes=21345&delivery_rate=911533&cwnd=165600&unsent_bytes=0&cid=aec745da2a26ef0f&ts=857&x=1", cfExtPri, cfHdrFlush;dur=16
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Sun, 03 Apr 2022 23:22:54 GMT
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31525189
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba922fe867d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
87125
server
cloudflare
akamai-mon-iucid-del
1281139
id13775825-TN_MATG_DJY_CHT-320x200.png
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2022/07/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2022/07/id13775825-TN_MATG_DJY_CHT-320x200.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
228c4644cbb423f15425adb802519ecfa7b6784e0194f7b1d990a1786320fba4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"62c6ffef-1a575"
age
209804
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=psCR6D5K7d51kaJPF5oOWHJBg8aDHaXCv%2FQYTW4YJHl%2Bbfoe4splRBxgYPgG1%2FPBuZuC1RHi8RFvwMpXGCCqMHc9iDzFjvlTeBCAFMTKtAkHGAM%2FsU1v0wpW2jeOZwb8URIW5jl1imva"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Fri, 19 Dec 2025 20:13:09 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67494&min_rtt=61399&rtt_var=5202&sent=350&recv=94&lost=0&retrans=0&sent_bytes=372781&recv_bytes=21345&delivery_rate=911533&cwnd=165600&unsent_bytes=0&cid=aec745da2a26ef0f&ts=858&x=1", cfExtPri, cfHdrFlush;dur=17
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Thu, 07 Jul 2022 15:46:55 GMT
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31225615
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba922fe897d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
107893
server
cloudflare
akamai-mon-iucid-del
1281139
santui_b5.png
1685fea9.613293428.xyz/assets/themes/djy/images/front-page/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/assets/themes/djy/images/front-page/santui_b5.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e3d5bad69556d8cdd507cd18993c2f83231ab06b8ad1651fecdc08147ba38b8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cf-cache-status
HIT
etag
"66157dce-d57"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hMEY9tJeI6NFCxRU4Muao98l4BSql3Ed6OqDCWQZMTw8GbYPqaEg4bh9jzx0OeFgWfht26g%2FM%2FuG7z4vAVwp5HVFYqmusjNnbHOGJG8k3g2d%2F8QX6pRj5JYBxuO62m0Pjeij2UxSUChO"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67494&min_rtt=61399&rtt_var=5202&sent=350&recv=94&lost=0&retrans=0&sent_bytes=372781&recv_bytes=21345&delivery_rate=911533&cwnd=165600&unsent_bytes=0&cid=aec745da2a26ef0f&ts=857&x=1", cfExtPri, cfHdrFlush;dur=12
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Tue, 09 Apr 2024 17:41:34 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba922fe827d71-LAX
accept-ranges
bytes
content-length
3415
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
94e365592cc330dcca3f68a51701d120-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2018/07/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2018/07/94e365592cc330dcca3f68a51701d120-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ac49e8c8bbad10ad7439fef4360f3dce6b9771c3fdd22c5cefc47c9f153a1d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"5b30dbd1-3aaf"
age
32787
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qwadDAeFxMa7T72uQtJZknDUPXKf0I1DgokKacuo4HXW3qnnrCGuhIl00Lfw0JJqVXHUvKlCYLUAPKzseQ85t4RLyOcPDvJQtiJ7ThOFJITt136MPKYDCKLqESJEXhkaNL%2BrNCajGeW4"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 11:36:16 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67494&min_rtt=61399&rtt_var=5202&sent=350&recv=94&lost=0&retrans=0&sent_bytes=372781&recv_bytes=21345&delivery_rate=911533&cwnd=165600&unsent_bytes=0&cid=aec745da2a26ef0f&ts=860&x=1", cfExtPri, cfHdrFlush;dur=31
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Mon, 25 Jun 2018 12:10:57 GMT
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31535985
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba922fe967d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
15023
server
cloudflare
akamai-mon-iucid-del
1281139
id14308759-959e017c3d9c987ca9b10c4c-600x400-1-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/08/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/08/id14308759-959e017c3d9c987ca9b10c4c-600x400-1-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1907ce478c80150acd6da41477d2e0a6b4da409f150a3bcd3ae081b3aa696eb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"66b789ae-19051"
age
72333
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q4yP%2BOWj7nkiIgD5BeNfTBQISqzOHyUDs0X8rhA%2B6El1aHyBgBKuJFJqbybqQ5b3vgfH5Xr20DcJaFVVKpLrZaXcuXil90BHWF5c7jXwxddVjBgrSx0CJS%2FqlhzG99F0G7kIshlVcAzU"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 00:33:24 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67494&min_rtt=61399&rtt_var=5202&sent=350&recv=94&lost=0&retrans=0&sent_bytes=372781&recv_bytes=21345&delivery_rate=911533&cwnd=165600&unsent_bytes=0&cid=aec745da2a26ef0f&ts=860&x=1", cfExtPri, cfHdrFlush;dur=31
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Sat, 10 Aug 2024 15:39:26 GMT
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31535759
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba922fe977d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
102481
server
cloudflare
akamai-mon-iucid-del
1281139
id14396458-4d29aee8e20d3a56362c94007bf70f7c-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		153 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14396458-4d29aee8e20d3a56362c94007bf70f7c-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e0c9230e4569491cd4387257154fa31c77a67820c95de5c2c35dfc2c97c931d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"67699120-2645a"
age
101452
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPgaaAq3asTUiAqRbRvPcncetTcX4A0YUpc8njRHP9dZVa27vovBkr8wRdSZzsxr1AwxGhdBvXX8Xofnl%2BupfD8mHr3XKqtwMqrpwmqwLOzYc8xnAvh%2Fx9Bbq1kwT%2BavyeNalnAWelq3"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 24 Dec 2025 16:07:54 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67494&min_rtt=61399&rtt_var=5202&sent=349&recv=93&lost=0&retrans=0&sent_bytes=372756&recv_bytes=20996&delivery_rate=911533&cwnd=165600&unsent_bytes=0&cid=aec745da2a26ef0f&ts=851&x=1", cfExtPri, cfHdrFlush;dur=18
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Mon, 23 Dec 2024 16:34:40 GMT
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31534548
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba922fe837d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
156762
server
cloudflare
akamai-mon-iucid-del
1281139
id14377197-879ed219d83382b991e04900c5d8cff4-320x200.png
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/11/ 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/11/id14377197-879ed219d83382b991e04900c5d8cff4-320x200.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d0a08771d5447cac92203e19137b6a31196ed860907c2453c21a9769b5865bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"6741ca50-18700"
age
130439
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j8qd8blwLkO7MYs%2B6Dt30Pyh5ciFkI9es5Y8Tb%2Bauq7oc9TDC7vt3QbL%2FkghChmfosXifBN%2B0JkIBlBxluYipLDBuLUfl4xOS3ce5WnAaFm8jdoosp4UFwET0sAyHaOStk5RJ7Av1e58"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 24 Dec 2025 08:13:16 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67494&min_rtt=61399&rtt_var=5202&sent=349&recv=93&lost=0&retrans=0&sent_bytes=372756&recv_bytes=20996&delivery_rate=911533&cwnd=165600&unsent_bytes=0&cid=aec745da2a26ef0f&ts=855&x=1", cfExtPri, cfHdrFlush;dur=14
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Sat, 23 Nov 2024 12:28:00 GMT
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31535057
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba922fe857d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
100096
server
cloudflare
akamai-mon-iucid-del
1281139
id14395487-HaiTang-Jiadie-Tu-Part-2-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14395487-HaiTang-Jiadie-Tu-Part-2-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
955f31a98ca8b4aae68afae6eba8c59392749d6bb529ad0070825f676a6f59d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"6766e910-8de1"
age
157318
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5mhvrCggpCFXldsPDsJEzJAEB%2BIxQ585QLeGDroe9AIFt6BGOamOhaW2t5jZsBhb0WndpsLQF6AaV9MnlOmLn%2FbOlbU%2FN2tFdMwY%2Bx%2FJvzGqOJj%2Fc5BAsHD509IrIlq7rQbwmwxIxP3N"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 24 Dec 2025 00:30:21 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=66200&min_rtt=61399&rtt_var=3934&sent=411&recv=97&lost=0&retrans=0&sent_bytes=444597&recv_bytes=21480&delivery_rate=1581093&cwnd=201600&unsent_bytes=0&cid=aec745da2a26ef0f&ts=875&x=1", cfExtPri, cfHdrFlush;dur=1
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Sat, 21 Dec 2024 16:13:04 GMT
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31534161
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba922fe927d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
36321
server
cloudflare
akamai-mon-iucid-del
1281139
1584ef1c6e8da097_ttl7daykI4_2-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2019/02/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2019/02/1584ef1c6e8da097_ttl7daykI4_2-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ecd69461d4cedcd9e280c9b16de139c17cf27bd92381a6b3a3cb02f00ce4bd3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"5c89df6d-b495"
age
191228
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3wGBFl5q3gh2J1bH4uSBZupTCDPuw6fw%2F21TCsZ4naYsKDF1V4Ef97KI9gctvVK02jra04wvFJdPI2Ibs4dakohaF%2FCkLdGCn%2BZ5JXe1U33n%2FbGsm4KuBlLeoWkJSv3b2Vw0vmOMEYC5"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Tue, 23 Dec 2025 15:29:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67494&min_rtt=61399&rtt_var=5202&sent=350&recv=94&lost=0&retrans=0&sent_bytes=372781&recv_bytes=21345&delivery_rate=911533&cwnd=165600&unsent_bytes=0&cid=aec745da2a26ef0f&ts=861&x=1", cfExtPri, cfHdrFlush;dur=32
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Thu, 14 Mar 2019 04:58:21 GMT
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31535648
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba9230e9a7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
46229
server
cloudflare
akamai-mon-iucid-del
1281139
id14394035-yes-virginia-1080x720-1-320x200.webp
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14394035-yes-virginia-1080x720-1-320x200.webp
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20520d12046f3effe35957c788dbb97f07c9ea328dcebe9ab3ae94cbd26f14fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"6763ce78-20b2"
age
209804
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9UwbTxqecd9J%2BjRjFGZbT0JdR04QPXdNTe7Ny0yxmeAVG1vS78xeFu8qx8VQ0doUlrFVDVWt8hcg0w4tj%2BEOXtgMMQn%2FQI5%2Fn8hQMp5zEsb8EFsTylpLiM%2FHWSPZPbf%2F%2F%2BItol8pZ%2BQk"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67494&min_rtt=61399&rtt_var=5202&sent=350&recv=94&lost=0&retrans=0&sent_bytes=372781&recv_bytes=21345&delivery_rate=911533&cwnd=165600&unsent_bytes=0&cid=aec745da2a26ef0f&ts=857&x=1", cfExtPri, cfHdrFlush;dur=19
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/webp
last-modified
Thu, 19 Dec 2024 07:42:48 GMT
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31182763
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba922fe8d7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
8370
server
cloudflare
akamai-mon-iucid-del
1281139
id14312735-bc0520b206b56081b409cd4641a73734-320x200.png
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/08/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/08/id14312735-bc0520b206b56081b409cd4641a73734-320x200.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ae69ae8297e50dc67123f0074bfffb52db98f4338ad0d248e1aa29ce35f2a62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"66c00dcd-103a6"
age
209804
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mZK8vKQBZ9FDcFRyhptAEHgY0XyyL3ZJ8eY1vxpDPLx5tUWJVqBdOoniBRoHgHmp0cEwSDArHSpvRUAMF%2FNcmGEjjyLrjyM7VPRjNn20OMlq1fPPX0gRs3u%2BbYIbtBYKWyqKWLjnHej1"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 11 Dec 2025 17:06:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1674&recv=309&lost=0&retrans=0&sent_bytes=1919367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1119&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Sat, 17 Aug 2024 02:41:17 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=30523222
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba9248fef7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
66470
server
cloudflare
akamai-mon-iucid-del
1281139
id14386876-729302-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14386876-729302-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26c897f3a194f77b6e93d484de76c1c15153f817d7a8507d440df5a2bbf561b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
MISS
etag
"676bc6b2-e528"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xm3MWeJF1fNjgByAKtPhQUczCVUOu50%2FIqHVaNt2RPRHI3YxvjljVMPXmPzIB7%2F8HEZdY%2BTRpsri4cwu0GBYNUIkAzr7lJsuy2cS5FNLsLmlJ%2FOmBydVfffBdBuuWton4heIfoh9eyXm"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 09:54:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1174&x=1", cfExtPri, cfHdrFlush;dur=13
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Wed, 25 Dec 2024 08:47:46 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31497106
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba9248ff17d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
58664
server
cloudflare
akamai-mon-iucid-del
1281139
shenyuncreation.jpg
1685fea9.613293428.xyz/assets/themes/djy/images/front-page/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/assets/themes/djy/images/front-page/shenyuncreation.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35ec416adfcc6936b9a466977a849b57bce0da4903bf3f2dfd395b5e08567edd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cf-cache-status
HIT
etag
"66157dca-393c"
age
209807
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wiaT32cFVxajopGVcENnpcAM%2FloZPQCW4Er0eLYMfks%2FXzc5sIHQhEXL%2FT3ZLvlk6xtr0ZGCM1i9iOQu5w8FBxwXquQVe%2BD3rhYW1nQhZrikGSw4Oj1Lhp91vgc7vXrF4gmGqLhg9nAd"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2020&recv=309&lost=0&retrans=0&sent_bytes=2334156&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1135&x=1", cfExtPri, cfHdrFlush;dur=55
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Tue, 09 Apr 2024 17:41:30 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba9248ff37d71-LAX
accept-ranges
bytes
content-length
14652
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
id14392194-HaydnTrumpetConcerto_DJY-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14392194-HaydnTrumpetConcerto_DJY-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f67232435552ed02e6806d97f23c8ea657db45a414e663b8bf4ad5cb52bb32e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"6760841a-12543"
age
209804
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ki8lFaqRAtSxmA%2BQZidFmL5bRAEuKXayTDIVWrHaVIpiEB3AnhSFkeaIzYOWFwoyTuz5nqa%2BWI6rU93MZ1scvAlabVxQg0tI9Hjw4kIXYZago9FwZhjxszHIIDyK4Lak1n%2B6OWb0OBnO"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Tue, 16 Dec 2025 23:16:13 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1674&recv=309&lost=0&retrans=0&sent_bytes=1919367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1119&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Mon, 16 Dec 2024 19:48:42 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=30977399
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba9248ff77d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
75075
server
cloudflare
akamai-mon-iucid-del
1281139
id13769412-TN_WSMPtE_DJY_CHT-320x200.png
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2022/06/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2022/06/id13769412-TN_WSMPtE_DJY_CHT-320x200.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16d4cb656766446dc7f96275c1d5b3505ba6c68089def8f62dcd7dd5eaf943ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"62bb1e12-1eec4"
age
209804
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6wo893Lj1LnBKAJr0W8RZZkjEEohsmONF1SKAupO39qg%2F5y2HdRE5y1K3no1C5VB0VdIwEkHnqJ17V9EXobnBsVQHuF0FTvMR%2BCMmk2vCMmGYFnKuwiu6ZQR3vUHXORRzrOF4%2BYq3yRm"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Fri, 12 Dec 2025 23:09:53 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1674&recv=309&lost=0&retrans=0&sent_bytes=1919367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1119&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Tue, 28 Jun 2022 15:28:18 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=30631419
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba9248ff87d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
126660
server
cloudflare
akamai-mon-iucid-del
1281139
id13684553-ttl7dayIeC_ChenYin-Ep04-1200x800-320x200.png
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2022/03/ 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2022/03/id13684553-ttl7dayIeC_ChenYin-Ep04-1200x800-320x200.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5463f114b3ee40e5b1373aa222361e2ebe1ead7ba8ff7fe11718fff49601d63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"6244e9fa-1d29a"
age
209804
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v148Bb3m7o812qmul2cTa%2Bnlnx4Ljcr%2F1yzth2XbIlKJG9A%2FWLQSQRGtvJhJxGF4%2FTxHR8RX0DHZ2fx7QJu80RJ%2Bkg%2BExxvHb7HGDw466D3%2BQMTKswjvPfe6I1X%2BPk3I3Nhiemyx2U6b"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Tue, 09 Dec 2025 19:51:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1684&recv=309&lost=0&retrans=0&sent_bytes=1931367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1127&x=1", cfExtPri, cfHdrFlush;dur=63
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Wed, 30 Mar 2022 23:38:34 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=30360286
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba9248ffd7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
119450
server
cloudflare
akamai-mon-iucid-del
1281139
id13774149-TN_ME_DJY_CHT-320x200.png
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2022/07/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2022/07/id13774149-TN_ME_DJY_CHT-320x200.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a94082c308d41d0384f536d2879741f1be1fe93dd73fb3c7dd30f5f1219bcb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"62c44680-1c68e"
age
209804
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O8715xLZJpKESfsEjU%2FfID60DhoAHpNhXqvEDEURyP0chMRBJjjKddNuLNFPa4Zxn5j6tAF3SN3PKrig%2FGGOn1Sysnz56yb8Ea5Tcrm5ujEJ32KCvYwOFYqPigRM473wSBH6HXS3rYRd"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Fri, 05 Dec 2025 16:27:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1684&recv=309&lost=0&retrans=0&sent_bytes=1931367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1127&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Tue, 05 Jul 2022 14:11:12 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=30002466
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba9248ffe7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
116366
server
cloudflare
akamai-mon-iucid-del
1281139
id14383122-FT2024CompetitionP1Dec7_DJY-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14383122-FT2024CompetitionP1Dec7_DJY-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d970c2042ab109f4174784dd6526b3c057a315981ccfff603cf09726943352c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"674e06d4-e4d2"
age
209804
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0EIuiiu6B4Fu9kSIRtyphS%2FbHKoyWrSb7z89DrYwHezi1ZiA9TBA5ZIkYd4ISeaPk1Jcqt0EdbXNZO6IaqE0QQZBsDa2iQhnoZO0jwqYLb7S8hxCk%2FOZJqfPzmvfDHdmfwB41NulDJCv"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Tue, 02 Dec 2025 23:16:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1694&recv=309&lost=0&retrans=0&sent_bytes=1943367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1129&x=1", cfExtPri, cfHdrFlush;dur=64
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Mon, 02 Dec 2024 19:13:24 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=29767789
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba9248fff7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
58578
server
cloudflare
akamai-mon-iucid-del
1281139
672.webp
1685fea9.613293428.xyz/image5-us-west.cloudokyo.cloud/image/v1/d6/9e/e5/d69ee5ea-6007-4f46-9847-87ed81af6600/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/image5-us-west.cloudokyo.cloud/image/v1/d6/9e/e5/d69ee5ea-6007-4f46-9847-87ed81af6600/672.webp
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1003f0cc7f4d4ac24f4292eef67422cf2cfea5092de63f4aef73bd5c356e4ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
age
153144
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NAKRRDY1esi2GkDnIsn0eIr%2BAZjvdmEP2P8P2JEYZJCNP8IIajNCD6HTf%2BA4Wbiskp76CfbW04Ty0dH9%2B5eMiG6lo8fwTWcmKZDSXgE2lL6kctAEKCd%2FVBi4VjJ0EO5IUYnKHoXRd2WH"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1694&recv=309&lost=0&retrans=0&sent_bytes=1943367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1129&x=1", cfExtPri, cfHdrFlush;dur=64
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/webp
last-modified
Mon, 23 Dec 2024 22:17:46 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
x-cache-status
HIT
cache-control
max-age=15767389
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488007d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
42472
x-dc-id
092
server
cloudflare
akamai-mon-iucid-del
1630114
672.webp
1685fea9.613293428.xyz/image5-us-west.cloudokyo.cloud/image/v1/65/35/af/6535afcd-34e3-4eaa-ad09-33c3d8a2ec0b/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/image5-us-west.cloudokyo.cloud/image/v1/65/35/af/6535afcd-34e3-4eaa-ad09-33c3d8a2ec0b/672.webp
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5540e149c0e931b1b09216e00a96b0b77e0e0e3a56aceea8022a41db27f8f66d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
age
149104
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4wqRIXvfaKsdPaRBxlT9Sfwc1oH%2BfSXhxgTzWQKSRrTlXBWwuO1jDuwEZmLFVBxjrLB4j72UxDf%2FZJJw2K9b3wVhJhgYKYU9QstDddhdJ4BN1c%2F0FWdbIIsx4Go6694yUTjWacqe3K6Q"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1684&recv=309&lost=0&retrans=0&sent_bytes=1931367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1127&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/webp
last-modified
Tue, 24 Dec 2024 00:26:58 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
x-cache-status
HIT
cache-control
max-age=15759716
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488017d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
40926
x-dc-id
092
server
cloudflare
akamai-mon-iucid-del
1630114
DJY_video_icon_small.png
1685fea9.613293428.xyz/assets/themes/djy/images/front-video/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/assets/themes/djy/images/front-video/DJY_video_icon_small.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb5b37bcb07cdc97b231126147cdffbda404b2a7ae19888158d27d95c70b6518
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cf-cache-status
HIT
etag
"66157dce-670"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T0DNgh8qTkXgLmGKU4ViEEVXvN0%2Bc7GIARSbNbCItOgJazEJ3Czaw6wyiXnikgcZdLlOEy6ECZk%2B2VjtX7gGknEDKPrnh%2Fdt8YVkquCFy5gSFTCx4Bw2MUr7pzH%2BknDb8%2BsYb8jMQ1d%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1684&recv=309&lost=0&retrans=0&sent_bytes=1931367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1127&x=1", cfExtPri, cfHdrFlush;dur=66
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Tue, 09 Apr 2024 17:41:34 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba92488027d71-LAX
accept-ranges
bytes
content-length
1648
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
672.webp
1685fea9.613293428.xyz/image5-us-west.cloudokyo.cloud/image/v1/0e/82/cc/0e82cc3c-ae9e-4b49-b6d0-1aef4407f6f4/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/image5-us-west.cloudokyo.cloud/image/v1/0e/82/cc/0e82cc3c-ae9e-4b49-b6d0-1aef4407f6f4/672.webp
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b7c0d1c111c4d46063e7756c5f3bec8b377904dbdf81d5f2f3f145bf799634d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
age
110434
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5stC7sg%2FPnIops4688b%2FNQYFCAsDI7GFDFPy691ZRRz1DqFkYdaT59YoqruIT28ZN4kmidmqx0F7%2B%2BMBTGSEtNPqi2JxVjDy%2FP5IOuvsAzFTD%2F%2BjMMYBUxNPCOjsHE2SgKC4rmDlj5CR"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1734&recv=309&lost=0&retrans=0&sent_bytes=1991367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1132&x=1", cfExtPri, cfHdrFlush;dur=61
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/webp
last-modified
Fri, 20 Dec 2024 00:43:19 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
x-cache-status
HIT
cache-control
max-age=15377244
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488037d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
45938
x-dc-id
092
server
cloudflare
akamai-mon-iucid-del
1630114
672.webp
1685fea9.613293428.xyz/image5-us-west.cloudokyo.cloud/image/v1/c9/dd/65/c9dd65bc-9296-4037-8c51-80b65d6563c9/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/image5-us-west.cloudokyo.cloud/image/v1/c9/dd/65/c9dd65bc-9296-4037-8c51-80b65d6563c9/672.webp
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8628b6b56e13fe7580e34a927e3ff243c6c6342774db4e7e6b48efa7268a7059

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
age
110169
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lyuDUc1YP3IfMA6MWkbHqLUtYgodTZcLxOGSxa%2B9MLI18Qpt8%2Bjx477GwlsDvFyTecoL1i3b%2FAJGIGEKR3kdqjllvI5FIHWxV5PxWkHIlbrqYVe7wbi31HB7Nvfo9OshbDKDNEPk67Ho"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1724&recv=309&lost=0&retrans=0&sent_bytes=1979367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1131&x=1", cfExtPri, cfHdrFlush;dur=63
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/webp
last-modified
Mon, 23 Dec 2024 15:31:53 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
x-cache-status
HIT
cache-control
max-age=15760473
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488047d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
36764
x-dc-id
092
server
cloudflare
akamai-mon-iucid-del
1630114
672.webp
1685fea9.613293428.xyz/image5-us-west.cloudokyo.cloud/image/v1/1c/51/64/1c5164a9-f83e-46a9-829b-e1fbc3d0858a/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/image5-us-west.cloudokyo.cloud/image/v1/1c/51/64/1c5164a9-f83e-46a9-829b-e1fbc3d0858a/672.webp
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9590f472f4ed63294a9584166d3fcd790a45013cdccc291aaa27e9ed81df8d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
age
146342
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SAAxSN5dy56yY2F8eJrK%2FNN3JdWHfwXFf%2BjUTCalr9wCoIJdqJ5hcSVgrbEXtj8Bm6hkcNmX1i6YtzYfSUWqUfpP0M6Ysd0SGYMvE%2Fst9ffcZsVmO%2FizLqPdbUJ5bfT7HLUtIBZH9q8B"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1874&recv=309&lost=0&retrans=0&sent_bytes=2159367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1133&x=1", cfExtPri, cfHdrFlush;dur=61
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/webp
last-modified
Tue, 24 Dec 2024 03:49:23 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
x-cache-status
HIT
cache-control
max-age=15767885
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488057d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
33148
x-dc-id
092
server
cloudflare
akamai-mon-iucid-del
1630114
380.webp
1685fea9.613293428.xyz/image1-us-west.cloudokyo.cloud/image/v1/cd/1c/7c/cd1c7c45-ea0e-4c1d-8ef5-825c94221a30/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/image1-us-west.cloudokyo.cloud/image/v1/cd/1c/7c/cd1c7c45-ea0e-4c1d-8ef5-825c94221a30/380.webp
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8aa1759ed62f4df46854d15c40f67a4d0b938eb2dc00758f0243d44e0228264

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
age
209804
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2C901EyUnXEy9PVV2cpj%2F%2B015WUG2SbRc%2F9bi9Uyg3cw6pq7NWeCZ77m%2BEoPRErNreGPUqadNqU%2F66ltHIwF0VBB15zDo1FQUwxAqkaNRU1hyOt%2F8NANduhAtKz33DOCdsMqRTzKuw%2FB"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1694&recv=309&lost=0&retrans=0&sent_bytes=1943367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1129&x=1", cfExtPri, cfHdrFlush;dur=75
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/webp
last-modified
Wed, 18 Dec 2024 13:38:09 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
x-cache-status
HIT
cache-control
max-age=15349924
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488067d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
22306
x-dc-id
092
server
cloudflare
akamai-mon-iucid-del
1630114
380.webp
1685fea9.613293428.xyz/image5-us-west.cloudokyo.cloud/image/v1/27/1b/e5/271be522-539f-4f08-a1f9-8284c2a71b57/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/image5-us-west.cloudokyo.cloud/image/v1/27/1b/e5/271be522-539f-4f08-a1f9-8284c2a71b57/380.webp
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a9dee6c9a756f7bcccc116603d9a4c9d7561b433e77fe8dc4fcccd8d8456306

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
age
209153
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vysHLh95ySJ0hAV08bZ7urhBo35QKxUihYIO5wodDBGQm0AZVQwHHBAx%2BbyqS9YCTd%2BU41E7pwnXS30djXTvk%2F4jmJF3ZG9cOJLnweQ31dZg3YzHQwuZF2v9tQW%2BrDRpPZEVZrrfQVk%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1684&recv=309&lost=0&retrans=0&sent_bytes=1931367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1127&x=1", cfExtPri, cfHdrFlush;dur=77
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/webp
last-modified
Thu, 19 Dec 2024 15:10:18 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
x-cache-status
HIT
cache-control
max-age=15440522
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488077d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
14468
x-dc-id
092
server
cloudflare
akamai-mon-iucid-del
1630114
id14392072-Untitled_Artwork-gratitude1-600x400.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		152 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14392072-Untitled_Artwork-gratitude1-600x400.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2edf5e2a13706002e8e919d7caed021b25e1bc3aefbe4a6b3bfa4fbae9ae8657

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"67603392-261f4"
age
21913
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JEVUae46kUmz6JXdHhUH5VvFFK3MrnH1tnokJqvXVNVsNODBNZNspu0vwmYJL1chKb%2FTUDswpA9yeEkFLSDSU7u1KDl3FexgHdMmAU%2F67Nv7yjp%2BGs0oeeKeLNmwxD2PTg8iWUSxZpK0"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 11:13:24 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1674&recv=309&lost=0&retrans=0&sent_bytes=1919367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1119&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Mon, 16 Dec 2024 14:05:06 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31523739
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488087d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
156148
server
cloudflare
akamai-mon-iucid-del
1281139
id14397190-aeea6c0873f66d96a58619787c5c60f6-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14397190-aeea6c0873f66d96a58619787c5c60f6-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
899c49d35b96fdce5151fcf82f7a0befe544e8b9d2658866839cce3bf9e63a4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"676af1f5-9514"
age
60223
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cqIVpOrK6rTbDZITbc9HNaxXP4AIxbEZ4wB0OQfu52WvEp8rB0LuhgOVgme1nPqxCipRqcztvKYx0AJvxbf7uRxHFhSfC1UUYty%2FEo4%2B1IS%2FWcVJGbbb8l6gZdt9sY1LgYpdolT83Rs3"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 03:49:23 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2348&recv=309&lost=0&retrans=0&sent_bytes=2725379&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1140&x=1", cfExtPri, cfHdrFlush;dur=64
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Tue, 24 Dec 2024 17:40:05 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31535408
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488097d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
38164
server
cloudflare
akamai-mon-iucid-del
1281139
id14392037-shutterstock_2201837973_Ketogenic_low_carb_low-carbohydrate_carbohydrate_keto_diet-1080x720-1-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14392037-shutterstock_2201837973_Ketogenic_low_carb_low-carbohydrate_carbohydrate_keto_diet-1080x720-1-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e893bf895b9573c8a77537aab0d7d1598f37dfafad133ffb1a0ce9e8082bbd1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"67602d41-e29c"
age
119698
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q2BQH7jOys6YnUfJp9d4WcyvkO2pEguMz2FYhCGradB0VTflvy7bHQz9shceEECVz26FULz59IkJY5KrGI4rJ8TQBfV1i4zK057PpBpv20BF8jRbLx1CsmHJ%2Bp7EulRYKOP4wWFEjL4Q"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 24 Dec 2025 11:27:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1674&recv=309&lost=0&retrans=0&sent_bytes=1919367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1119&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Mon, 16 Dec 2024 13:38:09 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31535979
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba924880a7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
58012
server
cloudflare
akamai-mon-iucid-del
1281139
id14339727-7e173c0cc4c6144df610df77-600x400.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/10/ 		412 KB
413 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/10/id14339727-7e173c0cc4c6144df610df77-600x400.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cd6a3737860b0653498e7c6413dedef0c70ce4e7a817623ecfe4d14d6b14a1d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"66f6a774-66efa"
age
19504
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1xB%2F5lHeyN9AG84KM6w1UOZRrwrtRrvYpE9I9Pe%2B4bLDRngbdPSE5NRX5yOck1SznAUkH9zd2pw9MrN%2FQZE%2BVyl2W0DFcoNx8HFWUEi769F5AuyfeLGqssP5XfuDTogbflnltKonzTu0"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 24 Dec 2025 07:57:23 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1684&recv=309&lost=0&retrans=0&sent_bytes=1931367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1127&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Fri, 27 Sep 2024 12:39:16 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31423169
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba924880b7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
421626
server
cloudflare
akamai-mon-iucid-del
1281139
id14378247-74846ab7b181f08d030de57b-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2021/01/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2021/01/id14378247-74846ab7b181f08d030de57b-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6839ff284a7ab1150b2a6d0a22c308ca23e8ca3df88489232f715e181db7387

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"67446bda-50be"
age
209804
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T7AkYn5JQE6f8PnOWSNsJVymNAs98TF%2Bi6QQAHz8iwFixqcPwMaZ5HlJVVygy3xr6FsAVXV%2Fze7TSCZw985CBma7IkUIuF2dztLtmQLrkJhRclIeTMdfH6iSN%2FOm8Vk6F7L23rLnFsWu"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Mon, 22 Dec 2025 01:43:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1694&recv=309&lost=0&retrans=0&sent_bytes=1943367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1129&x=1", cfExtPri, cfHdrFlush;dur=75
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Mon, 25 Nov 2024 12:21:46 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31418226
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba924880d7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
20670
server
cloudflare
akamai-mon-iucid-del
1281139
id14216639-7674ac60e06da8ed20c47211edf1a9e4-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/04/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/04/id14216639-7674ac60e06da8ed20c47211edf1a9e4-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8130d41604c6e3cb2e7c20b78844f1f370dac59a0744482aef9844caf9bd2c30

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"660bc1e6-5c1a"
age
209804
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mS%2FXq%2BIrGeP9nTqw9%2BqHs9jW5J%2Bnph3llCFHw4sHsQCMWhA0aab05dr%2F7ffkvPXoSDQ1OYYaYXJxVI27%2FUr%2BdDkfLz0yJ2NDV0T2Ru5Zqxwa1pldAV8H%2BycmxDeSTXeYlueYNu7VaCza"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Sun, 21 Dec 2025 03:11:53 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1149&x=1", cfExtPri, cfHdrFlush;dur=55
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Tue, 02 Apr 2024 08:29:26 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31337139
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba924880f7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
23578
server
cloudflare
akamai-mon-iucid-del
1281139
id13742367-Webbanner-Shenyuncreations-1.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2022/05/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2022/05/id13742367-Webbanner-Shenyuncreations-1.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
504f0284aaac7aa2a77927fa81ff61f926b42aee61ef75c918833ee0d0116286

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"62894d20-2c22"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QM9BhiR%2F4wfgI%2B7euvBjVTHEa0ZMq1QOXZJnW7QmrmbQDNYtGzHp9uYHqz5ZABGN8HjgGMzna2GZnEl1PaRUKNisUfMuW7nM%2FHMOuMPMpiE3uQtS%2FRGMxQG2hvzfQh6e1v3mu98funCS"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Tue, 02 Dec 2025 00:24:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1764&recv=309&lost=0&retrans=0&sent_bytes=2027367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1132&x=1", cfExtPri, cfHdrFlush;dur=72
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Sat, 21 May 2022 20:35:44 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=29679950
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488117d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
11298
server
cloudflare
akamai-mon-iucid-del
1281139
id14326700-WebBanner-NTD-Competition-Logo-1.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/08/ 		261 KB
262 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/08/id14326700-WebBanner-NTD-Competition-Logo-1.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76b1158ad07cac4ed5f9940e88dec1d789b21b1c39600cb56d0cf729533c9457

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"66de6dc8-41353"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pHouKITXoKpLlLuJ6BcwOsk0UrZpnkjDN4cbJuLgwn2lZ4dH3dP3%2B%2F9gL8UuhRJjbs6TBl0nFkL58NG0Ya%2Fn6B%2BrfhtEas0DQoU4QXnC%2BGf7dkCF%2F%2FAtpV9PCBUMdMzsVaamLHWBppPT"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Fri, 12 Dec 2025 13:50:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2338&recv=309&lost=0&retrans=0&sent_bytes=2713379&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1139&x=1", cfExtPri, cfHdrFlush;dur=65
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Mon, 09 Sep 2024 03:38:48 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=30592343
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488127d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
267091
server
cloudflare
akamai-mon-iucid-del
1281139
id14396532-1200x800-14-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14396532-1200x800-14-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e08c5592bc9473f878505b62f57eb1fdc41f17c308a114f8519c4e9f49001987

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"6769c481-15956"
age
109240
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4zCBy0IkCA%2FqKUCvZ7xRylLbdIQo8gMhLPOt1avHbTmGqF7xqn0ubtjlSFNGpAFG7ByBaORXtCyV95ttScDDFckTxxG%2F0ZpT2qEWAB18vDtrqC463lIBSOgatCp8qGz3HByA56E4Z7YX"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 24 Dec 2025 12:41:57 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2082&recv=309&lost=0&retrans=0&sent_bytes=2407615&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1136&x=1", cfExtPri, cfHdrFlush;dur=68
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Mon, 23 Dec 2024 20:13:53 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31529979
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488137d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
88406
server
cloudflare
akamai-mon-iucid-del
1281139
id14394453-1200x800-13-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14394453-1200x800-13-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e34314941b5d15bfdd8f2d4253a4b889a4405f660646af030ec1c7085b21205

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"6764891e-14774"
age
209804
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0pOSsOBxZPUetooKCj7hUtk3g6D6Nm49CMLu7U8LEeV%2F9ilwH99q39efwkca6zx6ti68HnSokdgwZv2TCG7vAA2qXgvN2QRUQsaGKjFq%2B%2FZ6k%2BSm6bIuIZCwr8hAA2UWA0c%2FWXA6dTHD"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Sat, 20 Dec 2025 00:09:49 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1155&x=1", cfExtPri, cfHdrFlush;dur=49
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Thu, 19 Dec 2024 20:59:10 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31239815
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488147d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
83828
server
cloudflare
akamai-mon-iucid-del
1281139
id14392312-eb1f58a512e616a893eec710423839b7-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14392312-eb1f58a512e616a893eec710423839b7-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbad76c7dcdc4a3ba7332dbbce23ba5ba291fa549f10f60d0e5bb813037e6bfe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"6760da90-29909"
age
10807
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b7wTXTzKLewDUb9g0XIktwFKIGVqhhiF4dUDHW4FqVJIqzTKQgGbwTNXGhvK3yXHmIBnolrqQFEVPsqUU83nNz9AWnhs58RgMTipa7Tgv6laBpbVuI6yN6AE%2FkJtdpeZLJbk5gqeNhWx"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 17 Dec 2025 07:00:29 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1694&recv=309&lost=0&retrans=0&sent_bytes=1943367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1129&x=1", cfExtPri, cfHdrFlush;dur=75
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Tue, 17 Dec 2024 01:57:36 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=30806258
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488157d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
170249
server
cloudflare
akamai-mon-iucid-del
1281139
id14373691-d72a3a066ded220e026e88d8e10ac424-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2021/01/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2021/01/id14373691-d72a3a066ded220e026e88d8e10ac424-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b258b8b193f3727793885b35c96a1b92afd8bd51f119b2e8eea282b3077a3d5e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"673b934b-64ed"
age
21913
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YAwYOOFHHclMG5pWBIuC%2B%2BFb9QtGWG2icSEfs6A3LITWAqMLy%2B3bqMqltwqnyrreipn7KQ87NpwKy4sH%2FOQahWT0cnqcfr%2BKsAiBtrPxBF4plQlyaOdG5%2B1hSRL%2FyVNjsLtB8fCrEV5v"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Sat, 20 Dec 2025 07:43:27 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1694&recv=309&lost=0&retrans=0&sent_bytes=1943367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1129&x=1", cfExtPri, cfHdrFlush;dur=75
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Mon, 18 Nov 2024 19:19:39 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31079142
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488187d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
25837
server
cloudflare
akamai-mon-iucid-del
1281139
id14390713-c71f4e50447215079451a8bfc0cb58ad-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14390713-c71f4e50447215079451a8bfc0cb58ad-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
123d788f866dbd040733ad6a4eb1b60db5e62b271d3e4ea0b69faa3e9621ccb2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"675c6ad2-258e6"
age
90080
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=trlyl4D%2F312SVePXI9xc7g1j1bdEnomjH9maIUT7RPyLwDN0MywHGZ1ZfXNbf2vOkTvvdulhlIGDQ1mbTUqqEyILItZmfCYj6i580MAAIXaNmAnQhZS2huo8D44jxvxY1uym%2BM6khog8"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Sun, 14 Dec 2025 02:38:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1714&recv=309&lost=0&retrans=0&sent_bytes=1967367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1131&x=1", cfExtPri, cfHdrFlush;dur=73
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Fri, 13 Dec 2024 17:11:46 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=30610630
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba924881a7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
153830
server
cloudflare
akamai-mon-iucid-del
1281139
id13795872-GettyImages-949856274-600x400.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2022/08/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2022/08/id13795872-GettyImages-949856274-600x400.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d8f4d7d0afdb322949e8345ce7c129cf42221e667e6b26c160fc9921d859c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"676b213b-8de4"
age
75822
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FvEhnW6nQQrJszAkojOfYAEZNTU4ptTzE%2BJBVyvfp1Yn9JgyRuROZTjV7dWUXTYJ5fyaHsuXYBxpSafse6O3mjwJFd0rXmvaijOQE7mjgWgORK34iDbYj9wW%2FzIkI6El2pCd844PDAnC"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 24 Dec 2025 23:02:42 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1724&recv=309&lost=0&retrans=0&sent_bytes=1979367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1131&x=1", cfExtPri, cfHdrFlush;dur=73
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Tue, 24 Dec 2024 21:01:47 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31533806
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba924881c7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
36324
server
cloudflare
akamai-mon-iucid-del
1281139
id13461855-191226214702100707-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2021/12/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2021/12/id13461855-191226214702100707-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2e89237022f9727c109e78a489809c229382e850807c2165f7b737b3de4d331

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"61c95799-4632"
age
75822
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xR9nghtd7guQnomgIET6%2BP005f%2FVe5DzZetl2XG5qniOf4wxQg1xclYl6%2FTz6PX2it9IrGOILP3RgcCCBmVtSsr5x8rPsIyaXSvwo6uIyeKvwAnLcDQ3ORE%2B%2FvM6AqP2kfIVXyCpB3qM"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 24 Dec 2025 10:30:19 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1152&x=1", cfExtPri, cfHdrFlush;dur=52
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Mon, 27 Dec 2021 06:05:13 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31488663
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba924881d7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
17970
server
cloudflare
akamai-mon-iucid-del
1281139
id13739441-GettyImages-1132745205-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2022/05/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2022/05/id13739441-GettyImages-1132745205-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08d1a70b61efb0c2e5f8317f9e9d1f8572e9c859c19668983e3bda11229ba9ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"676a1962-c734"
age
140173
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zfIxwTEJE51ZA0jwQnajRHU1PX5SZjU6aXsoaUlkuo3tMzBWM5OF7zdDz1IfiMWwKF03tsAXZBwYE%2Bq3ghrsBu1n7jWRMhKrsI93vK0dzdwuDPMfqxLqvSl%2BVTHwTj7u8g4ShjHnyIQ3"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 24 Dec 2025 03:09:12 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1754&recv=309&lost=0&retrans=0&sent_bytes=2015367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1132&x=1", cfExtPri, cfHdrFlush;dur=72
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Tue, 24 Dec 2024 02:16:02 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31526547
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba924881f7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
50996
server
cloudflare
akamai-mon-iucid-del
1281139
id14390620-annuity-businessman-annuities-shutterstock_516929227-700x420-1-600x400.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14390620-annuity-businessman-annuities-shutterstock_516929227-700x420-1-600x400.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
509b3b71459139f848a05cbbaba5868a6d21ae1a19ec7444ad0a0cdf0bf5ce44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"675c4001-1f6f2"
age
20706
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ctR5Nj5HKjrxQbRC54yfo9TSzSb%2BymxYkGmkbGXsprcPEaFu169ZFcN%2FSVLoAX5H0cmjTtiQwVI3bcA%2BGUz1TyzziHLId4U2bBCyjU%2B0rppSpj1RhW3BaHKEJrUlQNx%2BHiqUgU5twqX"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 14:43:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2092&recv=309&lost=0&retrans=0&sent_bytes=2419615&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1136&x=1", cfExtPri, cfHdrFlush;dur=68
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Fri, 13 Dec 2024 14:09:05 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31535118
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488217d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
128754
server
cloudflare
akamai-mon-iucid-del
1281139
id14397573-shutterstock_17930563-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14397573-shutterstock_17930563-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91c311884073b88c4493994882faa1bd2dec9377ffc3fc755d4d3938bae569f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"676bc664-b3e8"
age
31773
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2mJKA8UZ5DK9Yv67GUuUWMCNmKS%2FCP%2BcBrBVp6RtKD138ExLTCPilicQeT0Yr9WSplQQ0xDvAuN4x8IUMCJ%2FfBsaIYMG%2BwFKRpGwCAw90g5VFiTtR1UbWiTDt%2BpqL1EcddFbvUiUciOJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 09:23:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1704&recv=309&lost=0&retrans=0&sent_bytes=1955367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1130&x=1", cfExtPri, cfHdrFlush;dur=74
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Wed, 25 Dec 2024 08:46:28 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31526995
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488227d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
46056
server
cloudflare
akamai-mon-iucid-del
1281139
id14396262-2412230004321848-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14396262-2412230004321848-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e7c649262c2116836dd1a4faf423685eba0aeb9c8e4c559484ba11b1c626b78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"6769457a-16517"
age
43533
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lqCfq6FkgijF46luzlV6Atf99%2BS8ZcK50urB2%2BlmBWx%2FS9ho4%2B84VmVSzhg7Q6sHcvBi7ftAaKdaIWpVoAfXTGztR0bLduoSUf43vYbFTND6LWXK9EuDLY0VGK5g223tp%2BxxF52wd9Co"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 08:37:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1684&recv=309&lost=0&retrans=0&sent_bytes=1931367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1127&x=1", cfExtPri, cfHdrFlush;dur=77
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Mon, 23 Dec 2024 11:11:54 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31535983
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488247d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
91415
server
cloudflare
akamai-mon-iucid-del
1281139
id14395745-Annie-Grace-Means-bride-surprises-dad-by-wearing-late-mothers-wedding-dress-maclinphotoandfilm-10KO-1080x720-1-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14395745-Annie-Grace-Means-bride-surprises-dad-by-wearing-late-mothers-wedding-dress-maclinphotoandfilm-10KO-1080x720-1-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b401abfd54359325fc9bf7555211e7850763999883c8309de7e158c6f1345d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"67681ebf-2e50"
age
10807
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=noE6iQLy2PPB6P7vXJfTorEKBus75Bmkk%2F7FCsj%2BlD%2BBgUBw3n292rJe3CI3VVEOR%2FTocUw1Ztwrak3QxF2HGYWADeP4wKABjP%2B6KHmZtbO6zso9D%2FhEeUtoxJfrwd2bW7I8EwVYnMwr"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 17:30:33 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1694&recv=309&lost=0&retrans=0&sent_bytes=1943367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1129&x=1", cfExtPri, cfHdrFlush;dur=75
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Sun, 22 Dec 2024 14:14:23 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31535262
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488267d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
11856
server
cloudflare
akamai-mon-iucid-del
1281139
id14397498-Jordan-Garner-man-surprises-grandma-on-late-grandpas-birthday-Rpoch-Times-1080x720-1-320x200.webp
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14397498-Jordan-Garner-man-surprises-grandma-on-late-grandpas-birthday-Rpoch-Times-1080x720-1-320x200.webp
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74c77abcad4b26c53df85b12de4061625e38ec9b571a105fc15d5c7b7cb277ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"676ba8cc-244e"
age
10807
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sdsi8JLe20Zdov0uusb8T99qk8nASPZRyC3oq2bdXaXVk2N%2BSvNyXmKbJrYjDr8QdALfut14Otab%2FctP%2FLzdCFIDLegOOFNk0J7gQ9PFbTkLhy8lIaejiXQoCoVIv2be6oIN%2F%2FmZAg7d"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2030&recv=309&lost=0&retrans=0&sent_bytes=2346156&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1135&x=1", cfExtPri, cfHdrFlush;dur=69
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/webp
last-modified
Wed, 25 Dec 2024 06:40:12 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31531787
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488287d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
9294
server
cloudflare
akamai-mon-iucid-del
1281139
id14261148-GettyImages-1403826780-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/05/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/05/id14261148-GettyImages-1403826780-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5711c186d6281e8a9cb527687b3366e421ceba491d9f4becafe9e4ca3016ddf1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"6659278e-a75d"
age
60223
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2eGhvGcQDWBFFil7ObDbhJjxYCZB76ERZ3qF%2BO4uOybUp5vV7FDzI6Y6Lzg%2Bg4nlNYkTgXWpEuPjIp%2Fob1q5hpYJ4aZX8WM2f4K%2FilYDeJoZTKcHwubrWl6MsO7C7etHW75wJSsmqUR5"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Mon, 22 Dec 2025 12:06:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1704&recv=309&lost=0&retrans=0&sent_bytes=1955367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1130&x=1", cfExtPri, cfHdrFlush;dur=74
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Fri, 31 May 2024 01:27:42 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31306046
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba924882a7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
42845
server
cloudflare
akamai-mon-iucid-del
1281139
id14397197-shutterstock_2294599669-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14397197-shutterstock_2294599669-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a38be64c0d87b0dffc4ee7996a37e966e18b0448d2199424a9c2fe252de357e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"676affd5-115cd"
age
67337
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pE7lIKXt4eaaiV6vzw3qZu%2BgdQR7s975beOmPmn%2BzpCNn4pR91y%2Fchmyucq7FwuMpaVodBTG0T4CpUVHGxf4ZSKGKqFjVXm3HztWgnfDyadI5xrDKVEAsI8ZeJgkeQTFdO9ERRHpfI4O"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 00:34:33 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2092&recv=309&lost=0&retrans=0&sent_bytes=2419615&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1136&x=1", cfExtPri, cfHdrFlush;dur=68
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Tue, 24 Dec 2024 18:39:17 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31530832
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba924882c7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
71117
server
cloudflare
akamai-mon-iucid-del
1281139
id14395434-entree-simple-20241216-1080x720-1-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14395434-entree-simple-20241216-1080x720-1-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0def10c6a102ad537aa429d8d2022fde28aab5788774554dcc9eee722bcd94a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"6766c9ee-cdef"
age
21914
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ExsQYj%2BGGug193SyKO4vRxcwRUDxEwAjINtmJauvR0ePG7r4ygueT2RuPu9Ip9WTASkkjPavCoxxGP15eIWFrAN9VFOrBhyrl8OlIsQ8S19lm3%2Fpq3F5nMGbIQvfOKSWuwbCIWiHRlHL"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 12:08:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2252&recv=309&lost=0&retrans=0&sent_bytes=2610433&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1137&x=1", cfExtPri, cfHdrFlush;dur=67
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Sat, 21 Dec 2024 14:00:14 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31527036
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba924882f7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
52719
server
cloudflare
akamai-mon-iucid-del
1281139
id14397668-72ef2c7c3d303edc4009a6f5-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14397668-72ef2c7c3d303edc4009a6f5-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97357143ba5f4b253396104a155533b583bc95c2ebc80ef5a718c1e5ab34a779

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"676bf5e3-e42b"
age
21913
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fkOPaDSWeeD9bTW6051HLNM1zI0LIr0RMuX7Z8byeX0AquDIrHKVPJnbOHhrnaHVxNMJIMzR2I69wzS7Vx8LQ%2BDBMSPrN2Wf57tqtM7ZG7u6WUjzmoou0yTBCIDjMG%2BKpUkeWhqxi3bh"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 12:12:14 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2348&recv=309&lost=0&retrans=0&sent_bytes=2725379&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1140&x=1", cfExtPri, cfHdrFlush;dur=64
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Wed, 25 Dec 2024 12:09:07 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31527269
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488317d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
58411
server
cloudflare
akamai-mon-iucid-del
1281139
id14394953-QUICKFIX-MCT-1080x720-1-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14394953-QUICKFIX-MCT-1080x720-1-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a6360323b68421e203c13899c97a31d03390818bdbf487daca2603e24a023c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"6765763c-e093"
age
121893
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JnZhlEQPn9IsemiDLp3%2F5IBAH7mEQ835f6aRY36PRNQNcBFOpEbTHM5BLaKqgJlN%2F%2BxndSutjPS4F1Z3fSYu%2FN8lO6chLznapVZ27lj%2B%2B0oryn6K%2BvnGn7vkRyPntlpQJD5CcjygEzOk"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 24 Dec 2025 07:16:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1148&x=1", cfExtPri, cfHdrFlush;dur=56
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Fri, 20 Dec 2024 13:50:52 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31523123
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488357d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
57491
server
cloudflare
akamai-mon-iucid-del
1281139
id14396276-c4fb807f5680feb3f0b21da6-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14396276-c4fb807f5680feb3f0b21da6-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77a865894727f3a8ca1d21c08d5c19d682e2730f73a7e724df9db26270ebd78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"67694890-f58e"
age
191227
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EJBAg1ENYnGby5kPI9DQvaGsdox%2Box33zk%2FBqdE7hsTPrqbelfDIgckgLwNDVk27O6D4hcq0gBOKMB4HOVr77oJEU3bEzOH7q2uHzfJHr9hXIvzwrxxsYrWoz%2BrWBbuN1yK%2Fe9cVYUup"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Tue, 23 Dec 2025 14:41:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1884&recv=309&lost=0&retrans=0&sent_bytes=2171367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1133&x=1", cfExtPri, cfHdrFlush;dur=71
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Mon, 23 Dec 2024 11:25:04 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31532756
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488377d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
62862
server
cloudflare
akamai-mon-iucid-del
1281139
id14396835-GettyImages-2191250944-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14396835-GettyImages-2191250944-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
756101b5140b4741b48b19ce5b2cd31d3d5e5adc379d062acae25a2a79f8de98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"676a5e1c-9e18"
age
71964
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0MyobcvcuDm%2FIDG2Tf8E4aBqEdayT7thF64nwoxh2kna8Ibbt8o%2BKVXghgsBNQ587MWn8yChgYlPXgGSMtqToBWGF%2BqEemr%2BmRbruaueLX3tzXt42jtnIEecIHsX%2Fg%2BM26oMN57aYPlk"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 24 Dec 2025 10:03:52 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2338&recv=309&lost=0&retrans=0&sent_bytes=2713379&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1139&x=1", cfExtPri, cfHdrFlush;dur=65
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Tue, 24 Dec 2024 07:09:16 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31483218
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba924883a7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
40472
server
cloudflare
akamai-mon-iucid-del
1281139
id14395835-GettyImages-2191091979-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14395835-GettyImages-2191091979-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62bf26b111aa8c02fbd7e72009004a5c15836e85ea8c975be255054cafca5c54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"67689ce0-91b6"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y6HkehXKDBJ%2BNVsM8oJCrdpmcRPPILj%2B8N%2BqIocI5xT5zXe9ReQGD2LzL0sDIQ4OUgH9W7OutPW0GE0GhLsJVBj5MT2dBxR3V4lB4CAhLg70B%2FjzliaL5O2nfkJzb7mR1OqUGUMaiHH5"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Mon, 22 Dec 2025 23:17:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1964&recv=309&lost=0&retrans=0&sent_bytes=2267367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1134&x=1", cfExtPri, cfHdrFlush;dur=70
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Sun, 22 Dec 2024 23:12:32 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31490319
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba924883d7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
37302
server
cloudflare
akamai-mon-iucid-del
1281139
id14395561-GettyImages-2190884852-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14395561-GettyImages-2190884852-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a5e02f922c79e1ef596301a3835bb5ba75eb3803be51bd8ccd201be64ac0b4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"67677216-9c8f"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KotKn7DNZOlktlGqEHXl5JsHEwCBoUw9OdM4w3SeDrMZQLYjiH4dOSqw9RKisJbjAkzhGmNfHHIvCcqpKaaCNg9kBNskDYU17ZkQ9l0KVl9QWolw15xag5EaqO0xgNUrLkVlpTbKvigs"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Mon, 22 Dec 2025 02:06:09 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=1884&recv=309&lost=0&retrans=0&sent_bytes=2171367&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1133&x=1", cfExtPri, cfHdrFlush;dur=71
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Sun, 22 Dec 2024 01:57:42 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31414064
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488407d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
40079
server
cloudflare
akamai-mon-iucid-del
1281139
id14395527-GettyImages-2190164961-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14395527-GettyImages-2190164961-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5897a877fec7c3b3ccc9eb2a2cdf5d015e8faa2f2b5a1f5116bcd40c7dd72c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"67674acd-856e"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YlsOcBFnRLTUwDBZYMaIAZy9ZwyeqcT4AXB87x1iQkI1Dm3tldUWcyHbWO8yv5WjU9CVIRVqSc6zUPrYjO1rG0mL6ldKx8Cew67BC5eT%2BYR2491FQQ7bP%2BOgspqs09dtO0vlSg%2BaKADY"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Sun, 21 Dec 2025 23:13:21 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2350&recv=309&lost=0&retrans=0&sent_bytes=2727717&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1140&x=1", cfExtPri, cfHdrFlush;dur=64
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Sat, 21 Dec 2024 23:10:05 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31403696
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488437d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
34158
server
cloudflare
akamai-mon-iucid-del
1281139
facebook_white.png
1685fea9.613293428.xyz/assets/themes/djy/images/front-page/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/assets/themes/djy/images/front-page/facebook_white.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19352d23eb90d0c6b446b21446bfdeb6dc7c06b754d17f505fcf6f8df4cb1a65
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cf-cache-status
HIT
etag
"66157dca-53f"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c1lqjKENcRKNX%2Fpb7REMpni6CnfhJjLP4jHhc9E0L6ree9cG3NRVhuZ1UcaJkLnVWl8nxpyLe%2BjJV1lJaExX%2Be5HfuuxUwRkr4DaiIYeBy2Qn9byHIdc%2Bi3MGLeFcAvh6TFlmoUIaZWF"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1144&x=1", cfExtPri, cfHdrFlush;dur=60
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Tue, 09 Apr 2024 17:41:30 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba92488467d71-LAX
accept-ranges
bytes
content-length
1343
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
youtube_red.png
1685fea9.613293428.xyz/assets/themes/djy/images/front-page/ 		923 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/assets/themes/djy/images/front-page/youtube_red.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b681d802bfbf3ded05bf66fc061893e8bf1b129f278b09a47d0d718121ba3318
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cf-cache-status
HIT
etag
"66157dca-39b"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=utegbqE2fEILsRAs9ACo%2F96EbSGlVpMKx2XLf3hWn3rHDLsyHE%2F1PH37Ua9R5%2Bx5%2BymLog%2FLt0rJRzLuhVbx%2F92rm6Yay6rn3Dc96AteFxDmNnpNZS803DZSZTX8zIzDKGj7DtgJxvC3"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2236&recv=309&lost=0&retrans=0&sent_bytes=2591466&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1137&x=1", cfExtPri, cfHdrFlush;dur=67
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Tue, 09 Apr 2024 17:41:30 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba924884b7d71-LAX
accept-ranges
bytes
content-length
923
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
twitter_white.png
1685fea9.613293428.xyz/assets/themes/djy/images/front-page/ 		511 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/assets/themes/djy/images/front-page/twitter_white.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1636ebb2d83d45e93371597e5f38e2d6c1578cfe92a09e4e7d209202e42159ec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cf-cache-status
HIT
etag
"66157dca-1ff"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xDKSSmf6lBPOY0%2BETzCQmjaXZZQAMXr%2BULbpK%2FvwBZr7Jvmx40lqNBjIy81j4fmHzpUtbyhDs4%2FCifW7VN7WUfGwaU7rtgOYld4IgKtx8OiB00%2FD5x7otA%2BKyLXI21WXQao%2F6c%2FvSqeu"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1180&x=1", cfExtPri, cfHdrFlush;dur=24
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Tue, 09 Apr 2024 17:41:30 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba924884d7d71-LAX
accept-ranges
bytes
content-length
511
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
id14393157-179455-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14393157-179455-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a1d04c390cbe559886fda1300e30bfbe80e90d970c721f1066a26949c9cef85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"67624413-e057"
age
21914
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sVymlXFrOIsmShUwSa1bpBGUQLmWEe5P%2FwitqiHzwEyS9US%2FTcRy2CSQV84MtaahA%2Bqb4XyXHZkQx4w9%2ByQ9GytsKWaNLb9zbvLrpWx0hAXhyhh1jzmQWn%2FwLgdxWgx0zkaMFRRUXdSv"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Thu, 25 Dec 2025 13:09:17 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1146&x=1", cfExtPri, cfHdrFlush;dur=58
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Wed, 18 Dec 2024 03:40:03 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31530693
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488507d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
57431
server
cloudflare
akamai-mon-iucid-del
1281139
id14196484-iStock_000021699741_Medium-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/03/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/03/id14196484-iStock_000021699741_Medium-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae6b7bc67ffccb3a47938ba8c83fee56ac05cb6a503cd13fea8f55146e154eee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"65e91313-6539"
age
38439
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C6HyUorol7zKVCv6VMvUfZXyW%2BMfR89MzVSlmKszevwKP%2F8mowguXyaag3X3V1UucxdNupjFCZhPw2yl8M48UjbLOccnlPJJ52TFJIWAnEj%2FppU9BpfarAuYrylFxW%2BrhCRQ4ejm0OeZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 24 Dec 2025 04:24:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2348&recv=309&lost=0&retrans=0&sent_bytes=2725379&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1140&x=1", cfExtPri, cfHdrFlush;dur=64
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Thu, 07 Mar 2024 01:06:27 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31429308
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488527d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
25913
server
cloudflare
akamai-mon-iucid-del
1281139
id14393653-0c0bb343aff090f5f8fe3234aae58bab-320x200.jpeg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14393653-0c0bb343aff090f5f8fe3234aae58bab-320x200.jpeg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8220926b8e44c44eaeaf2d630bba9c371c761b6a4a8394990b6e647004c239d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"6762fa02-ca05"
age
90079
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PIDhzSIP9GPhfoXMILgaIvn2VYtyc04risnFZgkmDmhsWrpzaafg7%2BTDqOKfzY7pYPF823y%2Fg%2BHLQykYuCEwSrrLuqXEhS9K181R0%2Bb%2FbAFwppJYqqB4%2B9yfEUoKovLwviuLcDrYjsy9"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Mon, 22 Dec 2025 22:34:13 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1143&x=1", cfExtPri, cfHdrFlush;dur=61
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Wed, 18 Dec 2024 16:36:18 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31373555
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488547d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
51717
server
cloudflare
akamai-mon-iucid-del
1281139
id14370775-Gavin-Newsom-16-Oil_JF_09252024-1080x720-1-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/11/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/11/id14370775-Gavin-Newsom-16-Oil_JF_09252024-1080x720-1-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ced1ff805da634c6372e00963a35174beafc5a13f5fd247cffbfe4059470784c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"67354edb-120af"
age
20706
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gzr5uPZcH5vmNtvN%2BZ9gAxE1O6gL1Q%2FoWYbRPx7nViPVcGZCNanObRt3NYu5RnOf%2FH8Lby1L%2Bl8hle0aWH%2B%2BJTSJpd3ZpgNncHsz52S2%2FTykA%2FB97PZPF95gY9JMq3oWpAW%2BuFA19bA6"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 24 Dec 2025 20:04:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1141&x=1", cfExtPri, cfHdrFlush;dur=63
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Thu, 14 Nov 2024 01:14:03 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31468004
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488577d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
73903
server
cloudflare
akamai-mon-iucid-del
1281139
id14395204-179539-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14395204-179539-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88bdb32dd562441610e15c614247ff0f02a7893800111c6dab4b2daafa37c2f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"676631ec-ab81"
age
208513
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ffI%2FWPcM1BbjsGVq%2FoAaKscVL76ly5WMF1zRXyOTShEjHUeBne01ix39QzvTnT6UucLDKgW0KAiF%2BAAbpRQihdj6yQsXKtG7%2BTAxb%2BZH3QA9UL0LDn66F19IXGrSinu%2BnA%2BFvKgh1vO7"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Sun, 21 Dec 2025 08:02:24 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1153&x=1", cfExtPri, cfHdrFlush;dur=51
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Sat, 21 Dec 2024 03:11:40 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31353279
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488597d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
43905
server
cloudflare
akamai-mon-iucid-del
1281139
id14205481-GettyImages-2067933100-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/03/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/03/id14205481-GettyImages-2067933100-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40927187bb5df950f343e95175b9de4d0d809a47c4839ec00d6aa7809fa78bf4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"65f871dd-6663"
age
209804
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YtQh15%2Bh6VNlq9ELC8QphVEYLtFRx4vTe4DxOcmT6hWtBzeS8Oap9GPnsYCnoi1Svi803%2FZjX2Y%2BiU06LZGo5Y4obqNu%2F7OPZbyiDsTdDkpeq7a%2Fj9q%2FzcsqYEf207Kx3l8Z2fKUib%2Bp"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Tue, 23 Dec 2025 06:22:42 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1153&x=1", cfExtPri, cfHdrFlush;dur=51
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Mon, 18 Mar 2024 16:54:53 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31521388
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba924886a7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
26211
server
cloudflare
akamai-mon-iucid-del
1281139
id14329406-GettyImages-2169753510_light-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/09/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/09/id14329406-GettyImages-2169753510_light-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e5ee9714b46c47a67be0329b8ccd2fcc3709493d5e22e8a055d1be6c7d9998

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"66e34740-11a90"
age
65274
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lcg2aJ9qFDvAvKVS%2B8KIqSTktsu06EPsfmCi2RcD%2BB0yIHAvOGjMHO%2BwoCi2gg0tHz2uw7KZQVa%2BsBZHpPQHFTSfRcSSHS7cCp%2FGTxsA5nRbBw5zMyzrJfwgBsRcfyrwIQx7x%2BBesCj2"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Wed, 24 Dec 2025 20:09:05 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1143&x=1", cfExtPri, cfHdrFlush;dur=61
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Thu, 12 Sep 2024 19:55:44 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31512841
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba924886f7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
72336
server
cloudflare
akamai-mon-iucid-del
1281139
id14200433-GettyImages-2064221462-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/03/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/03/id14200433-GettyImages-2064221462-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3450d414ec609448350e04833904f49f66bbec1e900c0fedc9e523ed2ab8e03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"65efeca4-50cc"
age
197907
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HX5UNf3Y1n4irDjzZloVjmg2oLbDAezJZzRnyKwxSKznIhOwX3QwGBKgstDeaQ71Dv9oTtYjbqqiFlW4VALGnIbnBWBZ%2B6g9sy36XvhsrMuKauCr6y435GGp55GYNH%2F57ElsnhJhSVLF"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Tue, 16 Dec 2025 14:34:05 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1165&x=1", cfExtPri, cfHdrFlush;dur=39
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Tue, 12 Mar 2024 05:48:20 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=30934174
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488737d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
20684
server
cloudflare
akamai-mon-iucid-del
1281139
id14330245-shutterstock_2041701011-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/09/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/09/id14330245-shutterstock_2041701011-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45191192e9de32c57f03bf30f18c11b1859af9d81e1dff0f62a10e94f0baf6a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"66e5271b-a0af"
age
149380
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KfIFC%2Bwo75sEF7vtHXwwv9zjgw7fhG4TxoXsWJWxaQdw4mPBn9h66O2pxwt0XdxP%2FqQ%2FknGmHBoTNSdalKxxbZMSsVyS4lrts0vZooJtuYgEDc9eIyAJe2TGddv26iBWlz92zeDIpYKw"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Mon, 22 Dec 2025 10:10:33 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2348&recv=309&lost=0&retrans=0&sent_bytes=2725379&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1140&x=1", cfExtPri, cfHdrFlush;dur=64
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Sat, 14 Sep 2024 06:03:07 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31388235
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488757d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
41135
server
cloudflare
akamai-mon-iucid-del
1281139
id13967758-GettyImages-963188142-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2023/04/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2023/04/id13967758-GettyImages-963188142-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed8316329a64a90470c0168b8c63c2b2512f5c19d42358ef33bd3a7aba17334

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"643084a5-87ed"
age
154079
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tpe2XivnKpek8SGhVBeqXQDzH1HBBKEYZl177uolvekrbQn%2FxzuN11nz8MVm9jzqZelTtpa12luprk1TD4qHPrgAEGr%2BV9vY7IoJ4Z3TpA0PAE17Y4agk1qb4SM4nd%2FYh%2FyLLRi0Cw4U"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Tue, 23 Dec 2025 23:33:12 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1143&x=1", cfExtPri, cfHdrFlush;dur=61
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Fri, 07 Apr 2023 21:01:25 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31527493
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488777d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
34797
server
cloudflare
akamai-mon-iucid-del
1281139
id14395195-241220211636100311-320x200.jpg
1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/ 		159 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/i.epochtimes.com/assets/uploads/2024/12/id14395195-241220211636100311-320x200.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae37ca1d944949e98d27b4e7701c15ce719d12fbd32ca30734c69a0f45ced0d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

access-control-max-age
86400
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cf-cache-status
HIT
etag
"67662aaa-27b10"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gR8uajqd%2FR7agX3h7%2FKNQxh184hF1RyhoX04Q3O3beLSO9Elu5zvcxeSSXydGQHJyyMQoWQNiMqDsnSzQgEzUq42xuTDgwiK9stGwZy%2F2mtNNpWJWRz1dvpYZu%2FL4JcgUO8C3H3CMjYM"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
expires
Sun, 21 Dec 2025 02:47:43 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1156&x=1", cfExtPri, cfHdrFlush;dur=48
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Sat, 21 Dec 2024 02:40:42 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
origin,range,hdntl,hdnts
cache-control
max-age=31330158
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f7ba92488787d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
162576
server
cloudflare
akamai-mon-iucid-del
1281139
djy_logo2.png
1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/images/djy_logo2.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bff7a0f12d5fb9ac16d2ad056c08506c49ae1d4b9db962e26eaf12d7b71fe38c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cf-cache-status
HIT
etag
"66157dce-2410"
age
209807
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s9Ltpk%2FfmgpvqoQdm4aO59H4M9INWjjbhY5rsnyo36URY%2FLQMjkTRCqfh8dbdKwwFf5PcQnFQsW3SWWmuasi2C4AzEt6EC6gheLeSgAsioQAVSkD06%2B%2FS9YhkhgF9Vd8izBDBHid8jIa"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1141&x=1", cfExtPri, cfHdrFlush;dur=63
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Tue, 09 Apr 2024 17:41:34 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba924c8797d71-LAX
accept-ranges
bytes
content-length
9232
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
jquery-all.min.js
1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/ 		98 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/jquery-all.min.js?ver=20200218
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efb0462d2a72eb4d74358f13f328e6a95c750d3cde6dfd002c591ef78c9a24d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"66157dc9-187b0"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DpW11qR9Xa6MSwXWRF%2FZ%2FLtk3eR1cv3PgPpntP4%2BWZkPCJ1fA5IP0rFAwlAgo4HCMxzmJcPNoF%2FL7LRQkbhe34SKPVNkVNQSGJ9HKecZeqpx%2Fl0a%2BDAXXwN2WcppgfEoszldou%2Bug9gB"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=66035&min_rtt=61399&rtt_var=5013&sent=94&recv=58&lost=0&retrans=0&sent_bytes=81106&recv_bytes=11365&delivery_rate=210372&cwnd=43200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=679&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
application/javascript
last-modified
Tue, 09 Apr 2024 17:41:29 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=63072000
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba921dd937d71-LAX
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
bottom.min.js
1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/bottom.min.js?ver=202401126
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7acb20043e9cf11cbba992fb35061cc7a080f37a7364ad8f1c051bad9325b45
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"6745fd33-80ce"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l8B9V6xyEQVLRfDUQfnVJ1EbpPNBS3E7La%2B62mxSIsccGK7hu8T7MTf9097G88qXuSY19S9445BWAV2FjwH%2B1rFRKZPZf2A9jCmbWE68Hi5EdyohEZWxv9PpB%2Bf9S0QZ7wb6%2FD8pZ1pv"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=66035&min_rtt=61399&rtt_var=5013&sent=130&recv=58&lost=0&retrans=0&sent_bytes=119833&recv_bytes=11365&delivery_rate=210372&cwnd=43200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=689&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 16:54:11 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=63072000
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba921eda17d71-LAX
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
jquery.bxslider.min.js
1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/jquery.bxslider/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/jquery.bxslider/jquery.bxslider.min.js?ver=20150811
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a778d4a3a9d11b8827225c5f290b3906828f8a01cbe3c05477014292c3513f1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"66157dc9-4b81"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2BOfX3rezmpWruVOynTRko7HIrAQ2Jw0eS8HMBztUFDYeoaGlkL%2FRuoVAiDb82otPOUNZnxExgURywgHuMHBuDHs3n%2B%2B8GeehUpvlTXrxIqX63zwgIC9JAjvKXsmGmMJfiD0CeW3L%2FsX"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=66035&min_rtt=61399&rtt_var=5013&sent=134&recv=58&lost=0&retrans=0&sent_bytes=124306&recv_bytes=11365&delivery_rate=210372&cwnd=43200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=698&x=1", cfExtPri, cfHdrFlush;dur=44
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
application/javascript
last-modified
Tue, 09 Apr 2024 17:41:29 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=63072000
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba921fdaa7d71-LAX
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
front.min.js
1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/ads/www/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/ads/www/front.min.js?ver=20240617
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6993a9c586f01e7a810a322aab7053ef1bf9f51b1f8a29c4f573375fd66c01d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"6751d413-1aec"
age
204273
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gfI75rUU%2BS42bCf1M54rrIHyDEMWiPy%2Bm1q8ePnAyOvavjLWhfqVLTnq4UflkmGxJBC3nOFK86LIX8xAVm37x6kSlxMM53WnvLHg8AwP78iuTMXgbfcr4kDikm%2BdzLyQMK87uBepkhUf"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=66035&min_rtt=61399&rtt_var=5013&sent=134&recv=58&lost=0&retrans=0&sent_bytes=124306&recv_bytes=11365&delivery_rate=210372&cwnd=43200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=697&x=1", cfExtPri, cfHdrFlush;dur=45
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
application/javascript
last-modified
Thu, 05 Dec 2024 16:25:55 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=63072000
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba921fdac7d71-LAX
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
018e5888-3113-7bbd-ad24-8a36ff0c5755.json
1685fea9.613293428.xyz/cdn.cookielaw.org/consent/018e5888-3113-7bbd-ad24-8a36ff0c5755/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/cdn.cookielaw.org/consent/018e5888-3113-7bbd-ad24-8a36ff0c5755/018e5888-3113-7bbd-ad24-8a36ff0c5755.json
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b05828316cefe50955f2500d784ec5eac1f806336cf3bd2099bc12f89a7772b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-md5
ser/GDVF1li+vTdKLV7N+Q==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCD697B469D438
age
26952
x-ms-lease-status
unlocked
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CENwW8xc6xfEXcF0QSk0xOWQMXpB%2B6yCet%2Foz0RvQqbvcyIz%2FHFPTAg6aGp0HkGD%2FhtDixC0wsmrOfYW71WmdgbOrWnYYQ1ZuxkLWQ8sQtl1A9M9AT%2FvFmS96%2F5eMyy9RBNLTLYd6T1A"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Thu, 26 Dec 2024 20:42:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=64798&min_rtt=61399&rtt_var=1112&sent=87&recv=45&lost=0&retrans=0&sent_bytes=77866&recv_bytes=9317&delivery_rate=390425&cwnd=43200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=611&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
application/json
last-modified
Mon, 16 Sep 2024 21:37:03 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
42210c99-b01e-00d9-2733-3135a6000000
cf-ray
8f7ba9216d2a7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
gtm.js
www.googletagmanager.com/ 		219 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WHM2XS
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.207.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6615029ae57399fe012f43ea63f0d23569fecdd347bc841171b04e3b704c7431
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 25 Dec 2024 20:42:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 20:42:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 25 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
80028
x-xss-protection
0
server
Google Tag Manager
triangle-down.png
1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/images/front-page/ 		213 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/images/front-page/triangle-down.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/css/front-page.css?ver=20241115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebbe9787979aae29b009b84ee5fa645ae8931985f27187f205dd32852568c75e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/css/front-page.css?ver=20241115

Response headers

cf-cache-status
HIT
etag
"66157dce-d5"
age
204272
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2B7qgYbmRBOiGCd4wOzaGrF5l2M6Hj1MGNIxYBGtEd3I9qcdWO42hcoouwvDoEEMMUnTv9KWfoT0Ck3Q%2BrCLCOWsvMWp%2BH0RrwHjfiWb9jkSZFd0uZPtFU4moiTK%2B0mXJObKP8tlKNDw"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67494&min_rtt=61399&rtt_var=5202&sent=350&recv=94&lost=0&retrans=0&sent_bytes=372781&recv_bytes=21345&delivery_rate=911533&cwnd=165600&unsent_bytes=0&cid=aec745da2a26ef0f&ts=858&x=1", cfExtPri, cfHdrFlush;dur=18
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Tue, 09 Apr 2024 17:41:34 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba922fe907d71-LAX
accept-ranges
bytes
content-length
213
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
djy_icons.png
1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/images/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/images/djy_icons.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/css/front-page.css?ver=20241115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65afe802898a31c28fe92e014c335174d8fd64205f83a6d3258bacc5c9bed2e4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/css/front-page.css?ver=20241115

Response headers

cf-cache-status
HIT
etag
"66157dce-dad8"
age
209781
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HMMWRfw7LY9hFB6XgaCXjbTYPgarq7EndzQ9o34n48eWJVDLhwn0drd6AAP8Fdc0P4%2BbcGMRYJM2rXMvGG%2Fp%2BzDBKpqLvfosbfVVQILaDuIbVvl%2FSRRowtLuoHqCUI1wouVZjzxdWdsL"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67494&min_rtt=61399&rtt_var=5202&sent=350&recv=94&lost=0&retrans=0&sent_bytes=372781&recv_bytes=21345&delivery_rate=911533&cwnd=165600&unsent_bytes=0&cid=aec745da2a26ef0f&ts=858&x=1", cfExtPri, cfHdrFlush;dur=18
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Tue, 09 Apr 2024 17:41:34 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba922fe8e7d71-LAX
accept-ranges
bytes
content-length
56024
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
newsletter_ad.jpg
1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/images/newsletter_ad.jpg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/css/front-page.css?ver=20241115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
943f9933a9b9f9dab358a3def2b5262fbabe7d4d559004a705aa17ba2f1462ed
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/css/front-page.css?ver=20241115

Response headers

cf-cache-status
HIT
etag
"673b9ca4-4a7b"
age
204272
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ajYy9zp1Uw1U5P%2FdW7eRsvNfmp4WTRYzlw6dbaVIizHl5b3me%2BFbay25KxmIe%2B4PeX2T%2BeUwKdPHQ0EZ84wyf8Of3xxOrHS85lWTUhbSIWW9oi6nZfiC1UggLNrE%2FEcJ78N%2Fqw%2Fbuz%2Bm"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1142&x=1", cfExtPri, cfHdrFlush;dur=62
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/jpeg
last-modified
Mon, 18 Nov 2024 19:59:32 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba924c87a7d71-LAX
accept-ranges
bytes
content-length
19067
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
icon_audio.png
1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/images/ 		506 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/images/icon_audio.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/css/front-page.css?ver=20241115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5cacbb7a388da3df5373cfb2706556b946399a111334e85c428780677be7fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/css/front-page.css?ver=20241115

Response headers

cf-cache-status
HIT
etag
"66157dce-1fa"
age
204272
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bTHiEXBEm7LppBauFcui%2FT7ndGAbYglGnAF6LUPqdyLg9mosNvZUveoDa5RJaUfzzJgJBVwulj7KPlp8MedQIyHjTXGXKrS9wfQw3wT73wxu0LOC0g73kzROG%2BswHa%2BYYH8CQUFSOpM4"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1142&x=1", cfExtPri, cfHdrFlush;dur=62
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Tue, 09 Apr 2024 17:41:34 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba924c87d7d71-LAX
accept-ranges
bytes
content-length
506
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.66.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
gzip
age
2169
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 25 Dec 2024 22:06:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 20:06:50 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
location
1685fea9.613293428.xyz/geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		71 B
767 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
Referer
https://1685fea9.613293428.xyz/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vjKGLlWfAt%2FWd3oGAOVis%2BWv4TgA386JQ5LM5VKjlv27%2Buh2qbFyb3p0TOdV6%2FPJSFjW6SNePJD0OYYekC%2BAR02GDQFKv7u0%2Bj1KgK%2FTmCoNnys1VPFn8si5zkTzGLWjlplGtMQ3qP0n"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
cf-ray
8f7ba9231ea57d71-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=64269&min_rtt=61399&rtt_var=2956&sent=492&recv=102&lost=0&retrans=0&sent_bytes=536502&recv_bytes=21705&delivery_rate=1771514&cwnd=235200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=889&x=1", cfExtPri, cfHdrFlush;dur=19
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
access-control-allow-headers
Content-Type
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		103 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/ads/www/front.min.js?ver=20240617
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
d059f50f2636040db7a39de4f47f30295f8b73e3dac3c0358b5b5d8fdffcf13f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
br
etag
394 / 20082 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options
nosniff
expires
Wed, 25 Dec 2024 20:42:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33460
x-xss-protection
0
server
cafe
prebid.js
1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/ads/ 		289 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/ads/prebid.js
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/ads/www/front.min.js?ver=20240617
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af3e37f67d7375710d73f889dc57c6e3ec4f55216b08c0b1316ff2cba13cbaa9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"66744242-483a5"
age
32198
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TPObjzXBUgSNm2dpfcT%2FCqbl4%2BhPmh6Sk3VWMH%2BvVUbeM88jnvTFBDh3fPwjIwcrE0fn8%2B0pA23VbVJjhYB9iB3x%2B7suFGR3ozEb1eBmUmSLAc2OYw5Ohb5%2FB%2BxpD7a%2Fpm%2FnCnBzk%2FDs"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1154&x=1", cfExtPri, cfHdrFlush;dur=50
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
application/javascript
last-modified
Thu, 20 Jun 2024 14:52:50 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=63072000
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba924c87f7d71-LAX
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
bx_loader.gif
1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/jquery.bxslider/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/jquery.bxslider/images/bx_loader.gif
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/jquery.bxslider/jquery.bxslider.css?ver=20150811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f63c3fb57fcaad778efe5c4f77a3f3714aedeea55dc830b0840bacac35f2395
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/jquery.bxslider/jquery.bxslider.css?ver=20150811

Response headers

cf-cache-status
HIT
etag
"66157dc9-15ee"
age
204232
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b9IcZxK%2F3fgSu9a64TxmI%2B5tS%2FeA98RhVgQ1IgV5%2F2Q38%2FRhL38Y3kWlZM74TKJj%2BC60rUC7X0tBQiGByYbg%2FFoa6Q2QZIRxRP4aLcSFxcj2MvJOdjYN1UrI8ZVLuan%2FV0V3ymgKFSzx"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=62548&min_rtt=61330&rtt_var=189&sent=1530&recv=165&lost=0&retrans=0&sent_bytes=1755329&recv_bytes=25715&delivery_rate=7111087&cwnd=762000&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1007&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/gif
last-modified
Tue, 09 Apr 2024 17:41:29 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba923cf5b7d71-LAX
accept-ranges
bytes
content-length
5614
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
arrow-buttons.png
1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/jquery.bxslider/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/jquery.bxslider/images/arrow-buttons.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/jquery.bxslider/jquery.bxslider.css?ver=20150811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
859561a660d3c6604cf1aa015f16d783d23f7fe1cebad17cb34665e6aa96b16a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/jquery.bxslider/jquery.bxslider.css?ver=20150811

Response headers

cf-cache-status
HIT
etag
"66157dce-499"
age
204232
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4tEhPiVq%2FrchHsArxxWigbyqH1uWrcxnxMoHuI0ManMzk0bvECWEwBzUPRn8FMUjMMntpQr9DG6QwR%2FRE5sCODp2rZpbxdmt%2B%2BSZigvBcl3TDNV70RJSZE%2FDUBwD%2BZ11JhJMJKy%2FSGFo"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=63493&min_rtt=61399&rtt_var=2045&sent=1101&recv=138&lost=0&retrans=0&sent_bytes=1247606&recv_bytes=24495&delivery_rate=4052247&cwnd=573600&unsent_bytes=0&cid=aec745da2a26ef0f&ts=994&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
image/png
last-modified
Tue, 09 Apr 2024 17:41:34 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba923df6d7d71-LAX
accept-ranges
bytes
content-length
1177
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
geo
1685fea9.613293428.xyz/pwe.epochbase.com/ 		153 B
788 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/pwe.epochbase.com/geo?ip=
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/jquery-all.min.js?ver=20200218
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3abe3596f53664f64498d34666c43dc73aaad527626a8bfac2efbb499eed26b3

Request headers

Referer
https://1685fea9.613293428.xyz/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KcBmLjdSviHPAVupDRahCGj0LI1rZ1AxDCQxgObbmM17MoUSon5KCFkDUgwCfUlBiTsMBdROELcq6CY5fKlfS32RfGSssbwuV6mHXZ5hh9Sj7eXmYkivPS9NLUkWLU1vRQ7dt8310Qf3"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba923df727d71-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=76625&min_rtt=61231&rtt_var=1394&sent=2486&recv=392&lost=39&retrans=27&sent_bytes=2886567&recv_bytes=60525&delivery_rate=7971358&cwnd=819840&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1215&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
cloudflare
priority
u=1,i
otBannerSdk.js
1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/202408.1.0/ 		454 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23c51d9d92d79bb234b4ef5e3dd5b9b4a3f9b99a37fa9531cee3e5681742bfc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-md5
cSmNeMyDkvSieWRwSFHuAQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCD1496E561314
age
28211
x-ms-lease-status
unlocked
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cVjm3H5lhIc1gTbPGpfg8c1PHV%2BB7ChjcM1uiaW4kmhWnlwtlni292aBeni1JF8f0MXvGgEZ7BrHbyjCeDUVoL%2FkwNgtpR0o1h2fcDvs7Adeqe2qenhxfFx8KllljOEpWvg%2BOrOiRiXq"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-ms-version
2009-09-19
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=87733&min_rtt=61231&rtt_var=11859&sent=2383&recv=309&lost=0&retrans=0&sent_bytes=2766538&recv_bytes=55850&delivery_rate=8368816&cwnd=847200&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1165&x=1", cfExtPri, cfHdrFlush;dur=39
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 03:34:09 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
x-ms-request-id
6f17847a-601e-0058-1e5d-3297f1000000
cf-ray
8f7ba924c8807d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-64JWG501SB&gtm=45je4cc1v9115041777za204&_p=1735159378110&_gaz=1&gcs=G111&gcd=13t3t3t3t5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=764885032.1735159379&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1735159378&sct=1&seg=0&dl=https%3A%2F%2F1685fea9.613293428.xyz%2F&dt=%E5%A4%A7%E7%B4%80%E5%85%83%20%7C%20%E5%A4%A7%E7%B4%80%E5%85%83%E6%96%B0%E8%81%9E%E7%B6%B2&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1291
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/www.googletagmanager.com/gtag/js?id=G-64JWG501SB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://1685fea9.613293428.xyz
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
text/plain
server
Golfe2
collect
1685fea9.613293428.xyz/stats.g.doubleclick.net/g/ 		0
781 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/stats.g.doubleclick.net/g/collect?v=2&tid=G-64JWG501SB&cid=764885032.1735159379&gtm=45je4cc1v9115041777za204&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/www.googletagmanager.com/gtag/js?id=G-64JWG501SB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cf-cache-status
DYNAMIC
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=89699&min_rtt=61231&rtt_var=9695&sent=3670&recv=478&lost=227&retrans=227&sent_bytes=4277341&recv_bytes=65636&delivery_rate=5437270&cwnd=823440&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1319&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
text/plain
vary
Accept-Encoding
priority
u=4,i
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
cf-ray
8f7ba92528c87d71-LAX
access-control-allow-origin
https://1685fea9.613293428.xyz
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
server
cloudflare
rul
1685fea9.613293428.xyz/td.doubleclick.net/td/ga/ Frame 8B4F 		13 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/td.doubleclick.net/td/ga/rul?tid=G-64JWG501SB&gacid=764885032.1735159379&gtm=45je4cc1v9115041777za204&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=475577556
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/www.googletagmanager.com/gtag/js?id=G-64JWG501SB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1685fea9.613293428.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f7ba92639937d71-LAX
content-encoding
zstd
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Dec 2024 20:42:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7zA7tZ%2FsHD%2F79LJe6%2FMKAg9z8guLZ5VFvCP%2FGUUw9Jev%2FqecmggHFlt6%2BJP97ExiLWLtQgLB%2Bp08zzZR4OXoArj7dDsQi6wjVXEJIPxsmTBz%2FfaGylVITqFc7NXlF7Y3NxT%2BKYk%2F8bBJ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=63941&min_rtt=61231&rtt_var=2715&sent=4452&recv=552&lost=305&retrans=305&sent_bytes=5189112&recv_bytes=70315&delivery_rate=10854864&cwnd=823440&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1404&x=1" cfExtPri cfHdrFlush;dur=0
timing-allow-origin
*
vary
accept-encoding
x-content-type-options
nosniff
x-xss-protection
0
LA.html
1685fea9.613293428.xyz/assets/uploads/local_news/b5/ 		957 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/assets/uploads/local_news/b5/LA.html
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/www.epochtimes.com/assets/themes/djy/js/jquery-all.min.js?ver=20200218
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c9ca7b1c9e80aa5371d6eb451310e6ddf7bc3f7d3b3df37af0837ee300783c7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1685fea9.613293428.xyz/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*

Response headers

content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DJi4XRIfmDpU522iHE0gV8jMdFabD70G5u2N9OVmzSSJQmi47CM7B0KzxYKVQZ9J52fI9NkiVYZB47ZAGMfqwqEJmUvLH9VuNbtF%2FI7vs3XNpUI1Z4sCk5FrQa7GePuUtdjdRYsbLL5O"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=64292&min_rtt=61231&rtt_var=2686&sent=4442&recv=551&lost=305&retrans=305&sent_bytes=5177291&recv_bytes=70269&delivery_rate=10367709&cwnd=823440&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1395&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:58 GMT
content-type
text/html
last-modified
Wed, 25 Dec 2024 20:30:01 GMT
vary
Accept-Encoding, User-Agent
priority
u=1,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=120
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f7ba925d9527d71-LAX
x-device
desktop
x-xss-protection
1; mode=block
server
cloudflare
zh-hant.json
1685fea9.613293428.xyz/cdn.cookielaw.org/consent/018e5888-3113-7bbd-ad24-8a36ff0c5755/018eee3f-b418-7c24-9b25-aa2c55aa880c/ 		119 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/cdn.cookielaw.org/consent/018e5888-3113-7bbd-ad24-8a36ff0c5755/018eee3f-b418-7c24-9b25-aa2c55aa880c/zh-hant.json
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0798e9eee46ef685af975c8fe3490352ffb0b78f4f44a69b68357ac3637804b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-md5
pdQWrVxDqIut7JZ4dBtMPQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCD697B505183C
age
74295
x-ms-lease-status
unlocked
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GCzExtVlp6hBWeG18CF2b3eAVioe8Z7ZBfGUQ3UChPUVn0uzM21LBZKHnpaJRLexLhRul7r91GZtOfdriIRqp8D7xi9m9sJyzjOSu46DMnAk8yVo01ueZyyHgkgDwWkgK6Sbf7n8l0GW"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Thu, 26 Dec 2024 20:42:59 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=63347&min_rtt=61231&rtt_var=1723&sent=5114&recv=622&lost=393&retrans=393&sent_bytes=5958452&recv_bytes=73940&delivery_rate=11440364&cwnd=584808&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1472&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:59 GMT
content-type
application/json
last-modified
Mon, 16 Sep 2024 21:37:04 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
27537462-a01e-00ab-6288-434498000000
cf-ray
8f7ba926b9ff7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
otGPP.js
1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/202408.1.0/ 		81 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/202408.1.0/otGPP.js
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e65ae4eb7a99f69fd8024f2bc9bc14e1424004fd73a7cc500be9e4e632deec0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-md5
zMjDHhMNQgqbyypFtxjSzA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
21517
x-ms-version
2009-09-19
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yqbORG3r1jnEyLN%2F%2FnH5tm9L%2FO99V9j%2Ft7SVjoes5enfJD0uilTvs%2FgiCGZ86AfPYEs1N%2FcRoNwUCwwXXqfkulWFAF8weihgr%2FGgmym90DMSKNA4O%2FNbDBo%2F8gSI%2BT1FrfbjYyDkmJfN"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
content-encoding
zstd
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=66761&min_rtt=61231&rtt_var=599&sent=5772&recv=748&lost=393&retrans=393&sent_bytes=6705705&recv_bytes=80275&delivery_rate=12870314&cwnd=835440&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1610&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:59 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 03:34:13 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
x-ms-request-id
ec381248-001e-00e2-08cc-3f77f8000000
cf-ray
8f7ba927aabd7d71-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/ 		492 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
br
etag
5395541545685299795
age
55244
x-content-type-options
nosniff
expires
Thu, 25 Dec 2025 05:22:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 25 Dec 2024 05:22:15 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
156760
x-xss-protection
0
server
cafe
ppub_config
securepubads.g.doubleclick.net/pagead/ 		70 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=1685fea9.613293428.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
f532daa1a9b13307d5c76f78256dfa5353966f86f7e8753ef604ca40eef44a09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 25 Dec 2024 20:42:59 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
56
date
Wed, 25 Dec 2024 20:42:59 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 		63 KB
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
83693
x-content-type-options
nosniff
expires
Wed, 25 Dec 2024 21:28:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 24 Dec 2024 21:28:06 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
otFloatingRounded.json
1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/202408.1.0/assets/ 		10 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/202408.1.0/assets/otFloatingRounded.json
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d2090369d3920c8aecc51bdf38bff510090270c50449311385f7684e925caa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-md5
kEuGN0hcFq98Nrfrwhzy0A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCD1496ABB9A67
age
10837
x-ms-lease-status
unlocked
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3cTolppH84XsRrOg18SnGDB6SxkEOLlDvH9vwRq0jRkBND1N%2Bj2xn8Y9lNgYpiZa9ATR96AC9iOdN8RiJBanHaOjU85ZVYxl6luC6333kVRTvc5MpaxsdvmJ8wE6fKJOuY0OOSTYaMNW"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-ms-version
2009-09-19
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=64192&min_rtt=61231&rtt_var=2398&sent=5791&recv=756&lost=393&retrans=393&sent_bytes=6725507&recv_bytes=81742&delivery_rate=316&cwnd=835440&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1777&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:59 GMT
content-type
application/json
last-modified
Tue, 10 Sep 2024 03:34:03 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
x-ms-request-id
7bf86738-701e-00a9-180c-304662000000
cf-ray
8f7ba928bbc27d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
otPcPanel.json
1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/202408.1.0/assets/v2/ 		64 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/202408.1.0/assets/v2/otPcPanel.json
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f81a622d5550eb9220a609e964745dca5fa20a4b36594863a916a46af58eeb4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-md5
kep4AqhiDHffA3Ey0Qhw6w==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCD1496C2A7EBE
age
38788
x-ms-lease-status
unlocked
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bw6EHeSc%2BvHsm8Cru9kkYx%2BlJUZCFoHrmApajoXyptGvNcTE9%2BnPNdu2bwy5A9q5RI2jPItvB%2FFp7kxvTqZbGBwTa7cOiH27qFhTAOrDlMNJcD6K4G0RNggeIgJhMHMSk5YhdnHkcSpw"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-ms-version
2009-09-19
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=64192&min_rtt=61231&rtt_var=2398&sent=5796&recv=756&lost=393&retrans=393&sent_bytes=6729242&recv_bytes=81742&delivery_rate=316&cwnd=835440&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1784&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:59 GMT
content-type
application/json
last-modified
Tue, 10 Sep 2024 03:34:05 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
x-ms-request-id
e5ddc7c3-901e-0002-3c5a-419170000000
cf-ray
8f7ba928bbc37d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/202408.1.0/assets/ 		24 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/202408.1.0/assets/otCommonStyles.css
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-md5
HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
18136
x-ms-version
2009-09-19
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xb0xE7i8GAn%2FfvozEqgAYfSoG5PaY9TZqrSDLOZ66tR6yFNzNHb9mnklrOK0%2Fs1ycwxkDU53GQVNbGCod1AK7l5M59fwOW4yQRlBMhTG4WW0mWdtqUW3L1ZYFjZslV01ihPiELaBGjBf"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
content-encoding
zstd
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=64192&min_rtt=61231&rtt_var=2398&sent=5809&recv=756&lost=393&retrans=393&sent_bytes=6743891&recv_bytes=81742&delivery_rate=316&cwnd=835440&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1788&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:59 GMT
content-type
text/css
last-modified
Tue, 10 Sep 2024 03:34:14 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
x-ms-request-id
dcd5e90f-101e-0090-4891-4706c6000000
cf-ray
8f7ba928bbc47d71-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
collect
www.google-analytics.com/j/ 		15 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1661000276&t=pageview&_s=1&dl=https%3A%2F%2F1685fea9.613293428.xyz%2F&ul=en-us&de=UTF-8&dt=%E5%A4%A7%E7%B4%80%E5%85%83%20%7C%20%E5%A4%A7%E7%B4%80%E5%85%83%E6%96%B0%E8%81%9E%E7%B6%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=200399359&gjid=801081742&cid=764885032.1735159379&tid=UA-10465455-10&_gid=492405227.1735159379&_r=1&_slc=1&z=2037569845
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.66.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
fa07fa4a281568f00fd102174881cc939ff711cc72c5a65ba42e355e20953753
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://1685fea9.613293428.xyz/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 20:42:59 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://1685fea9.613293428.xyz
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
3442.js
websitevisitorleads.com/px/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websitevisitorleads.com/px/3442.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHM2XS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9b6fe1f80ca2c797843de5e157819ca64f667077a6ce2549a7d72672f964d138

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"d7f5a2a7f7bcda1:0"
age
3432
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E8ZflWSIY60yBIjq43FqxWHl%2FdkZjcY0LvhfxyvtwgVcI5S%2FtPARVxKezWrLymnDVt%2FkWpYB8z%2FxYZU2wOKRYFR%2By6DGkdWyRgPVCzkKXYcSysRKZxTfcIvvliPCvA1F3c69iZ4tL6cF1A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=61500&min_rtt=61499&rtt_var=23065&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4193&recv_bytes=4292&delivery_rate=51059&cwnd=12000&unsent_bytes=0&cid=8a08239c539dcd50&ts=142&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:59 GMT
content-type
application/x-javascript
last-modified
Wed, 12 Jun 2024 18:38:01 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f7ba92a6ed22ae4-LAX
accept-ranges
bytes
content-length
924
x-powered-by
ASP.NET
server
cloudflare
hotjar-5078219.js
static.hotjar.com/c/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-5078219.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHM2XS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-49.iad55.r.cloudfront.net
Software
/
Resource Hash
68aa2469d475337def0133e940703c211b29affafcba17404163a7de8554c215
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
br
etag
W/bfe82e7fb108086853ff9cacdb45ca65
age
44
x-content-type-options
nosniff
x-cache-hit
1
x-cache
Hit from cloudfront
x-amz-cf-id
XzYAI21_k5Uq4Z-6NEeSRH4yCnikvPVV8J8jov_Tfpq_9Lj_jdf1YA==
date
Wed, 25 Dec 2024 20:42:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
via
1.1 8bf94e29f889f8d0076c4502ae008b58.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD55-P1
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
cfc9b8391b94a12772d63700e9d136f6e4d1afe7b2085cd2396cb599c6c2b476

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
private, max-age=604800
content-encoding
gzip
etag
"5m1wg4vqhy/XaUZ33uMgAw=="
expires
Wed, 01 Jan 2025 20:42:59 GMT
accept-ranges
bytes
date
Wed, 25 Dec 2024 20:42:59 GMT
content-type
application/javascript
vary
Accept-Encoding
beacon.js
sb.scorecardresearch.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.37.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-37-16.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f6004a6c9021e04ec32ca88df8f9a5785e53da23511f1bf0d56defc1b9759f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

vary
accept-encoding
cache-control
max-age=86400
content-encoding
gzip
etag
W/"c22322b3d030360971584a98c60b6e0b"
age
20237
via
1.1 c09e1ee371c0b677b7724c2a52462928.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
3yv4KXcam8nTQx-BBkxjU43wbUa_friV-BJtCxLyc1sc_ppq_4CFeg==
date
Wed, 25 Dec 2024 15:05:43 GMT
content-type
text/javascript
last-modified
Mon, 16 Dec 2024 11:22:14 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P4
x-amz-server-side-encryption
AES256
dmp.js
dmp-c.socoms.net/dmp/js/ 		0
0
ot_guard_logo.svg
1685fea9.613293428.xyz/cdn.cookielaw.org/logos/static/ 		497 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-md5
tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
20581
x-ms-version
2009-09-19
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oUSbU8hHqOIffoaXQCvSED9sMFvV6hMFRLqSKB%2BUFVs7qi8coxotgCKLWzDOzIdqnzCZt4ASEfXarg1xKUlJ74U%2FGfD3cEVd1V7WGnJI0TiuAqZaUCOHD3erv7wmynD2meEshuux0vtY"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
content-encoding
zstd
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=64277&min_rtt=61231&rtt_var=1726&sent=5819&recv=762&lost=393&retrans=393&sent_bytes=6749772&recv_bytes=83325&delivery_rate=264733&cwnd=835440&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1890&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:59 GMT
content-type
image/svg+xml
last-modified
Mon, 16 Dec 2024 15:17:14 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
x-ms-request-id
4bdb1791-801e-00f8-6be1-4f5897000000
cf-ray
8f7ba9297c987d71-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
DJY-Web-Logo-new.png
1685fea9.613293428.xyz/cdn.cookielaw.org/logos/b47a4d8a-645c-4d8d-8da1-73d781dd8fd7/018e5e81-2fda-7594-aecd-1735df19900a/ac1d1c24-f131-463a-af8a-4d97c865a9ca/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/cdn.cookielaw.org/logos/b47a4d8a-645c-4d8d-8da1-73d781dd8fd7/018e5e81-2fda-7594-aecd-1735df19900a/ac1d1c24-f131-463a-af8a-4d97c865a9ca/DJY-Web-Logo-new.png
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ec709a9c70d7ee9e0a06cebe1288aa688cd52476344c49145a343ac34a952b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-md5
rYh+TJUaFZcSn1n2m00jWA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-cache-status
HIT
etag
0x8DC49424787F13B
age
19342
x-ms-version
2009-09-19
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NnHtFkHH%2FJP4blYDUlh0k%2FOL8zmMiY4UZLyFllUQBDGGCC%2FeQjuBUPxwNzRM8eW7hMpJS0j7C77hg1wF1CqGPQSzVV1YYzTWrDOpcCa9f0l4IVMrvkWhypbwiMkwViyoD40eCs6aY%2FuO"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=64277&min_rtt=61231&rtt_var=1726&sent=5824&recv=762&lost=393&retrans=393&sent_bytes=6754384&recv_bytes=83325&delivery_rate=264733&cwnd=835440&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1901&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:59 GMT
content-type
image/png
last-modified
Thu, 21 Mar 2024 01:00:19 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
x-ms-request-id
be6838e4-a01e-00c6-2834-3beeb6000000
cf-ray
8f7ba9297c9e7d71-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
7945
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
1685fea9.613293428.xyz/cdn.cookielaw.org/logos/static/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1685fea9.613293428.xyz/cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-md5
Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
38850
x-ms-version
2009-09-19
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MmqPBs4p8KvrMPf%2F1Ngv2JnbReZqE22ndrph1XomiG%2FgQeDIGVWIGI55A5dvip3miHZ62wxF%2BgY3bpcZSao4WY782aBgW0loGnkvWYHsV%2BhMrLN1NE7ESvbRXB0y0Me7%2FaMrkdru2l8P"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
content-encoding
zstd
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=64277&min_rtt=61231&rtt_var=1726&sent=5821&recv=762&lost=393&retrans=393&sent_bytes=6751170&recv_bytes=83325&delivery_rate=264733&cwnd=835440&unsent_bytes=0&cid=aec745da2a26ef0f&ts=1898&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:42:59 GMT
content-type
image/svg+xml
last-modified
Mon, 16 Dec 2024 15:17:15 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
x-ms-request-id
d85d13eb-c01e-005e-3595-556089000000
cf-ray
8f7ba9297ca27d71-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 8BAA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1685fea9.613293428.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1349
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29117
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Dec 2024 20:20:31 GMT
expires
Wed, 25 Dec 2024 21:10:31 GMT
last-modified
Mon, 09 Dec 2024 20:44:42 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		63 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1181231655909751&correlator=893023341378248&eid=95349329&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&gpp=DBABBg~BVoIAAKA.QA&gpp_sid=8&iu_parts=5965368%2CDJYwww_newfront_A1_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1735159379609&lmt=1735159379&adxs=436&adys=180&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F1685fea9.613293428.xyz%2F&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1735159377970&idt=1579&cust_params=site%3D1685fea9.613293428.xyz%252C613293428.xyz&adks=1494162673&frm=20&eoidce=1&td=1&tan=74b827c3-7178-4016-b543-d8d677ea66e1&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
1ba93872e78136f3c503484024ef34e8c5eece00aa5ae4db0e41350351a5ee24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
dcb
google-lineitem-id
6870490248
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 25 Dec 2024 20:42:59 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138502312118
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://1685fea9.613293428.xyz
content-length
6686
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1181231655909751&correlator=893023341378248&eid=95349329&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&gpp=DBABBg~BVoIAAKA.QA&gpp_sid=8&iu_parts=5965368%2CDJYwww_frontpage_wallpaper&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1735159379623&lmt=1735159379&adxs=0&adys=8609&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F1685fea9.613293428.xyz%2F&vis=1&psz=1600x9281&msz=1x-1&fws=128&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1735159377970&idt=1579&cust_params=site%3D1685fea9.613293428.xyz%252C613293428.xyz&adks=118317135&frm=20&eoidce=1&td=1&tan=74b827c3-7178-4016-b543-d8d677ea66e2&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
60940b1db49206113cb550da1db30b71e81e7b23e6f43c175121e8625f7c9c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
dcb
google-lineitem-id
6795177294
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 25 Dec 2024 20:42:59 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138492806560
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://1685fea9.613293428.xyz
content-length
3646
x-xss-protection
0
server
cafe
container.html
c310d0e41dcfcc48387420bb9e39936c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FFDC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c310d0e41dcfcc48387420bb9e39936c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.144.132 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1685fea9.613293428.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Dec 2024 20:43:00 GMT
expires
Wed, 25 Dec 2024 20:43:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		381 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QZQNK0Z14Z&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.207.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
07c4b7ea7b5395ada51de736e22d450f0b5741688532f4f5ba32cc3601689adb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 25 Dec 2024 20:42:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 20:42:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
128617
x-xss-protection
0
server
Google Tag Manager
ge.js
s3-us-west-2.amazonaws.com/jsstore/a/ZRKH4W9/ 		94 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/jsstore/a/ZRKH4W9/ge.js
Requested by
Host: websitevisitorleads.com
URL: https://websitevisitorleads.com/px/3442.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.92.212.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
ff57b5d31ee39857dc0dce899691ade51eae8ea454bb30050fe92ef2a58d7c32

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

x-amz-id-2
0x1wKK6WWJ7ZfDER1zeD8qDROEKoecnJoW98pKaWxOItH1Xp7fCgepk45rFKYW117fl2zIVMiZ4=
Cache-Control
max-age=2592000
ETag
"0d6d45be9eb29726a2bfbd64e4523875"
x-amz-request-id
CRFC42EX474797F9
Expires
Tue, 21 Jan 2025 15:22:52 GMT
Accept-Ranges
bytes
Content-Length
96709
Date
Wed, 25 Dec 2024 20:43:01 GMT
Last-Modified
Sun, 22 Dec 2024 15:22:54 GMT
Content-Type
application/javascript
Server
AmazonS3
x-amz-server-side-encryption
AES256
6bI19djvk2-65998ff5-a.js
data.processwebsitedata.com/cscripts/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.processwebsitedata.com/cscripts/6bI19djvk2-65998ff5-a.js
Requested by
Host: websitevisitorleads.com
URL: https://websitevisitorleads.com/px/3442.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
79aa27446548d6649a345d3a5f00d4d63c20b34c803e49ca242a06670ab8c7a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
max-age=600
etag
"3e1aaa8d2f57da1:0"
age
419
x-timer
S1735159380.997982,VS0,VE0
via
1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache
MISS, HIT, HIT
content-length
12407
date
Wed, 25 Dec 2024 20:42:59 GMT
last-modified
Sun, 04 Feb 2024 06:01:11 GMT
content-type
application/javascript
server
Microsoft-IIS/10.0
x-cache-hits
0, 494209, 2
x-served-by
cache-chi-klot8100156-CHI, cache-chi-klot8100094-CHI, cache-hhr-khhr2060032-HHR
view
securepubads.g.doubleclick.net/pcs/ Frame 31F3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssx9Dd2fiGw5K3ZZ7bRJaBPKETqgbrGbNr-D4IyVKg0IbLIs7Kx8KHKzQ1MmNB66StL6VQTpXnKT7gDAuY6pRVhtzqli4fZ7gVLkZZxaV-hPvrqoOuN98Kn6cXW4S0btTWRf3KcvMF6K6L6THRFPXIxUAO-xX21p4hdcF-A4eKUhiDLgWLKbtwWeQ7VUHNFYxrWW0y8ks0K7mpqqUPHMeba9Yy8hIJ83sJ2T5ASz7jVhqEbyqjC5n8EPY8ofRFvrhddKMR1S1wiQp_-NNjuNDI9uJDKssfxw74Mjpanf6sq2PXYbiur9-74TSN5rU7N_6A8VCtapybpBC_bb0oYBAnzokpkEWa6xYLPErjuM0D8XmllAxp_EF3JUQ1BGh2B3R_1klJDxtl0DxXbVMUl5PyuaLMNyqHHHmGZWEnAz5-eCe3rEjwo2v07eg5z&sai=AMfl-YRNwOEkcMwOwOgfIYTIa22oYMl0FSDkgvrOa1z2z6SuogTkF23ozqUKPJfxM2nMDX3Mg6aoFeEQuU1RGRBb_x56ngEciayloxKQE2pzF_mS_Swupx581EKrpsvrJ1jc-Bx3oRLH92OOzE17Db2Pmw&sig=Cg0ArKJSzM1pm0fqvlObEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 25 Dec 2024 20:43:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Wed, 25 Dec 2024 20:43:00 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241212/r20110914/ Frame 31F3 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241212/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.66.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f132.1e100.net
Software
cafe /
Resource Hash
b39fdaabfe63faca7d21b1ee38c593bb29663d70de9938eca8dd6159f405fe9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
br
etag
12104404153384301539
age
11680
x-content-type-options
nosniff
expires
Wed, 08 Jan 2025 17:28:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 25 Dec 2024 17:28:20 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9049
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241212/r20110914/client/ Frame 31F3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241212/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.66.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f132.1e100.net
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
br
etag
6567774568227038691
age
15456
x-content-type-options
nosniff
expires
Wed, 08 Jan 2025 16:25:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 25 Dec 2024 16:25:24 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 31F3 		218 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
br
etag
15965780714114583650
age
152
x-content-type-options
nosniff
expires
Wed, 25 Dec 2024 21:40:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 25 Dec 2024 20:40:28 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
3429895030046322065
tpc.googlesyndication.com/simgad/ Frame 31F3 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3429895030046322065
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.66.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f132.1e100.net
Software
sffe /
Resource Hash
323c648abef1b766ffe639811c2a09e5ed774338e7cc5c24fca836a58a19b44c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

age
10807
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Thu, 25 Dec 2025 17:42:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Wed, 25 Dec 2024 17:42:53 GMT
last-modified
Sat, 21 Dec 2024 16:18:39 GMT
content-type
image/gif
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
112293
x-xss-protection
0
server
sffe
truncated
/ Frame 31F3 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3007d1febad7bd1da3caffbd441661b014d8e1b997207d1be4fe0ece6ff8c869

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame BF8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstApbhnOk1U83bj9zd3Hga3UVNOJJRkm3O0kAOdehQXi6YFHLqisNi3tUVbeSYPNnlpv-Vi8B6CQIXwsLWSlzDaUbeCfGm7HS8ZNZq0JCoE4nF3z3ymPCzFtukRwPT_gmL69m4V4Uf-ZSZ5XbA0JdAbqIF13QT_dhgEzM_VP8dMmsZzjfu7rSlMs9MGBdzAvCq6pftlak_AUdawAtvDr1a1CAQkkCrdG8NnaHRvLPiJHZlJBZ3Bw9GAYpKz1xhjFD7hIU2dtKZEKBqU7O55ZJ5sX6hk_9cJ2o-8ST-XBPaZltI4gyU2YgLfYFpVqCloTRcvo2s_Zh6WhUBMZx__PVQ15Rn_12NmbRIjv4DuVsb0DoWWwvh874YJHLtzHvJTDGlV9OJ0CF5a8JJx3fH82kIATcMqHq0_OmuKwYDNA4_Arlw&sai=AMfl-YR1Y1tsJTmw51XgWHUIl9V2UtvXJQz2iwKr-irsDFHSBNgJcvie2pXLS8Q3rbKxxgCbxt2rg3Fyxfl7bZU1awiEOEMuF3YsLjT3DuQhKBvA-FGhvPMZGtuSg2o8I-iMVv2v3a5-CakAq74Fe0XTOQ&sig=Cg0ArKJSzEPz_oeHcoUFEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 25 Dec 2024 20:43:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Wed, 25 Dec 2024 20:43:00 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame BF8E 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

age
399479
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Sun, 21 Dec 2025 05:45:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 05:45:01 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
95786
x-xss-protection
0
server
sffe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BF8E 		218 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
br
etag
15965780714114583650
age
152
x-content-type-options
nosniff
expires
Wed, 25 Dec 2024 21:40:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 25 Dec 2024 20:40:28 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-QZQNK0Z14Z&gtm=45je4cc1v9164394854za200&_p=1735159378110&_gaz=1&gcs=G111&gcd=13t3t3t3t6l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&gdid=dYWJhMj&ul=en-us&sr=1600x1200&cid=764885032.1735159379&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2F1685fea9.613293428.xyz%2F&dt=%E5%A4%A7%E7%B4%80%E5%85%83%20%7C%20%E5%A4%A7%E7%B4%80%E5%85%83%E6%96%B0%E8%81%9E%E7%B6%B2&sid=1735159380&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2655
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QZQNK0Z14Z&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://1685fea9.613293428.xyz
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 20:43:00 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
559 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QZQNK0Z14Z&cid=764885032.1735159379&gtm=45je4cc1v9164394854za200&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t6l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QZQNK0Z14Z&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.207.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://1685fea9.613293428.xyz
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 20:43:00 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 55A4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-QZQNK0Z14Z&gacid=764885032.1735159379&gtm=45je4cc1v9164394854za200&dma=0&gcs=G111&gcd=13t3t3t3t6l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1013639071
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QZQNK0Z14Z&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.204.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1685fea9.613293428.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Dec 2024 20:43:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
modules.60031afbf51fb3e88a5b.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.60031afbf51fb3e88a5b.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-5078219.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.56.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-56-49.iad61.r.cloudfront.net
Software
/
Resource Hash
e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

x-robots-tag
none
content-encoding
br
etag
"b4a1a7933e55e780894c3f39b1aca0b4"
age
636713
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
OH4UiMOw4-VwV0RIFJZKRDnMJ0anuzTjiBR7FAUf3KwYwhh_CQQfRw==
date
Wed, 18 Dec 2024 11:51:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 18 Dec 2024 11:50:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 80aa189f24b00266add6baaca0818654.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56408
x-amz-cf-pop
IAD61-P5
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=24003086&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1735159380132&ns_c=UTF-8&cs_cfg=1001110&cs_ucc=1&cs_cmp_id=28&cs_cmp_rt=0&cs_cmp_av=1.1&gpp_sid=8&c7=https%...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1735159380132&ns_c=UTF-8&cs_cfg=1001110&cs_ucc=1&cs_cmp_id=28&cs_cmp_rt=0&cs_cmp_av=1.1&gpp_sid=8&c7=https...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1735159380132&ns_c=UTF-8&cs_cfg=1001110&cs_ucc=1&cs_cmp_id=28&cs_cmp_rt=0&cs_cmp_av=1.1&gpp_sid=8&c7=https%3A%2F%2F1685fea9.613293428.xyz%2F&c8=%E5%A4%A7%E7%B4%80%E5%85%83%20%7C%20%E5%A4%A7%E7%B4%80%E5%85%83%E6%96%B0%E8%81%9E%E7%B6%B2&c9=
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H2
Server
3.167.37.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-37-16.iad61.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

via
1.1 c09e1ee371c0b677b7724c2a52462928.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
gd1a8ZikCpb0FESU3qbNJ4TWrGrmvcK_RSnFU5KUWV2eA2eQGJS_Rg==
date
Wed, 25 Dec 2024 20:43:00 GMT
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
IAD61-P4

Redirect headers

location
/b2?c1=2&c2=24003086&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1735159380132&ns_c=UTF-8&cs_cfg=1001110&cs_ucc=1&cs_cmp_id=28&cs_cmp_rt=0&cs_cmp_av=1.1&gpp_sid=8&c7=https%3A%2F%2F1685fea9.613293428.xyz%2F&c8=%E5%A4%A7%E7%B4%80%E5%85%83%20%7C%20%E5%A4%A7%E7%B4%80%E5%85%83%E6%96%B0%E8%81%9E%E7%B6%B2&c9=
accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 c09e1ee371c0b677b7724c2a52462928.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
iIaGnUC9OJG3sTnupeX6Rq852szfMBbZDV0pU0jgSXtE-Uvpa0rt4w==
date
Wed, 25 Dec 2024 20:43:00 GMT
x-amz-cf-pop
IAD61-P4
rules-p-a128V7tctPVtT.js
rules.quantcount.com/ 		3 B
447 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-a128V7tctPVtT.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-12.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

etag
"8a80554c91d9fca8acb82f023de02f11"
age
44325
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
tbBVCln16tQ8HK1uTuyzE_MuJJ1YtQqlZWZDPbBI9hvwB23cTBfNoQ==
date
Wed, 25 Dec 2024 08:24:16 GMT
content-type
application/javascript
last-modified
Sat, 04 Mar 2017 20:44:26 GMT
vary
Accept-Encoding
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
via
1.1 22e9d361a9c4153886c1c8aa0eb4ffa8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
3
x-amz-cf-pop
IAD89-C3
server
AmazonS3
ProcessStats.aspx
fe.sitedataprocessing.com/fewv1/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fe.sitedataprocessing.com/fewv1/ProcessStats.aspx?host=https%3A//1685fea9.613293428.xyz&host_name=1685fea9.613293428.xyz&page=/&query_string=&anchor=&title=%2520%2520&cur_sess_id=&cur_visitor_id=&h=10&m=43&s=0&account_id=6bI19djvk2&dgmt=Wed,%2025%20Dec%202024%2020:43:00%20GMT&vresol=1600x1200&ref=
Requested by
Host: data.processwebsitedata.com
URL: https://data.processwebsitedata.com/cscripts/6bI19djvk2-65998ff5-a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2e30e66ce603b4c1884ac74a507ca4d46c9fb6201bab03bdf79003049c5cb94c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
private
x-aspnet-version
4.0.30319
content-encoding
gzip
x-timer
S1735159380.304203,VS0,VE79
via
1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache
MISS, MISS, MISS
content-length
955
date
Wed, 25 Dec 2024 20:43:00 GMT
content-type
text/javascript; charset=utf-8
x-served-by
cache-chi-klot8100103-CHI, cache-chi-klot8100119-CHI, cache-hhr-khhr2060032-HHR
server
Microsoft-IIS/10.0
x-cache-hits
0, 0, 0
vary
Accept-Encoding
lc2.js
b-code.liadm.com/ 		135 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/lc2.js
Requested by
Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/jsstore/a/ZRKH4W9/ge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-43.iad12.r.cloudfront.net
Software
/
Resource Hash
c1878ba38df9888e54f7fbb3c9ae4d7afb0e48034507d6d39f8bedd3d02f52d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
public,max-age=86400
content-encoding
gzip
age
11118
via
1.1 3542174e2d71e2c3dffc0069aa7cbb34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
kG6jAnGtlsYCX-fhj2kOq5Fa9f6t76aYieZ6-ofViO_WezDbAVR-fQ==
date
Wed, 25 Dec 2024 17:37:43 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
cs
a.usbrowserspeed.com/ 		0
148 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.usbrowserspeed.com/cs?pid=6a9590e1e862a56eb7dc74c87ff0719c6ae754ea069fe1e0dcccfce1ce896bab&puid=6bI19djvk2-nzakaMI6bONDsYQ7hqUd3WRUKV5RX0R
Requested by
Host: fe.sitedataprocessing.com
URL: https://fe.sitedataprocessing.com/fewv1/ProcessStats.aspx?host=https%3A//1685fea9.613293428.xyz&host_name=1685fea9.613293428.xyz&page=/&query_string=&anchor=&title=%2520%2520&cur_sess_id=&cur_visitor_id=&h=10&m=43&s=0&account_id=6bI19djvk2&dgmt=Wed,%2025%20Dec%202024%2020:43:00%20GMT&vresol=1600x1200&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.193.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-193-153.us-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

date
Wed, 25 Dec 2024 20:43:00 GMT
server
awselb/2.0
did-003x.min.js
d-code.liadm.com/ 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d-code.liadm.com/did-003x.min.js
Requested by
Host: fe.sitedataprocessing.com
URL: https://fe.sitedataprocessing.com/fewv1/ProcessStats.aspx?host=https%3A//1685fea9.613293428.xyz&host_name=1685fea9.613293428.xyz&page=/&query_string=&anchor=&title=%2520%2520&cur_sess_id=&cur_visitor_id=&h=10&m=43&s=0&account_id=6bI19djvk2&dgmt=Wed,%2025%20Dec%202024%2020:43:00%20GMT&vresol=1600x1200&ref=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-35.iad50.r.cloudfront.net
Software
/
Resource Hash
671fba44a1d1b22cd45fb664f646b5dc547ea91b1b11d999275f4302cacca056

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
public,max-age=86400
content-encoding
gzip
age
17915
via
1.1 5451b84324d9bca0bdd03e4c4009ae10.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
tcTuAC2HpsN2_RZpJploD_WE6N9rAI_3zvQeFltsxH70fimODnPd7A==
date
Wed, 25 Dec 2024 15:44:26 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-cf-pop
IAD50-C2
pixel;r=1982927241;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2F1685fea9.613293428.xyz%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241218104323;ref=;dst=0;et=1735159380723;tzo=600;ogl=locale.zh_TW%2Ctype.website%...
pixel.quantserve.com/ 		35 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1982927241;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2F1685fea9.613293428.xyz%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241218104323;ref=;dst=0;et=1735159380723;tzo=600;ogl=locale.zh_TW%2Ctype.website%2Curl.https%3A%2F%2F1685fea9%252E613293428%252Exyz%2Fwww%252Eepochtimes%252Ecom%2Csite_name.%E5%A4%A7%E7%B4%80%E5%85%83%20www%252Eepochtimes%252Ecom%2Ctitle.%E5%A4%A7%E7%B4%80%E5%85%83%2Cdescription.2000%E5%B9%B4%E5%9C%A8%E7%BE%8E%E5%9C%8B%E5%89%B5%E7%AB%8B%E7%9A%84%E5%A4%A7%E7%B4%80%E5%85%83%252C%E7%9B%AE%E5%89%8D%E6%98%AF%E5%85%A8%E7%90%83%E6%9C%80%E5%A4%A7%E7%9A%84%E4%B8%AD%E6%96%87%E5%92%8C%E5%A4%9A%E8%AA%9E%E7%A8%AE%E5%A0%B1%E7%B4%99%E8%88%87%E7%B6%B2%E8%B7%AF%E5%AA%92%E9%AB%94%E3%80%82%E5%A4%A7%E7%B4%80%E5%85%83%E7%82%BA%E8%AE%80%E8%80%85%E5%91%88%E7%8F%BE%E6%9C%80%E5%BF%AB%E6%9C%80%E6%BA%96%E7%A2%BA%E7%9A%84%E4%BF%A1%E6%81%AF%EF%BC%9B%E7%A7%89%E6%89%BF%E6%99%AE%E4%B8%96%E5%83%B9%E5%80%BC%252C%E5%A0%85%E6%8C%81%E7%8D%A8%E7%AB%8B%E5%8E%9F%E5%89%87%252C%E6%8F%AD%E9%9C%B2%E8%A2%AB%E4%B8%AD%E5%85%B1%E6%8E%A9%E8%93%8B%E7%9A%84%E7%9C%9F%E7%9B%B8%252C%E7%82%BA%2Cimage.https%3A%2F%2F1685fea9%252E613293428%252Exyz%2Fi%252Eepochtimes%252Ecom%2Fassets%2Fuploads%2F2017%2F02%2FDJY_FB_De;ses=d690e06a-4578-4966-a8fa-ea6afe5c6cbd;d=613293428.xyz;uht=2;fpan=1;fpa=P0-2031887814-1735159380725;pbc=;gdpr=0;gpp=DBABBg~BVoIAAKA.QA;gpp_sid=8;mdl=
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

strict-transport-security
max-age=86400
cache-control
private, no-cache, no-store, proxy-revalidate
pragma
no-cache
expires
Fri, 04 Aug 1978 12:00:00 GMT
content-length
35
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date
Wed, 25 Dec 2024 20:43:00 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 31F3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 25 Dec 2024 20:43:00 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 31F3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWE7iSStpgco5zvK4Ue6C-yHewazPffXE0UpLiCED8v4nv_51i5k1Wfq77-zpZ3tQBr-XYVxWxHz_4I1BzjQZQaN7vvzpk2LlBAJdNXWgdrIC5cz-vx4PSOf4M_iSFK_bl5MqZ8alMS5FbldAbxiSTue1CzwYyDaH3hD_H6Z2cl41E2Yu9PPeNA9S6-JU-765iVB6SY-QRs9YnNZo34WgpCSOxhiotspm-ho6uNLIB7lM7WdTHpWq6HoeNFKRtclVxX-8CFlar9g0kCNAx_O_vWPCl4gN52ujfSunwWDy77bOSk2du_ySNlceLlvJtkEY7D-1uOXG90tOmmWC74Ah44wGUdIxedRKDkdTVdTaiV4M0JJ7MUlprhI-2b6BzTsygaNOMF9F-7PgRcGKSv80WxA&sai=AMfl-YQg853EXQOPcBJnZ9Ybf68W5B0YDr0RY0qQD33VL5tjOCrLmdYMZSWS_Y-P5WcbiWcIK8R2TJY0283dAA5-yiH9xZtEwf6pvMdm9S_CY2NKxpvSp60Os4LiGc_0lnb80b_Z8S8X7WyqjM0weDflwA&sig=Cg0ArKJSzMP_fbyQ7-WhEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 25 Dec 2024 20:43:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Wed, 25 Dec 2024 20:43:00 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame BF8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 25 Dec 2024 20:43:01 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame BF8E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0f37415d36624a1f3a9a2452de0dcdadd2d1f3e1cbc6e5d688210ae356cb1b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
1877878210361568303
tpc.googlesyndication.com/pimgad/
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODXwMaYfRDGAxiEBygBMggjbRKM-KeIdw
  • https://tpc.googlesyndication.com/pimgad/1877878210361568303
115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pimgad/1877878210361568303
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H2
Server
173.194.66.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f132.1e100.net
Software
sffe /
Resource Hash
094b9b5c071d17a7407882525a77ca0741774ae8bdee8af83766d870a99737ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Thu, 25 Dec 2025 20:43:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Wed, 25 Dec 2024 20:43:01 GMT
content-type
image/jpeg
last-modified
Mon, 07 Oct 2024 15:17:28 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
117910
x-xss-protection
0
server
sffe

Redirect headers

cache-control
public, max-age=2592000
location
https://tpc.googlesyndication.com/pimgad/1877878210361568303
timing-allow-origin
*
age
10807
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 24 Jan 2025 17:42:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
x-xss-protection
0
date
Wed, 25 Dec 2024 17:42:53 GMT
content-type
text/html; charset=UTF-8
server
cafe
15228727800630933301
tpc.googlesyndication.com/pimgad/
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODXwIa1XRDHAxiEBygBMgiCN8kSc9SH9g
  • https://tpc.googlesyndication.com/pimgad/15228727800630933301
121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pimgad/15228727800630933301
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/
Protocol
H2
Server
173.194.66.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f132.1e100.net
Software
sffe /
Resource Hash
e51207bdc2e0d733740e0c5378b3139ab07b0c3238abb6543286448f71f30d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Thu, 25 Dec 2025 20:43:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Wed, 25 Dec 2024 20:43:01 GMT
content-type
image/jpeg
last-modified
Mon, 07 Oct 2024 15:17:28 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
124125
x-xss-protection
0
server
sffe

Redirect headers

cache-control
public, max-age=2592000
location
https://tpc.googlesyndication.com/pimgad/15228727800630933301
timing-allow-origin
*
age
10807
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 24 Jan 2025 17:42:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
x-xss-protection
0
date
Wed, 25 Dec 2024 17:42:53 GMT
content-type
text/html; charset=UTF-8
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame BF8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuC0O5J4fvU1rXEdb_Q3Znr2q6UK0z5T3Hx5sTRJL9hnWIdf926iX_i7Kz6l412F3DjJmDNXVnrinRrMjgpFc681ujSlXb3NJEuaW_NKCGyfLvEuyHFfIqliVcU9lqbP9MbjYzePA5dTcCEKOWhOCP-22MW_IU2KElUeYSID9-OiMSYgBTqqk7qsqZMz5e04DtXXq78Ty0XFyXZtSdWPqhva2BjPVS9o0ONK6IezvGGV_5Zn3ocY8a7xLkHEz3PYF8Vf4tg6gfjey09PDL1mXblaCRscYASow0NsHjUbiUFBM4IEFPcLZJbAxb0wUo_I0Mm-Yt_xhw84uFbgqCfvOoypVPyY-FpYDbOgPUw3a67Wl9tvvumIQbtGvF8fPS0qhj2YTP8dYg68qv7Ib0E0kXbX90Azig&sai=AMfl-YTww4woxjFNSHtyAVi8Q6DO0qx2fy2LJP-ITj6hYUwQfnIoDuwFB0TfKywYHCfpGoi084hyBxy-n5g-BQjVLhNwoKC5c7NQgSaFzqBqAnvEWfDiv6MM2eQHiDbWFrsX3ThFimtoC5xjB0Pq7Hcl6g&sig=Cg0ArKJSzB_oRPjmxI2AEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 25 Dec 2024 20:43:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Wed, 25 Dec 2024 20:43:00 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 31F3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 25 Dec 2024 20:43:00 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame BF8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 25 Dec 2024 20:43:01 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
any
idx.liadm.com/idex/did-003x/ 		242 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-003x/any?duid=f1271ab729e2--01jfzrxz6mqrb72nkgmc90ehag&did=did-003x&cd=.613293428.xyz&pu=https%3A%2F%2F1685fea9.613293428.xyz%2F&gpp_s=DBABBg~BVoIAAKA.QA&gpp_as=8&pv=6391ce53-53eb-471e-9dea-78b9f38df9c9&resolve=nonId&resolve=md5&resolve=sha2
Requested by
Host: d-code.liadm.com
URL: https://d-code.liadm.com/did-003x.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.220.97.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-220-97-187.compute-1.amazonaws.com
Software
/
Resource Hash
9495d2d052ba2a0cf70fea9f4dec2e1dd00c349166700524a19583f843bf3761
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=86399, private
trace-id
378993f8adb5baba
request-time
16
access-control-allow-credentials
true
expires
Thu, 26 Dec 2024 20:43:01 GMT
access-control-allow-origin
https://1685fea9.613293428.xyz
content-length
242
date
Wed, 25 Dec 2024 20:43:01 GMT
content-type
text/plain; charset=UTF-8
vary
Origin
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
9fdb440212d047428b05c463584fba4107660b7f707f5bd89a0a29f65c73ae1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13232
date
Wed, 25 Dec 2024 20:43:01 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.ico
1685fea9.613293428.xyz/ 		8 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://1685fea9.613293428.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bf6ac2cdeb4856d00c4daed62881cfd1acbe76061419c6d03866ea641da940e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NF4Z%2Fo95DHA%2FfeBNK92HWIOVxiUAsnQbxtHh8vrXizK6scYfJfNw1rC3bjgrGWnx4La1OEnD41KJbaW5QcaARIWRCgjeMRC4ZDfbgNUV8ybLmxmIQWoZTVBp73sPEZPOihW89S5vvqZH"}],"group":"cf-nel","max_age":604800}
cf-ray
8f7ba938081e7d71-LAX
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=63009&min_rtt=61231&rtt_var=1923&sent=5835&recv=768&lost=393&retrans=393&sent_bytes=6763604&recv_bytes=84726&delivery_rate=396&cwnd=835440&unsent_bytes=0&cid=aec745da2a26ef0f&ts=4216&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 20:43:01 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
activeview
pagead2.googlesyndication.com/pcs/ Frame 31F3 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3_BDjwYV0H0NzP8rZFllELNXL05ENYBR64hSdu1_hJ6NhSUOgPdHhazX9geYwiTXhdIErHzxi3E70NS68iN1Ne4OZ2-6gRGYuucHgBZvvUDdKK1yIbj50jRlwVMIkJrNIXglU30HL5I-8igUU1EJynN9RzhVdET6S-zAcYorOSZhfSX0NeYqtANQgGYOfgKhQgg&sig=Cg0ArKJSzE7oVsBavXimEAE&id=lidar2&mcvt=1000&p=180,315,294,1285&tm=1041.8999996185303&tu=42.10000038146973&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1494162673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3109218000&rst=1735159379859&rpt=970&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 25 Dec 2024 20:43:01 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.175.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f132.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Wed, 25 Dec 2024 20:43:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 20:43:02 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
ProcessLEvent.aspx
fe.sitedataprocessing.com/fewv1/ 		0
201 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fe.sitedataprocessing.com/fewv1/ProcessLEvent.aspx?account_id=6bI19djvk2&cur_sess_id=nzakaMI6bONDsYQ7hqUd3WRUKV5RX0RfN9M7f0FBH7yj9o&cur_visitor_id=nzakaMI6bONDsYQ7hqUd3WRUKV5RX0R&chkid=4be58619efce56dd4e6d5d47002ad44003f0771ee658525e837165c67e2ca883&date=1735159382147
Requested by
Host: fe.sitedataprocessing.com
URL: https://fe.sitedataprocessing.com/fewv1/ProcessStats.aspx?host=https%3A//1685fea9.613293428.xyz&host_name=1685fea9.613293428.xyz&page=/&query_string=&anchor=&title=%2520%2520&cur_sess_id=&cur_visitor_id=&h=10&m=43&s=0&account_id=6bI19djvk2&dgmt=Wed,%2025%20Dec%202024%2020:43:00%20GMT&vresol=1600x1200&ref=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
private
x-aspnet-version
4.0.30319
x-timer
S1735159382.182563,VS0,VE76
via
1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache
MISS, MISS, MISS
content-length
0
date
Wed, 25 Dec 2024 20:43:02 GMT
content-type
text/javascript
x-served-by
cache-chi-kigq8000104-CHI, cache-chi-kigq8000104-CHI, cache-hhr-khhr2060032-HHR
server
Microsoft-IIS/10.0
x-cache-hits
0, 0, 0
j
rp.liadm.com/ 		13 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp.liadm.com/j?dtstmp=1735159382207&did=did-003x&se=e30&duid=f1271ab729e2--01jfzrxz6mqrb72nkgmc90ehag&tv=v3.6.0&pu=https%3A%2F%2F1685fea9.613293428.xyz%2F&wpn=lc-bundle&wpv=v3.6.0&gpp_s=DBABBg~BVoIAAKA.QA&gpp_as=8&cd=.613293428.xyz&c=PHRpdGxlPuWkp-e0gOWFgyB8IOWkp-e0gOWFg-aWsOiBnue2sjwvdGl0bGU-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LmVwb2NodGltZXMuY29tIj48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iMjAwMOW5tOWcqOe-juWci-WJteeri-eahOWkp-e0gOWFgyznm67liY3mmK_lhajnkIPmnIDlpKfnmoTkuK3mloflkozlpJroqp7nqK7loLHntJnoiIfntrLot6_lqpLpq5TjgILlpKfntIDlhYPngrroroDogIXlkYjnj77mnIDlv6vmnIDmupbnorrnmoTkv6Hmga_vvJvnp4nmib_mma7kuJblg7nlgLws5aCF5oyB542o56uL5Y6f5YmHLOaPremcsuiiq-S4reWFseaOqeiTi-eahOecn-ebuCzngrrlj5fov6vlrrPogIXnmbzogbLjgIIiPjxoMT48c3BhbiBjbGFzcz0ibG9nb190ZXh0Ij7lpKfntIDlhYPmlrDogZ7ntrI8L3NwYW4-PGltZyBzcmM9Ii9hc3NldHMvdGhlbWVzL2RqeS9pbWFnZXMvREpZLVdlYi1Mb2dvLW5ldy5wbmciIGFsdD0i5aSn57SA5YWDIj48L2gxPjx0aXRsZT5CYWNrIEJ1dHRvbjwvdGl0bGU-PHRpdGxlPlNlYXJjaCBJY29uPC90aXRsZT48dGl0bGU-RmlsdGVyIEljb248L3RpdGxlPg&pv=6391ce53-53eb-471e-9dea-78b9f38df9c9
Requested by
Host: d-code.liadm.com
URL: https://d-code.liadm.com/did-003x.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.229.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-229-6.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1685fea9.613293428.xyz/

Response headers

x-pixel-event-id
930f3a0d-5132-4e42-8cef-cbc3915be105
access-control-max-age
86400
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
https://1685fea9.613293428.xyz
content-length
13
date
Wed, 25 Dec 2024 20:43:02 GMT
content-type
application/json
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame D909 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.175.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1685fea9.613293428.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2124
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Dec 2024 20:07:40 GMT
expires
Wed, 25 Dec 2024 20:57:40 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame ACCB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f106.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0SxviYAMOuL8EgmBB2xfKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1685fea9.613293428.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-0SxviYAMOuL8EgmBB2xfKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Dec 2024 20:43:03 GMT
expires
Wed, 25 Dec 2024 20:43:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-64JWG501SB&gtm=45je4cc1v9115041777za204&_p=1735159378110&gcs=G111&gcd=13t3t3t3t5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&gdid=dYWJhMj&cid=764885032.1735159379&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&sid=1735159378&sct=1&seg=0&dl=https%3A%2F%2F1685fea9.613293428.xyz%2F&dt=%E5%A4%A7%E7%B4%80%E5%85%83%20%7C%20%E5%A4%A7%E7%B4%80%E5%85%83%E6%96%B0%E8%81%9E%E7%B6%B2&_s=2&tfd=7467
Requested by
Host: 1685fea9.613293428.xyz
URL: https://1685fea9.613293428.xyz/www.googletagmanager.com/gtag/js?id=G-64JWG501SB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://1685fea9.613293428.xyz/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://1685fea9.613293428.xyz
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 20:43:04 GMT
content-type
text/plain
server
Golfe2
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dmp-c.socoms.net
URL
https://dmp-c.socoms.net/dmp/js/dmp.js
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412090101&jk=1181231655909751&bg=!g4ClgM_NAAbtGp3CzRo7ADQBe5WfOIUUPs2_T9FEOtHe7_bWiXcEXTdolBmiOAv0aGsleDnF2knKuTiryNAET3LEynBgAgAAAFFSAAAAA2gBB34ANuCxj7L_9J5saa5CmSvXTg-MKPz3O-_Y21D0l7DHjENiyE74ZyTgvhG_Y7vunPnO9iljCF6jR5kCmL19l02zBgYkjtDtYic2fR2hff_8BQwUd_jY4IJJbkMMt641fZ8UWZJXNmVQ6us5UaOmMsV7zXLUM7HFygh3rg2RJVcujBh822HBZBaMR8---RYYFnguhV26eLxGloDpCkR4lTXLb2K0-_rE9t15RSNzx3F9b4uia2bQFdJVbyJ3aIjjqn6kBiKfZEdyfd8wMJGEa1DuTnqD2HZnxVByV0L91DuOcBVFILvpWNR1Tl78A0f601Cd5Z255PdaQu9cl-d2bNigO1DHha9ltklJOyNef6UROK0DVVzG-hgGDireNGY2BNIsmpkKPrgCTSnPPBBkqfcoDjZ9EYHt77PIbHS--wZLXv0M3pcQxGXLYb47EpPqbUQ_OMZwiaYLc8rsMFKZcFI-v0Fbi0qR-GTQr-KPa0WOrWNZLmz-ay6eRH52vjyc2Vov3ax-qmzSEOuexdBRwANKQfQa-IV-1IIohhzuJJ0g_IFyL1gHeibkZaDZmWe32XLz3BUqFejaV5Icb3MVMZliSUprc9GGtrtS6TwiSaI5RnnYSHsB1Xc7S_vQFRU9Hm30WIf0BYATWFqrlCIRFN-xW3YBRM5NiWz3yyU7UGuwIZ-nvNeUL8IOhvS_rb9FborNUwO8q3nKbjP0gwy-7IonN4M4s8vcj0ewXUgkVpnK1nVH9ainNXdnzsx0JUcGK4sFUCYNtJU8skDZr1nh2AhHBUUQB8N_d26hTFuiQjZRfdqu7c2DCU3eFHIouaqBJy0o8Zv0m1JdPJee43_YMY5ynSZ0wXhA4MIX-6PX5pUsh5bYF715n6qBYBEGRQs_NFBAt3yNUmeIFNYXyf7d-S8y_gNR9LLkqaGfbX4WUAjDTATxB_W1DUaiByHNFId8XCy66ZE

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| OptanonWrapper string| djy_domain string| encoding function| exploreSantuiLicense object| epochload object| slots function| loadGTM object| dataLayer object| ga4_para_obj function| gtag function| loadGA string| djy_ga_id string| GoogleAnalyticsObject function| ga object| OtTrustedType function| $ function| jQuery number| openx_hb_floor string| ajaxurl function| load_local_instant_news function| load_local_news function| load_mailmunch function| ednBidders function| oxZoneId function| display_ads function| renderOxAd function| renderGoogleTagWithTracking function| doPostBid function| renderPostbidAd function| renderDefaultFallback function| createAdHtmlForDiv function| hideGoogleContainer function| transparentAdContainer function| ixbid boolean| windows_focused function| isIpad object| jQuery111306269848655062904 number| PREBID_TIMEOUT object| googletag function| getRootDomain object| pbjs function| display_ads_no_hb function| add_lazy_load_section function| recaptchaCallback function| __gpp object| otStubData object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| pbjsChunk object| _pbjsGlobals object| ggeac object| google_js_reporting_queue object| otIabModule object| Optanon object| OneTrust string| OnetrustActiveGroups string| OptanonActiveGroups object| gaplugins object| gaData function| postscribe object| google_tag_manager_external function| hj object| _hjSettings object| _qevents object| _comscore object| _paq object| front_skin_ad object| google_reactive_ads_global_state object| google_tag_topics_state number| google_unique_id object| scriptFe object| scriptFeHeadElement object| geq object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| COMSCORE object| ns_p function| quantserve function| __qc object| ezt string| vv_curHost function| GeAnalytics function| geLoadLi function| _0x327c46 function| _0x59e2 boolean| geqpreprun function| run_ge function| _0x3d28 object| liQ object| _geq object| vvfr object| vvfsr object| scriptTag object| liQd object| liQHub object| liQd_did_003x object| GoogleGcLKhOms object| liQ_instances object| google_image_requests

24 Cookies

Domain/Path Name / Value
.liadm.com/j Name: lidid
Value: 55044770-7226-4485-896e-076737eb0695
.613293428.xyz/ Name: _ga
Value: GA1.2.764885032.1735159379
.613293428.xyz/ Name: _gid
Value: GA1.2.492405227.1735159379
.613293428.xyz/ Name: _gat
Value: 1
.613293428.xyz/ Name: __gads
Value: ID=ae38e5867ab5ee07:T=1735159379:RT=1735159379:S=ALNI_MYJrmLAfziivjreuB1BXGmyet8GoA
.613293428.xyz/ Name: __gpi
Value: UID=00000fc46efe8286:T=1735159379:RT=1735159379:S=ALNI_MaLxnudbCXnKw2DTrq-sBu8ngzTvg
.613293428.xyz/ Name: __eoi
Value: ID=07166a583554e510:T=1735159379:RT=1735159379:S=AA-AfjYYzceqew-F3BpN3HN2ba0v
.613293428.xyz/ Name: _ga_64JWG501SB
Value: GS1.1.1735159378.1.0.1735159379.59.0.0
.613293428.xyz/ Name: _ga_QZQNK0Z14Z
Value: GS1.2.1735159380.1.0.1735159380.60.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUkc-s_xjpbthTBWtap-BEfAQL59yG-Im1mVHWK8NDp0S-RIqiQ5uinAehyEofg
1685fea9.613293428.xyz/ Name: vv_process_id
Value: false
.scorecardresearch.com/ Name: UID
Value: 1A471d7755eb3427c65c49a1735159380
.scorecardresearch.com/ Name: XID
Value: 1A471d7755eb3427c65c49a1735159380
1685fea9.613293428.xyz/ Name: vv_session_id
Value: nzakaMI6bONDsYQ7hqUd3WRUKV5RX0RfN9M7f0FBH7yj9o
1685fea9.613293428.xyz/ Name: vv_visitor_id
Value: nzakaMI6bONDsYQ7hqUd3WRUKV5RX0R
.quantserve.com/ Name: mc
Value: 676c6e54-d7891-a983f-6274f
.613293428.xyz/ Name: __qca
Value: P0-2031887814-1735159380725
.a.usbrowserspeed.com/ Name: tuid
Value: 268d9998-ec4e-4288-b225-93ef50e77e2b
.613293428.xyz/ Name: _hjSessionUser_5078219
Value: eyJpZCI6IjRhZTUwYThiLTkxY2EtNTdkZS04NzZjLTBkYmJkZTIzNzkxYSIsImNyZWF0ZWQiOjE3MzUxNTkzODExMjMsImV4aXN0aW5nIjpmYWxzZX0=
.613293428.xyz/ Name: _hjSession_5078219
Value: eyJpZCI6IjJjMDllNjAwLTg0ZjgtNDQ2Zi04N2FkLTk1YzQ3ODA4ZTg0MSIsImMiOjE3MzUxNTkzODExMjQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.613293428.xyz/ Name: _li_dcdm_c
Value: .613293428.xyz
.613293428.xyz/ Name: _lc2_fpi
Value: f1271ab729e2--01jfzrxz6mqrb72nkgmc90ehag
1685fea9.613293428.xyz/ Name: _geuid
Value: 66825ea5-3a14-41ab-868d-f90d6401fda2
.liadm.com/ Name: lidid
Value: 55044770-7226-4485-896e-076737eb0695

1 Console Messages

Source Level URL
Text
network error URL: https://1685fea9.613293428.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 530 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1685fea9.613293428.xyz
a.usbrowserspeed.com
ajax.googleapis.com
analytics.google.com
b-code.liadm.com
c310d0e41dcfcc48387420bb9e39936c.safeframe.googlesyndication.com
d-code.liadm.com
data.processwebsitedata.com
dmp-c.socoms.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fe.sitedataprocessing.com
idx.liadm.com
pagead2.googlesyndication.com
pixel.quantserve.com
rp.liadm.com
rules.quantcount.com
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
script.hotjar.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
td.doubleclick.net
tpc.googlesyndication.com
websitevisitorleads.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
dmp-c.socoms.net
ep1.adtrafficquality.google
104.21.31.3
108.138.85.43
142.251.167.154
151.101.65.91
172.217.197.155
172.253.122.155
172.253.122.95
172.67.202.93
173.194.175.132
173.194.204.155
173.194.207.155
173.194.207.97
173.194.66.101
173.194.66.106
173.194.66.132
18.160.41.49
192.184.68.166
209.85.144.132
216.239.36.181
23.21.229.6
3.167.37.16
3.167.56.49
44.220.97.187
44.235.193.153
52.85.132.35
52.85.151.12
52.92.212.168
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
056aa84e33f2aba45a5359338c45374a933886ac3cbc5162d8d75e196f29085d
07c4b7ea7b5395ada51de736e22d450f0b5741688532f4f5ba32cc3601689adb
08d1a70b61efb0c2e5f8317f9e9d1f8572e9c859c19668983e3bda11229ba9ff
094b9b5c071d17a7407882525a77ca0741774ae8bdee8af83766d870a99737ab
0ae69ae8297e50dc67123f0074bfffb52db98f4338ad0d248e1aa29ce35f2a62
0def10c6a102ad537aa429d8d2022fde28aab5788774554dcc9eee722bcd94a7
123d788f866dbd040733ad6a4eb1b60db5e62b271d3e4ea0b69faa3e9621ccb2
1636ebb2d83d45e93371597e5f38e2d6c1578cfe92a09e4e7d209202e42159ec
16d4cb656766446dc7f96275c1d5b3505ba6c68089def8f62dcd7dd5eaf943ac
1907ce478c80150acd6da41477d2e0a6b4da409f150a3bcd3ae081b3aa696eb5
19352d23eb90d0c6b446b21446bfdeb6dc7c06b754d17f505fcf6f8df4cb1a65
1ac49e8c8bbad10ad7439fef4360f3dce6b9771c3fdd22c5cefc47c9f153a1d8
1ba93872e78136f3c503484024ef34e8c5eece00aa5ae4db0e41350351a5ee24
1c9ca7b1c9e80aa5371d6eb451310e6ddf7bc3f7d3b3df37af0837ee300783c7
1e0c9230e4569491cd4387257154fa31c77a67820c95de5c2c35dfc2c97c931d
1ec709a9c70d7ee9e0a06cebe1288aa688cd52476344c49145a343ac34a952b3
1f67232435552ed02e6806d97f23c8ea657db45a414e663b8bf4ad5cb52bb32e
20520d12046f3effe35957c788dbb97f07c9ea328dcebe9ab3ae94cbd26f14fc
228c4644cbb423f15425adb802519ecfa7b6784e0194f7b1d990a1786320fba4
23004dfc20b7b8cbaa345f8abdd33368bcd60599493ab42a324730503f41a97d
23c51d9d92d79bb234b4ef5e3dd5b9b4a3f9b99a37fa9531cee3e5681742bfc4
26c897f3a194f77b6e93d484de76c1c15153f817d7a8507d440df5a2bbf561b4
2991b9f00d1f1c62882436a630a60046647620e0d100acfb1980f81304e88678
2b7c0d1c111c4d46063e7756c5f3bec8b377904dbdf81d5f2f3f145bf799634d
2e30e66ce603b4c1884ac74a507ca4d46c9fb6201bab03bdf79003049c5cb94c
2edf5e2a13706002e8e919d7caed021b25e1bc3aefbe4a6b3bfa4fbae9ae8657
3007d1febad7bd1da3caffbd441661b014d8e1b997207d1be4fe0ece6ff8c869
323c648abef1b766ffe639811c2a09e5ed774338e7cc5c24fca836a58a19b44c
35ec416adfcc6936b9a466977a849b57bce0da4903bf3f2dfd395b5e08567edd
3a993b974684900ec3d702a39f4e08d637c92e54fd9b58075f3669ee313ef0b6
3abe3596f53664f64498d34666c43dc73aaad527626a8bfac2efbb499eed26b3
3af7dffe50033f9ba05f957886df82644353d4c4ad639acf972c3a90a81e7b2c
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3e34314941b5d15bfdd8f2d4253a4b889a4405f660646af030ec1c7085b21205
3e65ae4eb7a99f69fd8024f2bc9bc14e1424004fd73a7cc500be9e4e632deec0
3f6004a6c9021e04ec32ca88df8f9a5785e53da23511f1bf0d56defc1b9759f8
40927187bb5df950f343e95175b9de4d0d809a47c4839ec00d6aa7809fa78bf4
45191192e9de32c57f03bf30f18c11b1859af9d81e1dff0f62a10e94f0baf6a3
47a72130b49efb429a2eab56c589b0d6bb50ddffa58c7bef45c91716389fc98b
4a778d4a3a9d11b8827225c5f290b3906828f8a01cbe3c05477014292c3513f1
4d0a08771d5447cac92203e19137b6a31196ed860907c2453c21a9769b5865bc
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
504f0284aaac7aa2a77927fa81ff61f926b42aee61ef75c918833ee0d0116286
509b3b71459139f848a05cbbaba5868a6d21ae1a19ec7444ad0a0cdf0bf5ce44
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54b401abfd54359325fc9bf7555211e7850763999883c8309de7e158c6f1345d
5540e149c0e931b1b09216e00a96b0b77e0e0e3a56aceea8022a41db27f8f66d
5711c186d6281e8a9cb527687b3366e421ceba491d9f4becafe9e4ca3016ddf1
5a6360323b68421e203c13899c97a31d03390818bdbf487daca2603e24a023c0
5e7c649262c2116836dd1a4faf423685eba0aeb9c8e4c559484ba11b1c626b78
5f63c3fb57fcaad778efe5c4f77a3f3714aedeea55dc830b0840bacac35f2395
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
60940b1db49206113cb550da1db30b71e81e7b23e6f43c175121e8625f7c9c59
62bf26b111aa8c02fbd7e72009004a5c15836e85ea8c975be255054cafca5c54
65afe802898a31c28fe92e014c335174d8fd64205f83a6d3258bacc5c9bed2e4
65d8f4d7d0afdb322949e8345ce7c129cf42221e667e6b26c160fc9921d859c7
6615029ae57399fe012f43ea63f0d23569fecdd347bc841171b04e3b704c7431
663052518a7106d48f63e7876ba032560ead8162d707faaf6e4be05f2c53d59b
66cee9c7daf5d2b54f3cd6efd7e33b6f853a2adcd4a909d425e870a1316b7a5a
671fba44a1d1b22cd45fb664f646b5dc547ea91b1b11d999275f4302cacca056
68aa2469d475337def0133e940703c211b29affafcba17404163a7de8554c215
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6d2090369d3920c8aecc51bdf38bff510090270c50449311385f7684e925caa8
6ddf7777825129b7c6585d348d0716947dc44f2dda25ed519ece964c82439996
6e3d5bad69556d8cdd507cd18993c2f83231ab06b8ad1651fecdc08147ba38b8
74c77abcad4b26c53df85b12de4061625e38ec9b571a105fc15d5c7b7cb277ed
756101b5140b4741b48b19ce5b2cd31d3d5e5adc379d062acae25a2a79f8de98
76b1158ad07cac4ed5f9940e88dec1d789b21b1c39600cb56d0cf729533c9457
79aa27446548d6649a345d3a5f00d4d63c20b34c803e49ca242a06670ab8c7a1
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7cd6a3737860b0653498e7c6413dedef0c70ce4e7a817623ecfe4d14d6b14a1d
7d970c2042ab109f4174784dd6526b3c057a315981ccfff603cf09726943352c
7e5cacbb7a388da3df5373cfb2706556b946399a111334e85c428780677be7fd
8130d41604c6e3cb2e7c20b78844f1f370dac59a0744482aef9844caf9bd2c30
8220926b8e44c44eaeaf2d630bba9c371c761b6a4a8394990b6e647004c239d4
83f178ad3919c5e6ce51544f75c785828d95d5b9faf49421d37f8ad0a3e50ab9
8530a557cdd060b6d85516e0d52f6eea5b719173655e4600e5bed7528c98a4a0
859561a660d3c6604cf1aa015f16d783d23f7fe1cebad17cb34665e6aa96b16a
8628b6b56e13fe7580e34a927e3ff243c6c6342774db4e7e6b48efa7268a7059
88bdb32dd562441610e15c614247ff0f02a7893800111c6dab4b2daafa37c2f2
899c49d35b96fdce5151fcf82f7a0befe544e8b9d2658866839cce3bf9e63a4e
91c311884073b88c4493994882faa1bd2dec9377ffc3fc755d4d3938bae569f1
943f9933a9b9f9dab358a3def2b5262fbabe7d4d559004a705aa17ba2f1462ed
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
9495d2d052ba2a0cf70fea9f4dec2e1dd00c349166700524a19583f843bf3761
955f31a98ca8b4aae68afae6eba8c59392749d6bb529ad0070825f676a6f59d2
97357143ba5f4b253396104a155533b583bc95c2ebc80ef5a718c1e5ab34a779
9a1d04c390cbe559886fda1300e30bfbe80e90d970c721f1066a26949c9cef85
9a5e02f922c79e1ef596301a3835bb5ba75eb3803be51bd8ccd201be64ac0b4d
9a9dee6c9a756f7bcccc116603d9a4c9d7561b433e77fe8dc4fcccd8d8456306
9b6fe1f80ca2c797843de5e157819ca64f667077a6ce2549a7d72672f964d138
9bf6ac2cdeb4856d00c4daed62881cfd1acbe76061419c6d03866ea641da940e
9ecd69461d4cedcd9e280c9b16de139c17cf27bd92381a6b3a3cb02f00ce4bd3
9fdb440212d047428b05c463584fba4107660b7f707f5bd89a0a29f65c73ae1f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2e89237022f9727c109e78a489809c229382e850807c2165f7b737b3de4d331
a38be64c0d87b0dffc4ee7996a37e966e18b0448d2199424a9c2fe252de357e1
a5463f114b3ee40e5b1373aa222361e2ebe1ead7ba8ff7fe11718fff49601d63
a738cc9e0a13dc51620b22c68836174d457944bc8b16ae18e3d32050314fdd58
a8f72c991402f5dc20c18041fe76b6b1086542dc754a1288dca4d9ce2cdf7801
ae37ca1d944949e98d27b4e7701c15ce719d12fbd32ca30734c69a0f45ced0d8
ae6b7bc67ffccb3a47938ba8c83fee56ac05cb6a503cd13fea8f55146e154eee
af3e37f67d7375710d73f889dc57c6e3ec4f55216b08c0b1316ff2cba13cbaa9
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
b05828316cefe50955f2500d784ec5eac1f806336cf3bd2099bc12f89a7772b1
b258b8b193f3727793885b35c96a1b92afd8bd51f119b2e8eea282b3077a3d5e
b39fdaabfe63faca7d21b1ee38c593bb29663d70de9938eca8dd6159f405fe9a
b5c7bb4d9dfac774ef5aa24a8d9610107c5c8a4db0dee5837cff891212cd9994
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b681d802bfbf3ded05bf66fc061893e8bf1b129f278b09a47d0d718121ba3318
b7acb20043e9cf11cbba992fb35061cc7a080f37a7364ad8f1c051bad9325b45
b7e5ee9714b46c47a67be0329b8ccd2fcc3709493d5e22e8a055d1be6c7d9998
bb5b37bcb07cdc97b231126147cdffbda404b2a7ae19888158d27d95c70b6518
bbf1287bfcdb3d033b6748cacde563badc30784d0a307e025789749ebabc6f1c
bff7a0f12d5fb9ac16d2ad056c08506c49ae1d4b9db962e26eaf12d7b71fe38c
c0f37415d36624a1f3a9a2452de0dcdadd2d1f3e1cbc6e5d688210ae356cb1b5
c1878ba38df9888e54f7fbb3c9ae4d7afb0e48034507d6d39f8bedd3d02f52d5
c3b9e2ce037cd0a28750bd8b37dddc638c0406e51314f17f8854704e86cfbeb7
c68ebff511fd2319deda1559b95a8924136ab27d8aa22f545c401b4b4e757c9c
c9590f472f4ed63294a9584166d3fcd790a45013cdccc291aaa27e9ed81df8d0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbad76c7dcdc4a3ba7332dbbce23ba5ba291fa549f10f60d0e5bb813037e6bfe
ced1ff805da634c6372e00963a35174beafc5a13f5fd247cffbfe4059470784c
cfc9b8391b94a12772d63700e9d136f6e4d1afe7b2085cd2396cb599c6c2b476
d059f50f2636040db7a39de4f47f30295f8b73e3dac3c0358b5b5d8fdffcf13f
d1a5cd28c91494767bc2af988767cf282458e1141d22839fff55abac20f3d44b
d5a94082c308d41d0384f536d2879741f1be1fe93dd73fb3c7dd30f5f1219bcb
d6993a9c586f01e7a810a322aab7053ef1bf9f51b1f8a29c4f573375fd66c01d
d77a865894727f3a8ca1d21c08d5c19d682e2730f73a7e724df9db26270ebd78
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e08c5592bc9473f878505b62f57eb1fdc41f17c308a114f8519c4e9f49001987
e1003f0cc7f4d4ac24f4292eef67422cf2cfea5092de63f4aef73bd5c356e4ae
e3450d414ec609448350e04833904f49f66bbec1e900c0fedc9e523ed2ab8e03
e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51207bdc2e0d733740e0c5378b3139ab07b0c3238abb6543286448f71f30d96
e893bf895b9573c8a77537aab0d7d1598f37dfafad133ffb1a0ce9e8082bbd1e
e8cbf534350e2190f34aa56f17a26015db1e60660aba8a25bd9a9ed860d8393f
ebbe9787979aae29b009b84ee5fa645ae8931985f27187f205dd32852568c75e
ed8ae4a9766489e971f354d9547899bccb0541b9f0c6fa0a2f09e25348dc16a4
eed8316329a64a90470c0168b8c63c2b2512f5c19d42358ef33bd3a7aba17334
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
efb0462d2a72eb4d74358f13f328e6a95c750d3cde6dfd002c591ef78c9a24d4
f0798e9eee46ef685af975c8fe3490352ffb0b78f4f44a69b68357ac3637804b
f532daa1a9b13307d5c76f78256dfa5353966f86f7e8753ef604ca40eef44a09
f5897a877fec7c3b3ccc9eb2a2cdf5d015e8faa2f2b5a1f5116bcd40c7dd72c0
f6839ff284a7ab1150b2a6d0a22c308ca23e8ca3df88489232f715e181db7387
f81a622d5550eb9220a609e964745dca5fa20a4b36594863a916a46af58eeb4b
f8aa1759ed62f4df46854d15c40f67a4d0b938eb2dc00758f0243d44e0228264
fa07fa4a281568f00fd102174881cc939ff711cc72c5a65ba42e355e20953753
fe9fed0eb977ae992215ecece5c3f9efda2c6f1712fd64709c5e6fc998b81a01
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
ff57b5d31ee39857dc0dce899691ade51eae8ea454bb30050fe92ef2a58d7c32